My provider (Planet Internet (http://www.planet.nl/)) offers to scan your incoming mail for virusses. This scanning is done server-sided, and costs you 1.95 EUR each month, for each mailbox. (More info in Dutch (http://web.planet.nl/evs/))

Personally, I love the idea. I think it'll reduce the amount of virus-infected mail (and right now, 1 out of each 12 messages contains a virus, according to Pine Internet BV (http://www.pine.nl/virusscan.php3)).

This scanning thing has been introduced a couple of months ago, and since Planet is one of the larger ISP's in the Netherlands, I'm assuming it's one of the first to implement such a service. Two questions: Does your ISP offer a similar service?
Would scanning all mail reduse stress on a ISP's abuse- and helpdeskdepartments enough to actually make it profitable for them? Or: would the investment in a 'mailserver-scanning-server' (and it's maintenance) be profitable in the long run?

I am a senior partner of an expanding ISP firm in the USA's midwest, we have always had server-side scanning of all incoming and outgoing e-mail. We never even thought of trying to profit from this and have always concidered this as our responsibility to maintain a secure and virus free network. Besides, if it is located one one of my servers I want it gone! I do not know how much you already pay for your services, but I do know that 1.95 times 1000 is 1950.00 multiply that by 12 months and you have 23,400.00 our scanning software (Norton Corporate Enterprise Edition) runs us apx 5000.00 US$ to maintain per year. I really think they are trying to profit from peoples fears, IMHO I think they probably scan it anyway.

I think that server-side virus scan is great. We are using Trend Micro, and it's configured to send email alerts of the viruses that have been detected by the virus wall. It sometimes gets annoying, but overall it's a good piece of software. I do feel that the ISP should be held accountable for scanning email on their side, but I would still make sure that a client piece was installed on my workstation. A virus could get through or be spread by other means.

I do feel that the ISP should be held accountable for scanning email on their side, but I would still make sure that a client piece was installed on my workstation. A virus could get through or be spread by other means.

A good point I did not cover, we also don't guarrantee that a new or unknown virus won't get through, we reccomend that all client side computers maintain their own virus scanning software. This is one of the reasons why we do not charge for this service.

In todays paridigm it is necessary to offer multiple tiers of AV and Intrusion Protection. A company that makes you pay for this "Feature" should be considered shady, as this would seem to violate some form of business ethics. They provide a service, Yes, however that service should inculde AV. It does not cost your ISP very much to implement this option, at all and it takes little or no management to maintain.

The question really comes to this

What do they use at their perimeter? (Firewall, Gateway, AV)
What do they use on their Mail Server? (This governs the transmittal of viruses in house)
What DO YOU USE on your own System? (If you do not run an AV locally, you beg to be infected)

Answer those and you are on your way.

Im on Sprint Broadband (wireless Microwave) and Im wide open to the big bad internet 24/7
and get bumped, probed and pinged constantly. And as far as I know my mail service (which Sprint contracted out to earthlink) doesnt employ any virus scanning, but of course I do, (through several layers of programs) and with the exception of a Klez attachment (which I was smart enough to place in my zoo first) I havent been infected via email (downloads are another matter) :rolleyes:

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=#post) by Guus
My provider (Planet Internet (http://www.planet.nl/)) offers to scan your incoming mail for virusses. This scanning is done server-sided, and costs you 1.95 EUR each month, for each mailbox. (More info in Dutch (http://web.planet.nl/evs/))

Personally, I love the idea. I think it'll reduce the amount of virus-infected mail (and right now, 1 out of each 12 messages contains a virus, according to Pine Internet BV (http://www.pine.nl/virusscan.php3)).

This scanning thing has been introduced a couple of months ago, and since Planet is one of the larger ISP's in the Netherlands, I'm assuming it's one of the first to implement such a service. Two questions: Does your ISP offer a similar service?
Would scanning all mail reduse stress on a ISP's abuse- and helpdeskdepartments enough to actually make it profitable for them? Or: would the investment in a 'mailserver-scanning-server' (and it's maintenance) be profitable in the long run?


