Scanning encrypted Mails
Hi folk, I look for a solution to encrypt/decrypt mails. But, I have to scan them for malicous code also. All suggestions are welcome. I would prefer a centralized solution (8 Branches 500 Mails per day) I thought about a second DMZ to encrypt/decrypt on something like a keyserver. Then forward to the Contentscanner and then if the mails are clean forward to the internal Mailserver. Anybody out there know about a "keyserver"? thanks Peter
Hi folk, I look for a solution to encrypt/decrypt mails. But, I have to scan them for malicous code also. All suggestions are welcome.
Well you'd have to decrypt them on the server and then scan them. This makes the whole point of encryption rather pointless for most environments. Not only that but to automate the process the private keys would have to be on the server and accessible to some software (meaning if an attacker gets in chances are they could steal them).
I would prefer a centralized solution (8 Branches 500 Mails per day)
I thought about a second DMZ to encrypt/decrypt on something like a keyserver. Then forward to the Contentscanner and then if the mails are clean forward to the internal Mailserver.
Anybody out there know about a "keyserver"?
Not really, at least not one I'd want to put private keys in. Looks like you're going to have to go with AV software on each desktop, which isn't as bad as it sounds, for example a Norton salesdroid spent an hour extolling all the wonderful central administrative features and so on for their new software (this is not an endorsement for Norton). This is going to be an increasingly large problem, and I have some articles on the subject planned, the bad news is there aren't any easy solutions.
thanks Peter
-Kurt
On Thu, Nov 30, 2000 at 03:05:01AM -0700, Kurt Seifried wrote:
Not really, at least not one I'd want to put private keys in. Looks like you're going to have to go with AV software on each desktop, which isn't as bad as it sounds, for example a Norton salesdroid spent an hour extolling all the wonderful central administrative features and so on for their new software (this is not an endorsement for Norton).
This is going to be an increasingly large problem, and I have some articles on the subject planned, the bad news is there aren't any easy solutions. -Kurt
As I have used Norton Antivirus Enterprise edition before, let me share my opinion. It is awesome. From one host (yes, a nt server. deal with it) you can install the antivirus scanner, start scans, update the definitions(automatically too), set passwords on all the av stuff so that users can't toy with it etc. Its a really nice piece of software. Of course.. If you are using linux computers on the end... you don't really have much to worry about in the way of virii. -miah
participants (3)
-
jjohnson@penguincomputing.com
-
Kurt Seifried
-
Peter Lange