Re: Virus Scan Notices in eMail

[Dan_Schrader () TRENDMICRO COM (Dan Schrader)]

Agreed

This is a misuse of a feature some banks asked us to add to the software.
They asked for a way to add a disclaimer to every outbound message so that
they could make certain recipients new that the email was not an official
approved statement from the corporation.  A few sites have started to use
this feature as shown below.  Bad idea - no product can guarranttee 100%
virus detection.

Dan Schrader
Trend Micro (the maker of InterScan VirusWall)
http://www.antivirus.com

> -----Original Message-----
> From: Colleen Tibbs [mailto:ctibbs () EAGLE YCP EDU]
> Sent: Wednesday, June 28, 2000 5:41 AM
> To: VULN-DEV () SECURITYFOCUS COM
> Subject: Re: Virus Scan Notices in eMail
>
>
> If the virus slipped through the system undetected the 'no virus
> message' would be appended to the e-mail.  By adding it to your e-mail
> wouldn't it then result in
>
>  ****** Message from InterScan E-Mail VirusWall NT ******
>
>  ** No virus found in attached file noname.htm
>
>  *****************     End of message     ***************
>  ****** Message from InterScan E-Mail VirusWall NT ******
>
>  ** No virus found in attached file noname.htm
>
>  *****************     End of message     ***************
>
> Brian Kifiak wrote:
> > Hi,
> >
> > Could someone enlighten me as to why many server-side eMail virus
> > scanners add this information to eMails they scan?
> >
> >    ****** Message from InterScan E-Mail VirusWall NT ******
> >
> >    ** No virus found in attached file noname.htm
> >
> >    *****************     End of message     ***************
> >
> > Is there something I'm missing, or isn't this actually a BAD thing?
> > If users get comfort from seeing messages like this, what's to stop
> > someone from adding this to an eMail containing a virus they want to
> > spread?  Wouldn't the user be more likely to open it?  (Assuming
> > your virus slipped through their detection mechanism undetected.)