[EMAIL PROTECTED] wrote:
Irrelevant question. The fact that it could happen is enough. I can't stopThe same arguments apply if you were talking about an Oracle database -- users could store viruses into the database and someone else could extract it from that database and execute it. However, you wouldn't run a virus scanner on Oracle databases that just deleted files if it didn't like them -- the Cyrus mailstore is no different, even if some of the parts are stored in a familiar format.
my users going to someone's computer (which has no virus protection) and
connecting to my IMAP server. I have students who will no doubt use the
IMAP server as a filestore when they run out of quota on the fileserver.
The clean way would be to add a filtering layer wherever messages could be stored into Cyrus. It is easy enough to add a front-end to the delivery side using the various MTAs, but it would be more work to filter messages stored via IMAP. Until then, the correct way to do it would be to use IMAP to muck with the message store (even if you found which files you had a problem with by running directly on the filesystem, but of course there is no guarantee you are seeing a consistent state). If you insist on deleting the files out from under Cyrus, then be content with private hacks to work around the problem, reconstruct the mailboxes you tamper with, or just live with a partially broken mailstore.
--
John A. Tamplin Unix System Administrator
Emory University, School of Public Health +1 404/727-9931
