On 02 Oct (13:38), Slepp Lukwai wrote: > How often and which method do you use to clean your quarantines? Or do you > not quarantine found viruses? I was hit by 250 Sircams in a night > recently, at 5 megs a piece. It was definitely thrashing the mail spool at > that point.
Virus mails get spooled in quarantine, I have a special user account on my mail server, used to sort through the contaminated mails by hand, because sometimes theres useful information in the mails, like a virus from the wife of my boss or anything like that. :) > Back in regards to the LDAP setup, has anyone used an LDAP entry to refer > to the quarantine Maildir of the AV software? This seems like a simple > proposition (simpler than user account based). As you need only one quarantine folder, I think its goldplating to put the location in LDAP and not neccessary. One interesting thing, I hope some people here still remember mailbombs from good old mailbox times in the late 80s and early 90s: Generate a 100 MB textfile with only 'A' (or anything like that) as content. Use a ZIP algorithm to compress it. Generate another textfile and compress this together with the first ZIP (not _in_) into an new file. Repeat 42 times. The file you get is a mailbomb, try feeding it your mail virus scanner. If it's configured to do full scanning (unpack archives), you better didn't use your production server. -- Christian Bauer System Services Blue Mars GmbH mailto:[EMAIL PROTECTED] Ebersheimstrasse 5 http://www.bluemars.de/ D-60320 Frankfurt/Main Tel: +49/(0)69/46 99 73-0
