Hello Bill, Monday, August 25, 2003 you wrote: BH> F-Prot doesn't need to have the attachments decoded to detect a virus.
I agree but with some reservation. F-prot actually breaks the message into the mime segments and scans them. So there is little need for a separate mime process if using f-prot. However, f-prot fails to report certain types of files and encoding - at least for me - and apparently because the virus in that kind of file is not actually threatening. This was a huge problem on the recent blaster worm outbreak. Now f-prot desktop did protect users from the worm if the file were attempted to be opened by an application. But the worm slipped through e-mail for a couple of days. You can test a good many types of encoding and file types using the tool at http://www.declude.com/tools/mailsend.html - At least some of these will not trigger f-prot but I've forgotten the details. Even with this reservation f-prot is definitely an excellent tool for the money. The solution is not as simple as just parsing the mime segments but also in decoding the mime segments. And that also does not take in account the significant number of virus vulnerabilities that should be checked as well. Terry Fritts Smart Business Solutions, Inc. - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]