How The Anti-Virus System Works
For the first two years of its operation, before a message even touched any of the anti-spam or mail services it was scanned for viruses. Beginning on January 30, 2004 our antispam system -- which is actually a 'gateway' in front of our mail server -- now also looks for and stops most potential viral infections.
And we still have our -- formerly primary -- backup system waiting in the wings to bag anything the gateway misses. The reality is this now-secondary system is dedicated solely to hunting viruses, and its only a nice bonus that our antispam system does it as well.
Our dedicated system uses F-Prot Anti-Virus as its backbone, and we strongly recommend its use for our clients' desktops. Its lean use of system resources, flexibility (it can scan for updated virus definitions as frequently as once every hour) and price (a license for ten -- 10 -- computers costs US$50 at present) make it unbeatable in our view.
The dedicated system does more than just run a scan using F-Prot. It also looks for other telltales not caught by the virus-scanning software. Particularly the presence of potentially dangerous macros and scripts which are technically not viruses or worms, but just as dangerous.
If a message fails this series of tests it can either be held or deleted outright. Formerly, infected messages were held for several days and then deleted. With the onslaught of the sobig.f virus, volume and storage space requirements are now such that infected messages are now deleted immediately.
As of February 3 2004 we have discontinued the infection alerts that were formerly emailed to the intended recipients of infected messages. While we can filter out alerts solely for 'forging' viruses -- those that forge the email address of the sender, thus making such alerts worthless -- the truth is we figure everyone knows by now that we filter viruses, and after two years is sick of looking at the alerts.