Is E-mail Scanning Really Needed ?

Hi Everybody,


I was browsing Thur the Outlook Express section ,of the Windows XP Newsgroups forum , when I noticed that on several posts, the forums MVPs said that a anti-virus's e-mail scanning function should be disabled because it is not needed :


"Email scanning should be turned off in any anti-virus. Also exclude EML files from the scan. It provides no protection not provided by the regular resident protection.


Besides that, McAfee and Norton are not compatible with Windows Mail and


Outlook Express and should be uninstalled."


I believe that they are saying that a anti virus program's real time protection will scan any files saved to the hard drive, so e-mail scanning is just a duplication of services .


Any ideas about this ?

Comments

  • Hello leoliver,


    That is absolutely correct. Just like the fact that HTTP scan provides the exact same level of protection as the Realtime Scan.


    But the difference is NOT at the level of protection, but at the level of disinfection. Should a malware come to your e-mail (as attachment, or not), the Realtime Protection will find it only AFTER it has been written on your HDD. That means it will be blocked, but you'll need to make disinfection (and you'll end up like many other users, asking questions like what's the X mail that is reported by BD as being infected??)


    But e-mail scan (as well as HTTP scan) protects you so that the malware is stopped BEFORE it reaches the HDD, so no other disinfection is needed.


    So: both enabling and disabling the option of scanning e-mail offers the same level of protection. But enabling the option makes your life easier in case of an infection. :)


    Cris.

  • Hello leoliver,


    That is absolutely correct. Just like the fact that HTTP scan provides the exact same level of protection as the Realtime Scan.


    But the difference is NOT at the level of protection, but at the level of disinfection. Should a malware come to your e-mail (as attachment, or not), the Realtime Protection will find it only AFTER it has been written on your HDD. That means it will be blocked, but you'll need to make disinfection (and you'll end up like many other users, asking questions like what's the X mail that is reported by BD as being infected??)


    But e-mail scan (as well as HTTP scan) protects you so that the malware is stopped BEFORE it reaches the HDD, so no other disinfection is needed.


    So: both enabling and disabling the option of scanning e-mail offers the same level of protection. But enabling the option makes your life easier in case of an infection. :)


    Cris.


    This question reminded me of another question for which I can't seem to find an answer. I believe in the value of email scanning and want the highest level of protection possible (eg, all files and inside archives). However, for "normal" real-time protection, I feel that "programs only" is probably good enough (for me, anyway) to avoid the cpu impact. Is there a way to configure this granularity? I do not see a way to configure email scanning separately from real-time. Thank you very much.


    Larry