Virus / Malware Scanning for Attachments
Prevent known malware by automatically checking email attachments for viruses and showing a warning if the result is positive. This could be done by submitting hashes of the files to VirusTotal.com.
There are two possible places where the automatic scan could happen:
- When incoming unencrypted email first arrives at ProtonMail's servers, before it gets encrypted.
- When the receiving user decrypts the attachment but before opening it.
Anonymous
shared this idea
-
Norbert
commented
Wait. Does encryption prevent a sender from sending me a virus attachment? I look up "How to scan an attachment in protonmail" and every forum talks about encryption.
-
J
commented
I like the idea of this. For unencrypted email only, there should be a toggle to either virus scan before encrypting, or to not virus scan before encrypting. The additional overhead of sending encrypted messages will keep most scammers away or make them use unencrypted messages, and those who send unencrypted messages can be scanned.
-
Anonymous
commented
This will only work for unencrypted attachments.
There is a lot of people who doesn't get the concept of end-to-end encryption. Encryption and decryption are made by the involved clients, data is never in a decrypted state at any server. If it was, then the security would be broken. -
Anonymous
commented
very bad idea but I can't downvote
-
Gary
commented
@Marcus, you're incorrect, read the OP's description again. Incoming UNENCRYPTED emails can be scanned, so first proposition IS possible. Most incoming emails arrive at Protonmail's servers unencrypted unless sender uses PGP or is another Protonmail user.
-
Marcus
commented
Emails are already encrypted when they reach protonmail servers, thus the first proposition is impossible to perform.
-
Fedor
commented
A bad idea, in my opinion. It is superfluous. Also, it seems to me of low importance and priority for the purpose of the project at the moment.