Helping people with computers... one answer at a time.
Scanning your email for malware in real time as it downloads to your machine sounds like a great idea - until you start losing email.
You've said you're not a big fan of real time email scanning ... can you tell me why? Is there another way to scan it?
I base that mostly on the problems I see reported here that are solved by turning real-time email scanning off and using alternatives instead.
The tools have certainly gotten better over time, and it does feel like I'm seeing fewer problems, but fewer isn't the same as none at all.
I'll describe what I mean by real time scanning, the problems that it's known to have I've seen it introduce, and the alternatives I prefer.
To me "real time" email scanning is exactly what the term implies - email is scanned for viruses in real time as it's being downloaded into your email program. If a virus is detected that specific email is marked or disposed of in some way.
It sounds ideal - with it turned on presumably you can trust that if something actually was allowed to make it into your inbox by the scanner it's likely to be malware-free.
Unfortunately, I've seen too many cases of these scanners running amok.
The most common scenario I hear about sounds like this: "all my email is being deleted as it's downloaded".
That's almost certainly a real-time email malware scanner gone berserk. For whatever reason it's decided that every piece of email you're getting contains malware or is spam. As a result it's dutifully deleting them.
Every piece of email you're getting.
This is easily confirmed by turning that "feature" off in your anti-malware or anti-spam tool, and suddenly subsequent email resumes normal delivery.
Real time scanners have been implicated in more random email loss, email display issues as well as email program crashes.
As I said, I appreciate the concept, but the failures are still too common and the nature of the failures too severe for me to feel comfortable with them. Turning the feature off still corrects too many problems.
One of the most important skills you can develop as an internet user is the ability to detect suspicious emails. You know the drill: bad grammar, asking for private information and passwords, selling you suspicious merchandise or posing improbable scenarios. Those are all things you should be able to identify yourself without the need of some add-on tool.
And then there are attachments.
Naturally it's very easy to say "don't open attachments that you don't expect, or that you aren't 100% certain of".
On the other hand, to paraphrase a friend, if you get an email promising you that the attachment has dancing bunnies, you're probably going to do whatever it asks just so you can see the dancing bunnies.
Scan the attachment first. Save it to disk, and then run your anti-malware tool(s) on the contents of the folder you saved it to.
If you like, exit your email program and instruct your anti-malware tools to scan all of your mail.
That on-demand scan doesn't interfere with your email program if the email program's not running. It's not going to prevent mail from being delivered because it's already been delivered.
It's simply going to scan the files already on your disk.
And presumably warn you if those bunnies will bite.
My bottom line recommendation is this:
Turn off real-time email scanning in your anti-malware tools
Learn to spot and avoid malicious emails, even if - heck, especially if - that means you'll miss out on some dancing bunnies
Run on-demand scans for anything you think might be suspicious, but that you can't resist opening
Run a daily full scan of your machine for anything that might slip through. I do this at night when I'm not using the machine.
And if you do leave your real-time mail scanner enabled because you've never had a problem - you might at least suspect it if suddenly email starts getting deleted out from underneath you.
Comments on this entry are closed.
If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.
If you don't find your answer, head out to http://askleo.com/ask to ask your question.