[Mimedefang] Virus scanning: ignore text/plain and text/html?
Matthew.van.Eerde at hbinc.com
Matthew.van.Eerde at hbinc.com
Wed May 18 14:41:39 EDT 2005
Matt Cuttitta wrote:
> It makes perfect sense to me to skip over the text/plain and
> text/html parts as I'm not sure how they could contain viruses.
> However, I haven't seen or heard of anyone else doing this.
>
> Anyone else looked into this? Comments?
text/html parts are perfectly capable of containing viruses - javascript exploits, <iframe src=> overflows, et al.
text/plain parts can be parsed as other types by broken mail clients.
Virus scanning is a relatively cheap operation in the scheme of things. Scan EVERYTHING that comes in through your mail server.
--
Matthew.van.Eerde (at) hbinc.com 805.964.4554 x902
Hispanic Business Inc./HireDiversity.com Software Engineer
perl -e"map{y/a-z/l-za-k/;print}shift" "Jjhi pcdiwtg Ptga wprztg,"
More information about the MIMEDefang
mailing list