On Fri, Jun 27, 2003, Antony Stone <[EMAIL PROTECTED]> wrote: > On Friday 27 June 2003 11:50 pm, Johannes Erdfelt wrote: > > > On Fri, Jun 27, 2003, Antony Stone <[EMAIL PROTECTED]> wrote: > > > MailScanner will remove infected attachments from emails and deliver the > > > remainder of the email as it was. Is that not what you want to do? > > > > No. Like I mentioned further below the quote above, I don't want to > > deliver the body of worms. There's no point to deliver them and will > > just waste disk space and the users time. > > > > That's why I wanted to differentiate between viruses that attach to > > payloads (think infected executable) where the rest of the message > > and/or attachments might still be useful, versus worms which send their > > own emails and as a result, the entire message is useless. > > MailScanner has its own list of such viruses (called "silent viruses", > because it should keep quiet and not inform the apparent sender, because this > is almost certainly a false address), therefore it is possible for > MailScanner to decide what to do with different types of infection, even if > the anti-virus engine (MailScanner supports 15 different ones) does not > supply this information.
Ahh, that's good to know. While MailScanner seems to be a fine application, I have various reasons why I want to develop something myself. That being said, is there any interest to add similar functionality into the scanning engine? This way the metadata is kept with the signature. JE --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
