jef moskot wrote:
I have a small script I modify to do the job of lifting the offending messages out of the mbox files. On a large scale, there's the obvious problem of modifying files that could be in use or files that the user could modifying during the stripping process. I can monitor these fairly easily in my environment, but on a larger scale, this would certainly be a much nastier problem. As to the question of whether or not the files have been accessed already, in the general case, I can get to the mailboxes before they are accessed by a majority of the users. Certainly a high enough percentage to make the task worth it. Again, though, this is due to our environment.
I can see this working in a smaller environment although I still think it is less then ideal because you have the potential to scan email that has already been scanned and dubbed clean, especially using mbox. It seems to me that in a larger environment scanning at the SMTP level is ideal. Steve _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
