Feature request or can MS..??

[Julian Field]

At 15:37 23/09/2003, you wrote:
>Please pardon my ignorance and kindly enlighten me if this is already
>possible.
>
>I noticed the HTML links in the Microsoft patch virus emails are still
>intact on the cleaned message.
>
>Given the attacks against MS IE, is there a way to show the users
>mailscanner is working but not let the html body through?

Convert HTML To Text = yes

or even better....

Convert HTML To Text = /etc/MailScanner/convert.html.rules

which in turn contains

Virus: Gibe-F     yes
FromOrTo: default       no

which should strip HTML off Gibe-F infected messages, but not others. You
will need at least 4.23-11 to do this. Neat, eh? :-)

The other way of doing it is to add Gibe-F to your list of Silent Viruses
(which you should have done already anyway) and "Still Deliver Silent
Viruses = no".

>I'm thinking even more aggressive than strip html since outlook rebuilds
>html links in text form.  But in lieu of a new action, would it be easy
>to make the options for spam available for treatment of cleaned viruses
>and dangerous HTML?  I could then strip the html and make the message an
>attachment.  That would at least cause my users to stop and think.  Most
>of them are trained not to open strange attachments.

Non Spam Actions = /etc/MailScanner/rules/non.spam.actions.rules

which then contains

Virus: Gibe-F   striphtml attachment deliver
FromOrTo: default       deliver

>Ideally, I think just a report of the virus caught and who sent it or
>maybe the internet headers since they don't get forwarded by default
>under exchange.
>
>I realize the value of "who" is useless.  However, I'm betting my users
>would generate a lot of questions without the "who" because some of them
>still can't believe email can be forged.
>
>I guess I'll set the silent delete for now.
>
>
>Thanks
>
>-Scott

--
Julian Field
www.MailScanner.info
MailScanner thanks transtec Computers for their support