Feature request or can MS..??

Tue Sep 23 21:08:21 IST 2003

But can't "Non Spam Actions" already do that for you?

At 18:45 23/09/2003, you wrote:
>Thanks Julian,
>
>I set:
>
>Convert HTML To Text = %rules-dir%/convert.html.rules
>
>tab delimited.
>jed /opt/MailScanner/etc/rules/convert.html.rules
>Virus:  Gibe-F  yes
>FromOrTo:       default         no
>
>Please consider adding the attachment feature to the HTML rules.  This
>might prevent a user slip up and reduce temptation when outlook rebuilds
>the text link automagically.
>
>The attachment approach could also reduce risk in a situation where
>dangerous tags are allowed.
>
>My 2 cents.
>
>-Scott
>
>
> >
>  >At 15:37 23/09/2003, you wrote:
>  >>Please pardon my ignorance and kindly enlighten me if this is already
>  >>possible.
>  >>
>  >>I noticed the HTML links in the Microsoft patch virus emails are
>still
>  >>intact on the cleaned message.
>  >>
>  >>Given the attacks against MS IE, is there a way to show the users
>  >>mailscanner is working but not let the html body through?
>  >
>  >Convert HTML To Text = yes
>  >
>  >or even better....
>  >
>  >Convert HTML To Text = /etc/MailScanner/convert.html.rules
>  >
>  >which in turn contains
>  >
>  >Virus: Gibe-F     yes
>  >FromOrTo: default       no
>  >
>  >which should strip HTML off Gibe-F infected messages, but not others.
>You
>  >will need at least 4.23-11 to do this. Neat, eh? :-)
>  >
>  >The other way of doing it is to add Gibe-F to your list of Silent
>Viruses
>  >(which you should have done already anyway) and "Still Deliver Silent
>  >Viruses = no".
>  >
>  >>I'm thinking even more aggressive than strip html since outlook
>rebuilds
>  >>html links in text form.  But in lieu of a new action, would it be
>easy
>  >>to make the options for spam available for treatment of cleaned
>viruses
>  >>and dangerous HTML?  I could then strip the html and make the message
>an
>  >>attachment.  That would at least cause my users to stop and think.
>Most
>  >>of them are trained not to open strange attachments.
>  >
>  >Non Spam Actions = /etc/MailScanner/rules/non.spam.actions.rules
>  >
>  >which then contains
>  >
>  >Virus: Gibe-F   striphtml attachment deliver
>  >FromOrTo: default       deliver
>  >
>  >>Ideally, I think just a report of the virus caught and who sent it or
>  >>maybe the internet headers since they don't get forwarded by default
>  >>under exchange.
>  >>
>  >>I realize the value of "who" is useless.  However, I'm betting my
>users
>  >>would generate a lot of questions without the "who" because some of
>them
>  >>still can't believe email can be forged.
>  >>
>  >>I guess I'll set the silent delete for now.
>  >>
>  >>
>  >>Thanks
>  >>
>  >>-Scott
>  >
>  >--
>  >Julian Field
>  >www.MailScanner.info
>  >MailScanner thanks transtec Computers for their support

--
Julian Field
www.MailScanner.info
Professional Support Services at www.MailScanner.biz
MailScanner thanks transtec Computers for their support