[Mimedefang] Anyone using File::Scan?
Cormack, Ken
Ken.Cormack at roadway.com
Wed Feb 16 09:58:23 EST 2005
-----Original Message-----
From: alan premselaar [mailto:alien at 12inch.com]
Sent: Wednesday, February 16, 2005 9:25 AM
To: mimedefang at lists.roaringpenguin.com
Subject: Re: [Mimedefang] Anyone using File::Scan?
::SNIP::
> I think the change would be good, because up until now, if File::Scan is
> installed, it's used. I could see a case where it may be installed but
> not desired to be used.
Likewise, I have clam installed on my system (in addition to File::Scan),
but use clamd, and not clamscan, with MIMEDefang. It didn't take much to
disable clamscan in my mimedefang.pl:
#$Features{'Virus:CLAMAV'} = ('/usr/local/bin/clamscan' ne '/bin/false' ?
'/usr/local/bin/clamscan' : 0);
$Features{'Virus:CLAMAV'} = ('/bin/false' ne '/bin/false' ? '/bin/false' :
0);
Manually disabling and auto-enabled feature, or re-enabling a disabled
formerly auto-enabled featured makes little difference.
There are two camps of thought.... One feels the potential for
false-positive is greater than the risk of letting a virus slip through.
The other feels the risk of a virus is greater than the risk of a
false-positive. Taking a stand on either side of that fence would be fodder
for an interesting discussion, I'm sure.
Which is worse... The company president not getting an email because a false
positive flagged one of his incoming emails? Or opening up hundreds (if not
thousands) of desktop clients to a virus, with the resulting potentials for
loss of productivity and data? We share an Exchange "Global address List"
with our parent company. There are a LOT of addresses in there... Just ripe
for grabbing by some virus. I suppose if the email to the president or the
board of directors, were for an offer to buy the company for $3 billion, he
wouldn't want to miss that.
Ken
More information about the MIMEDefang
mailing list