workaround for "file size limit exceeded" messages?

Julian Field mailscanner at ecs.soton.ac.uk
Wed Nov 5 09:42:24 GMT 2003


At 12:49 04/11/2003, you wrote:
>Julian Field wrote:
> > Good point. Sorry for the lousy code. The attached patch might work
> > slightly better. You did keep your unpatched original SweepViruses.pm
> > file, didn't you? :)
>
>I think that (as well as stripping (raw) )if it detects "File size limit
>exceeded" it is treating it as a virus.  Unfortunately clam seems to give
>this response with any file that achieves a high compression ratio, (ie
>the same behaviour as last nights patch?)  This causes me problems because
>I have folks sending files with compression ratios around 12:1 which
>trigger this warning from Clam.
>
>I think the answer may be to solve the other issues with the clam wrapper
>I mentioned so that the external unzipper works (which clam uses when the
>internal unzipper fails), then ignore this message.

Do other people agree that this is the preferred behaviour?
Detect the virus, but ignore "File size limit exceeded" messages?

Your votes please...
--
Julian Field
www.MailScanner.info
MailScanner thanks transtec Computers for their support

PGP footprint: EE81 D763 3DB0 0BFD E1DC  7222 11F6 5947 1415 B654



More information about the MailScanner mailing list