Zero-length attachments

[Desai, Jason]

[snip]

> > c) Files appearing to get through the filter could send some managers
> > into a flurry of panic thinking something has gone wrong, causing them
> > not to trust MailScanner.

[snip]

> (c) was in fact my reason for raising the suggestion in the first place.
An
> attachment called Qph.exe which gets past the anti-virus check can trigger
> alarm, and too many people don't check to see that it's actually zero
bytes
> in size.   Maybe the best solution is to remove the "attachment" so as to
> eliminate both causes for alarm, but I think it's not good for people to
see
> "Executable files can be dangerous" when in fact there's nothing there...

[snip]

> I'd still like to see some MailScanner option for treating zero-size
> attachments differently from "real" ones.

Maybe MailScanner could put the size of the file in ()'s after it's name in
the report?

Ex:

Report: Executable DOS/Windows programs are dangerous in email (patch.exe -
0b)

That would at least let you know that it was 0 bytes.

Jason