Ben Bucksch wrote: > Michael Collette wrote: > >>Unless I can be certain of a specific AV app working with Mozilla properly >>I can't advocate it's use. We know of two major apps that have >>difficulty, >>but we don't know if others have similar problems. What's worse, is that >>we don't know of any AV apps that are definitely not going to cause data >>loss. >> > Why don't you do the following: > > 1. You make sure that all your mail is being backed up automatically > independantly from Mozilla. > For example, all incoming mail for a certain user is additionally > forwarded to another account, which is never retrieved, but simply > stores all mail. Similar it could be done for outgoing mail, maybe > use a bit of Mozilla's help by bcc'ing that account all outgoing > mail (see Mozilla's "Copies and Folders" prefs).
A fair suggestion, but one that may be a bit complicated at this point. I personally don't get much in the way of viruses coming at me. Apparently I don't hang out with the right crowds. I'm an awful test case for this. Heck, I don't even run AV apps on my Windows boxes. Don't use them that much these days anyway as I'm about 98% of the time on FreeBSD and KDE. The user I had reported with the data loss problem is now 100% moved over to Eudora, and he's really liking it there. I politely avoided his wide variety of impolite words concerning Mozilla's mail in my earlier posts. He's a great test case for this, as he apparently hangs out with the virus prevelent crowds, but I don't see him as available for further testing. At my office I have a couple of users trying out Mozilla mail now. The problem there is that I've proactively dealt with most viruses. I configured my mail server to divert any inbound mail to a box other than the InBox when an attachment exists with an executable extension. Wish I could do the same with .DOC files, but the sales department would burn me at the stake. > 2. You disable deletion of virii in your AV software. > You should do that anyway. Go to its prefs and tell it not to > delete infected files but instead warn you about it and maybe move > it into a "quarantine" folder. If the situation occurs again, you > manually delete the offending mail (you can easily do that with > mbox *g*) and copy the folder back to its original location in > Mozilla's profile (and back it up). I should have researched Eudora's method of storing messages a bit more closely. They do store messages in an mbox format. See my other posts for details. At this time the user in question has his AV settings to remove virii. I can have him turn this off in order to get test cases, but otherwise this has proven to be a good thing working with Eudora. Like I said, he gets a lot of them things in. One man freakin' petri dish. > 3. Use Mozilla Mailnews > 4. You run yourself with that setup for a while. > > This would proof that our assumptions are true and would allow us to > investigate other, problem-specific solutions. > > Until now, we don't even know for sure what the exact reason for the > deleted inboxes was. I fully agree we need to get some solid test cases in play. I can probably get a copy of Sircam from that user as a trigger for the AV app, but it seems what we really need is something equivalent of BadTrans. I wouldn't mind setting up a test environment with Moz and an AV app on a Windows box. I may even have a domain I can add a user account to that won't have any inbound filtering. I need to check on that. If we can get a test virus to work with I'll see about moving forward from my end. More importantly, we need some way of tracing what in the heck happens. The wipeout I described happens really fast. I suppose it'd be just as good to simply be able to repeat the findings. As it is, I think we can be fairly certain that Norton AV, BadTrans, and Mozilla is definitely a bad combination. Later on, -- "Outside of a dog, a book is man's best friend. Inside of a dog, it's too dark to read." - Groucho Marx
