[Mimedefang] quarantine_entire_message: I don't get it
WBrown at e1b.org
WBrown at e1b.org
Mon Sep 20 13:58:51 EDT 2004
mimedefang-bounces at lists.roaringpenguin.com wrote on 09/20/2004 01:40:50
PM:
> On Mon, 20 Sep 2004, Paul Boven wrote:
>
> > The way I see it, there are these possible actions upon detecting a
virus:
> > 1.) action_discard: *poof*, the virus vanishes without a trace.
> That's my preferred action.
What about rejecting with a permanent error? I have been very satisfied
with ClamAV, but I've seen enough false positives to not completely trust
them. If it's a real message from a real server, I'd rather the sender
get a failure.
> > 2.) action_notify_sender, which I really wouldn't use unless I am sure
> > that the virus in question doesn't forge the From: header
> That's truly evil. All modern viruses forge the From address.
And how do we get mail admins to turn this off? Maybe we need a BVNRBL
(Bogus Virus Notification RBL) <G>
More information about the MIMEDefang
mailing list