Internet Security, eh?

I spent over an hour helping one of the tenants of our office building with an email problem. He explained to me that he couldn’t send email, even though he was receiving email just fine. Figuring this was a server issue, or a simple settings issue, I agreed to go over and check all of his settings and make sure everything was alright before he called his ISP. Like everything in IT, it wasn’t anywhere near that simple. It turned out, after some investigation, that of the three PC’s in his office, one could send email and two couldn’t. All of them had the same server settings. The one that could send email had Norton AV, but had outgoing email scanning turned off. One of the two that couldn’t had Norton AV with outgoing email scanning turned on. Turning off outgoing email scanning set everything back right again. Apparently, the outgoing scanning was taking so long that it caused the connection to their server to timeout. Even increasing the timeout in Outlook didn’t help, so I’m guessing the ISP recently decreased the timeout settings on the other end.

The last PC had Norton’s full Internet Security Suite. Turning off outgoing email scanning in the AV portion did not fix things. Disabling the AV entirely did nothing, the email was still being scanned by something and taking too long. Finally I narrowed it down to the Anti-spam that was scanning outgoing email. There is no setting to tell it to only scan incoming, the only way to stop was to disable the feature completely. (They don’t really need it, they have spam filters at the server level.)

But here’s my question, why is there not an option to disable outgoing scanning by the anti-spam product? Or why is it even a feature of this product anyway? I assume it’s only purpose is to scan for mail being sent by a trojan, since if you’re sending mail, you don’t want it blocked as spam by your own computer! But if your AV product, that is bundled with the anti-spam, is working the way it should, the AV scan should stop that from happening anyway, correct? Or at least the firewall, also bundled in the suite, should be setup to block outgoing connections from trojan mailers. It’s redundant!

Just a thought, anyway.

Follow these topics: Uncategorized