Re: avast mail scanner problem

From: "FromTheRafters" <erratic@xxxxxxxxxxxxxxxxx>

Indeed, but most users don't.

E-mail scanning always did have one very slight chance of being advantageous. If an
exploit was found for a vulnerability in the e-mail client or its extensions, it could
react to it before the exploit code actually hit the e-mail client or its extensions.

Not a very likely scenario perhaps, and server side AV should be able to handle it
anyway. If the exploit code was fragmented, the server side AV might not catch it (only
looking at one chunk at a time) but your client side AV might be able to sew the parts
together (just like the client would) and reveal the exploit code.

Too far fetched to really make it worthwhile, especially considering the downsides to
using e-mail scanning like computing cost, timing problems, and the corruption issue.


It is likely scenario. For example Symantec on email server but Avira on desktop. Thus a
layered approach.

--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp


.