Virus Checking Encrypted Email - Exchange & AD

[IanH]

Sorry if this sounds like a dumb question, but what process is in place
for virus scanning encrypted emails, when a MS CA PKI is implemented in
an Active Directory Infrastructure?

We have Norton AV for Exchange 2000 but.....Are Encrypted email allowed
to pass right through unchecked? wow major prob with this - obviously
but......

How can they be decrypted and checked for virus, given they are sealed
for a specific person?

Thanks

Ian

 

[Brian Komar]

Sorry if this sounds like a dumb question, but what process is in place
for virus scanning encrypted emails, when a MS CA PKI is implemented in
an Active Directory Infrastructure?

We have Norton AV for Exchange 2000 but.....Are Encrypted email allowed
to pass right through unchecked? wow major prob with this - obviously
but......

How can they be decrypted and checked for virus, given they are sealed
for a specific person?

Thanks

Ian

The only solution would be to implement gateway encryption, so that the
email enters and exits the email server unencrypted, but is encrypted at
a gateway when delivered externally.

There is no default recovery agent, etc as there is with EFS.

Brian

 

[IanH]

I am amazed at that, thats like a whole big feature practically unused
then because emails that are encrypted either need some third party or
some clever gateway...I would have thought that since the Exchange
server (being the AD authorised Email server) would have been able to
decrypt message sent to someone in the AD it serves. Even if the Admin
didnt have that low level acces I would have though AD / Exchange could
have been granted it.

Thats Nuts

BTW- thanks for the Reply Brian