Symantec Antivirus 9.0 Corporate now includes a POP and SMTP scanner. How
can I integrate ewall with the Symantecs new product?

Its probably intended for CLIENT scanning, like an outlook plugin/proxy ??

Didn't they have this in ver 8? Isn't that scanning incoming & outgoing
email? My real question is, what is the change? Perhaps I should update.

FLhr

No this is all new to version 9. They have lots of new features.

Spyware detection
Scans outgoing emails SMTP
Scans incoming emails POP3
In memory scanning

Straight from symantec.com.


a.. NEW! Expanded Threat Detection and Threat Categorization recognizes
unwanted applications
a.. such as spyware and adware
a.. NEW! Threat Tracer identifies the source of blended threat attacks that
spread via open file shares (e.g. Nimda)
a.. NEW! Outbound email worm heuristics prevent client systems from
spreading worms via email
a.. NEW! Internet Email Attachment Scanning of incoming emails delivered
through POP3 mail clients such as Microsoft® Outlook®, Eudora®, and Netscape
Mail
a.. NEW! Symantec VPN Sentry ensures systems are in full compliance with
corporate policy prior to accessing corporate network resources
a.. NEW! Store and Forward Alerts feature ensures that machines not
connected to the network store and forward event data to administrators
after reconnecting to the network
a.. NEW! In-Memory Scanning detects threats and can terminate suspect
processes in memory before they cause damage

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2004032215011248?OpenDocument&src=ent_hot&dtype=corp&prod=Symantec%20AntiVirus%20Corporate%20Edition&ver=9.0&tpre=

Isn't this more of a desktop version of AV. Seems like using a desktop
version to scan server based email isn't the best way to do scanning.

- Steve

I wouldn't consider Symantec Antivirus Corporate a desktop scanning
software. We are running it on all our servers and workstations in our
organization.

Fair statement.

Thanks for the post.

- Steve

lol

<bg>

- Steve

You may not consider it a desktop scanning software, but the email scanning
is for email CLIENT scanning, not server. While you are running it ON your
windows servers, it runs in basically two modes: 1) their own server that
receives reports, updates, etc. between the 'symantec' server and the
'symantec' clients (note that the symantec client could be a windows server
or vice versa) 2) client mode protecting the server it is installed on.

POP/SMTP is NOT new - some of their features are new, like checking password
protected files (bravo, symantec, you are the last to the table but at least
you got here)... but Incoming/Outgoing scanning has been available for
several years - initially they implemented by redirecting through their
builtin smtp server (if you remember it used to change your server to
127.0.0.1 and your account name to mail.mydomain.com
that). Then, i think in 2001 or 2002 version they made it more of a
transparant proxy type thing and they added outgoing scanning. So,
definitely, this is NOT new.

The av product is not created for 'inline' scanning such as with ewall, and
the problems, according to alex and others in the past has been:

1) a window pops up on the screen (kind of annoying on an unattended server
where it just sits there)
2) it doesnt have proper commmand line scanning and return codes.

Symantec makes full blown smtp gateway av products, but, this is not it.

I know. I am just curious if we can utilize the mail scanning ability with
ewall in SAV version 9.0. Now that they finally included a mail scanner.

Like Coz said, the mail scanner is for your mail client not you mail server.

Carl

Yes it is. I just thought some really smart person might be able to figure
out a way to use this feature with a mail server. I guess I was wrong. : (