Daily Archives: November 30, 2010

To Scan Emails or Not to Scan Emails, That is the Question

Computer Security, Technical Tips

The content of this article might make some readers think I’ve lost my marbles. Regardless, here we go. As most users know, antivirus protection usually includes email scanning. What that means is incoming and outgoing emails are scanned (assuming you use an email client of course, as discussed in this recent article) by the antivirus software installed on your computer, to detect and eradicate any known threats from all emails. So here’s my advice: Turn email scanning off.

First, let me explain why, then I’ll explain the benefits of it.

Let me start by telling you that most antivirus programs have what is call “real-time protection” or “active shield” or some other similar name. In an antivirus, this is a function that scans every file you access in your computer. So when you open a document, a picture, a video, a new program, sometimes even a folder that contains such files, the antivirus scanner function quickly gets in the way and examines the file for anything that would make it be classified as malware, and if the results are positive, the antivirus will take action, the action taken largely depending on what it has been set to do. It might alert you of the threat and ask you for a decision on what to do, or quarantine the file in question, delete it, and so on. If after scanning the file the results for any malware trace are negative, the scanner naturally allows normal access to it. But the point is, providing the real-time protection is enabled, the email scanning function is redundant, for the email scanner will do the same than the real-time protection scanner, but with emails and their attachments, which are after all, just files.

Fair enough, you might say, let’s assume for a moment the above is right; However the more protection the better and so if I get a file scanned twice, there’s no harm in it.

That’s true. Well no, actually, it’s not. And here’s where the benefit part comes in. The truth is, an email scanner is likely to cause a corruption in the files your email client uses to store emails, and that will cause problems with the normal functionality of said client. Ironically, email scanners are more often responsible for inbox corruption in an email client than malware! So when you look at it that way, it doesn’t seem so beneficial anymore, does it?

I sometimes even wonder why antivirus program vendors still sell antivirus software with email scanners. It seems like a vestigial function that somehow is still there even though it’s not really needed and is more or less famous for causing trouble.

So turn off your antivirus email scanner if it’s on. And if you don’t know how to do that, ask an expert for help.