Silent Virus & Notify Senders

Stijn Jonker SJCJonker at SJC.NL
Sat Aug 2 16:11:15 IST 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello all,

I'm trying to fine tune the virus reporting to the senders of email,

Initially I had an rule where for all local domains reporting was on,
and the default was off.

Recently people have tried to transfer exe files, they where legit, as
they where updates from the official vendor of an piece of software.
(This user isn't very technical, so it was send as an self exec zip
archive).

MailScanner nicely intercepted the email, but off course didn't notify
the sender, as the rules dictate.

I'm looking for a way to do sender notification as mentioned below:

Disallowed filename && !Virus   yes
Disallowed filetype && !Virus   yes
Virus                           no
HTML-Form                       yes
HTML-Codebase                   no
HTML-IFrame                     yes

If this isn't possible with the current code, maybe an option for silent
viruses in the area of:

Silent Viruses = HTML-Codebase ALLViruses

If the above change is required, i'll dive into the perl code, and see
if i can manage to make a patch to do this..

Julian, are you willing to add this, when and if I provide the patch?

- --
Met Vriendelijke groet/Yours Sincerely
Stijn Jonker <SJCJonker at sjc.nl>
-----BEGIN PGP SIGNATURE-----

iD8DBQE/K9STjU9r45tKnOARAh4KAKDxFSo0USEL9nkQCevuDrumF9Hi+QCg9RHw
HCXeSkZBCbeF3bcmgM6IdHo=
=rY0j
-----END PGP SIGNATURE-----



More information about the MailScanner mailing list