kadeng stated that Email Server scanning would only catch common mail viruses. I think you may have over simplified and generalized this a bit. If a reputable virus scanning program is implemented such as Symantec Anti-Virus for MSE, SAV Notes, or SAV for SMTP Gateways (to name common Symantec Platforms not intentional please forgive) or Sophos or Trend, then you are dealing with corporations that will keep their software up to date.

Granted as stated that email viruses at this point can only be detected via attachments within the body of an email, but unless a virus was born and released within the last 3 hours, all of the major software programs will detect, repair, clean, and/or delete if necessary.

Viruses as everyone knows have become more dynamic, and what used to be the only means of propagation (email) is rapidly becoming the least prefered method. Almost all of the Worms today will utilize Shares and such to transport themselves. So yes, email based protection is only one stage of security, and it is not all inclusive.

What you are suggesting is that the user may feel to secure if you offer them some security, and therefore be at a greater risk. Well, if this was the 80's or early 90's I would agree with you. However, now with corporate ethics and responsibilities it is no longer the case. An ISP can not afford, because of liability reasons to leave a mail server unprotected. If you don't mind the comparison it would be like me giving you a garage in the worst part of town so you can store you car, but I never lock it or check to make sure your car is their. The Garage belongs to me so technically it is my companies responsibility and I am just renting it to you, so if someone breaks in or the garage burns down then I am responsible, but what you suggest is that I should not lock it because the person might feel to comfortable and not lock it when they get home and park their car outside of their house unlocked??

Interesting thought. My money goes to an ounce of prevention.....