OT: Pop3 Proxy

[mikea]

On Thu, May 22, 2003 at 03:55:37AM -0500, Gary Morgan wrote:
> Yesterday I had a mass mailing virus get into the office.  At first I
> was quite surprised that it made it past Mailscanner.  I haven't seen a
> single virus in months (since I first installed Mailscanner).  After
> some investigation I found that it originated from someone in the office
> who was checking an external pop3 account.

> My first reaction was to block all external pop3 connections at the
> firewall.  My CT0 wasn't happy with that solution.  He thought it would
> cause to much of a disruption.  I had considered installing a pop3 proxy
> on each client machine (similar to Spam Assassign pro).  However that
> involves too much client configuration.  So my next idea was to setup a
> transparent pop3 proxy which would run some type of virus protection,
> and possibly a spam filter.

While MailScanner catches all but a *very* few of the nasties (I've
seen it pass exactly _one_ since it installed it, and I'm not sure
of the circumstances), it still is only a first line of defense. We
also run AV software on every system, just to catch stuff that gets
through or goes around MailScanner.

You really can't afford not to have two or more layers of defense.

--
Mike Andrews
mikea at mikea.ath.cx
Tired old sysadmin since 1964