I totally agree a virus could just as easily add a "scanned by " footer to
make people think the message is safe.
The reason a lot of AV vendors append this footer by default is purely so
that, as well as paying through the nose for their software, you're also
spamming every recipient you send an email to with an advert for
McKafferties AV or some such. It's just like the the footers
"IncrediblyAwfulMail" free version adds email messages so that using their
product you do all their advertising for them.
If you really want to do it just set an Exchange transport rule (if you're
using Exchange 2007, a transport sink if you aren't) to add a meaningless
footer of your choice, it'll be just as valid
My take on it is that it's meaningless and it annoys the recipients of your
emails, why do it
"Steve Riley [MSFT]" <firstname.lastname@example.org> wrote in message
> Why do this? I've seen other virus scanners append such text, and I've
> always thought it rather superfluous. Unless an email message is digitally
> signed, then you really can't trust that any of the text in the message --
> including virus scanner footers -- is legitimate. It's trivial for an
> attacker to add fake footers or remove real ones.
> Steve Riley
> "Paul O'Donnell" <email@example.com> wrote in message
> news:Xns9ADE8F16894C3spamtrapdeadspamcom@207.46.24 8.16...
>> I'm looking to add a footer/signaure/stamp to outgoing emails to
>> that they have been scanned. Is this possible from Forefront?