[Mimedefang] Mimedefang 2.7 + FileScan -> False alarms
Rich West
Rich.West at divatv.com
Mon Apr 15 12:21:53 EDT 2002
Something like this, then:
diff -uNr mimedefang-2.7/mimedefang.pl.in
mimedefang-2.7/mimedefang.pl.in.new
--- mimedefang-2.7/mimedefang.pl.in Fri Apr 12 14:34:50 2002
+++ mimedefang-2.7/mimedefang.pl.in.new Mon Apr 15 12:24:04 2002
@@ -1249,7 +1249,8 @@
# Found a virus or suspicious file, so
# status of remaining files is moot
closedir(DIRHANDLE);
- return (wantarray ? (1, 'virus', 'quarantine') : 1);
+ return (wantarray ? (1, 'virus', 'quarantine') : 1) if ($virus);
+ return (wantarray ? (1, 'suspicious', 'quarantine') : 1);
} elsif ( my $err = $scanner->error() ) {
# Scanner error
closedir(DIRHANDLE);
-Rich
David F. Skoll wrote:
>On 15 Apr 2002, tatooin wrote:
>
>>I noticed one problem. If an attachement is tagged as "suspicious" by
>>File::Scan, then the mail will be rejected. However, it seems that a lot
>>of these attachements are completly clean (at least, that's what NAV
>>with latest signatures says)
>>
>
>>Is there any simple way in Mimedefang to let emails tagged as
>>"suspicious" to pass through ? (a simple warning should be enough)
>>
>
>As it stands now, you'd have to edit mimedefang.pl.in and change the
>interpretation of suspicious(). For the next release, I'll have it return
>a different code for "suspicious" than for "confirmed virus."
>
>Regards,
>
>David.
>
>_______________________________________________
>MIMEDefang mailing list
>MIMEDefang at lists.roaringpenguin.com
>http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
>
--
Richard West mailto:richard.west at divatv.com
Sr. Systems Administrator
Diva - Princeton, NJ http://www.divatv.com
More information about the MIMEDefang
mailing list