[Mimedefang] quarantine_entire_message: I don't get it
Damrose, Mark
mdamrose at elgin.edu
Mon Sep 20 13:35:22 EDT 2004
> -----Original Message-----
> From: Paul Boven [mailto:p.boven at chello.nl]
> The way I see it, there are these possible actions upon
> detecting a virus:
>
> 1.) action_discard: *poof*, the virus vanishes without a trace.
>
> 2.) action_notify_sender, which I really wouldn't use unless
> I am sure
> that the virus in question doesn't forge the From: header
>
> 3.) Notify recipient, who can determine if there's any chance
> the mail
> was legit and request it either from the administrator or sender.
4.) use action_bounce to generate a 5xx error message.
If it's one of the viruses that has its own SMTP engines (most of
them) this is equivalent to 1.) above.
If it's one of the viruses that uses the infected PC's SMTP relay,
this pushes the virus back to the system that accepted responsibility
for it.
More information about the MIMEDefang
mailing list