I think this is most certainly an excellent idea. As bArGuS_4_$ said, the more tiers of protection the better. My ISP does not currently do any scanning and I've heard no plans of them doing so in the future. It is however, something I believe that all ISP's should offer as part of their service, either with an extra fee or part of the normal contract itself. As far as making a helpdesk profitable, that's anybody's guess I'd say. I guess it really depends on the situation. I mean, if a helpdesk is getting swamped all day long with calls from users about viruses getting into their systems, then yes, the server-side scanning can do some good. But if a helpdesk is getting fair amounts of those calls plus the normal, "How do I", "Where's my...." questions, then maybe the scanning won't have such a great effect. But it's a great service to provide your users, and something I would much appreciate. But there again, the more systems you have in place to protect yourself the better - I know you'd never see me with no protection....

Just my thoughts...

I also use Planet and i did not like the idea!

Server-sided virusscan is one of the biggest dangers you can create as an isp.

Users may think they are safe but we all now they are not!

They will only catch common MAIL virusses and they will get into truble with their custommers when one slips through.


False sense of security......and they now it!

And also a lot of the virusses stay in a pc unknow by the user.
In some pc life more virii than you hold for pos.
The unknown user blames a bad working pc on the OS and not the multiple virii in it!!

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=#post) by kadeng

The unknown user blames a bad working pc on the OS and not the multiple virii in it!!

Conversely, they are willing to attribute almost anything to a virus infection, from HDD corruption do to improper shutdown, to hardware failure. Its the tech fall back, cant find what the real problem was? Blame a virus :p

My current provider doesn't offer the service and I don't want them to either. I used to have my mail scanned by my former provider, and that didn't work out very well. Sometimes the virus-scanner would remove an attachment when it was not infected. Then, to get the attachment I would have to email the mail-administrator etc etc. The virus-scanner was very thorough though, I never got a virus in my mail when using the ISP.

As for the cost, I never payed for the virus-scanning but I couldn't refuse to get my mail scanned either. But I think it's reasonable to pay for such a service if you want it. Still, the best thing is to use local virus-scannning with an auto-update function. That way you'll be safe from email-viruses and other viruses, a better service for you money.

kadeng stated that Email Server scanning would only catch common mail viruses. I think you may have over simplified and generalized this a bit. If a reputable virus scanning program is implemented such as Symantec Anti-Virus for MSE, SAV Notes, or SAV for SMTP Gateways (to name common Symantec Platforms not intentional please forgive) or Sophos or Trend, then you are dealing with corporations that will keep their software up to date.

Granted as stated that email viruses at this point can only be detected via attachments within the body of an email, but unless a virus was born and released within the last 3 hours, all of the major software programs will detect, repair, clean, and/or delete if necessary.

Viruses as everyone knows have become more dynamic, and what used to be the only means of propagation (email) is rapidly becoming the least prefered method. Almost all of the Worms today will utilize Shares and such to transport themselves. So yes, email based protection is only one stage of security, and it is not all inclusive.

What you are suggesting is that the user may feel to secure if you offer them some security, and therefore be at a greater risk. Well, if this was the 80's or early 90's I would agree with you. However, now with corporate ethics and responsibilities it is no longer the case. An ISP can not afford, because of liability reasons to leave a mail server unprotected. If you don't mind the comparison it would be like me giving you a garage in the worst part of town so you can store you car, but I never lock it or check to make sure your car is their. The Garage belongs to me so technically it is my companies responsibility and I am just renting it to you, so if someone breaks in or the garage burns down then I am responsible, but what you suggest is that I should not lock it because the person might feel to comfortable and not lock it when they get home and park their car outside of their house unlocked??

Interesting thought. My money goes to an ounce of prevention.....