Is Email Scanning Needed?

Many of today's anti-virus programs, both paid and free, have active (resident) protection and some within that group also have an option for scanning emails through the AV program.

I guess it's a matter of comfort level (peace-of-mind), but I'm interested to hear what the MajorGeeks universe has to say on the 'necessity' of scanning emails (attachments and email message itself) during Send / Receive for the various email programs (Outlook, OE, Windows Live Mail, Thunderbird, etc...). To scan or not... why or why not?

Thanks for your response(s).

P.S. - I prefer to use an external program rather than webmail.

P.P.S. - While I'm at it, what about the necessity of scanning archives (such as .zip files)?

 

Personally I believe email scanning is sometimes over hyped in the marketing by some vendors. Basically, a file is a file. When you open an attachment, click on a download or click on a link either in an email or on the internet a good antivirus is going so scan it. Here is a pretty good read on the subject. Why You Don't Need Your Anti-Virus Program to Scan Your E-Mail

Now that's not to say you shouldn't be careful in what you click. If it's suspicious then leave it alone either in an email, on the internet or in an instant messenger. Some malware is designed to trick your antivirus and if you click it there may be no way of stopping the payload.

Again it depends on where the file came from. Use a good trusted antivirus and more important trust what it is telling you. This is a great page to bookmark. It lists the best of the best freeware. Top Freeware Picks

Also remember that an email and it's contents are stored on your hard drive. Antivirus protects your hard drive so a good antivirus should find anything malicious or suspicious automatically without you having to adjust the settings.

 

I have a domain name and use emails addresses created from that domain name.

The hosting company that I am with virus scans all emails sent to me prior to delivery. If an email has a virus, it attempts to repair it. If that is not possible then the email is deleted and I receive notification of such from my hosting company.

I appreciate the argument made above but the layered approach of keeping the virus from reaching my system in the first place is, IMO, better than hoping the AV will do it's job correctly.

Just another viewpoint

Good Luck

 

Good point risk_reversal. But the difference here is a HDD and a server. Your hosting company, I'll guess is also your ISP? They should have an antivirus protecting/monitoring their servers. If they don't I'd suggest finding a new host.

Yahoo claims to scan emails. But I'll bet if I go through my spam folder I could find some sort of malware. I use my ISP's email for things like my bank and eBay because of the layered approach you mentioned. Gmail is my choice for social things like forums and such.

Ultimately safe sensible clicking is the most reliable tool.

 

No, my ISP is not my host. I have my domain name(s) registered with GoDaddy and host through a couple of hosting companies.

Well they are dedicated hosting companies so yes, their servers are well protected. I do not host with some of the freebie merchants but pay for mid package(s) from professional outfit(s).

Only reason I do it this way is that no AV is 100% and if I can pretty much shut the door on viruses from the email side, then it's one less thing to worry about. A lot of the time now I also surf from a Linux based platform to further reduce risk.

As I said, it's just another viewpoint.

I hate to think what the net will be like in 10 yrs time.

Good Luck

 

there are so many ways for bad things to find their way into your system that any extra protection is a plus, the size and system requirements for the additional features are none, the extra peace of mind is really up to the user. This forum is full of peeps with bugs and the funny part is most have no idea where it came from, so given the current state of computer use, and the fact that servers are not always what "we" would do for protection, I say given the fact that for no system resources and no increase in size, go with it if you feel the need in any wild case that could be exposed to. Personally I use a web based email account for the majority of my mail, only family and very close friends get my "real" email and then I never accept any forwarded email that is 3 layers or more, (fwd, fwd then fwd to me) still the extra peace of mind that comes from the idea that any email is scanned is far worth the time. Another good idea is the option whether to leave the email on the server, I always do this way if the next big bug is an email bug then its there on the server so that they can also deal with it, along with the complete IP and other info that we seldom see anymore in emails but it is still there, and server company going after a virus or bug is more successful then me or you trying to do it through our inept ISP's

 

Thank you to everyone who provided comments and for the information that you shared. I've always operated under the (perhaps mistaken???) assumption that email and compressed file scanning was needed, even with my anti-malware programs having active protection. As I mentioned in my original question, it's the "better safe than sorry" attitude. Not sure if I'll actually "not" scan these items during full scans, but this additional information gives me something to think about.