Skip scan for viruses
Randal, Phil
prandal at HEREFORDSHIRE.GOV.UK
Fri Jan 30 11:12:53 GMT 2004
No, spam can't directly compromise your PC, viruses can.
As it stands it is a gaping security hole in MailScanner.
Hypothethical example: User phones, and says "your flipping anti-spam gizmo
has blocked an email which isn't spam, can you release it?". You look at
the logs, see that Mailscanner doesn't think it's a virus and release it
from quarantine. BOOM!
Phil
---------------------------------------------
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK
> -----Original Message-----
> From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK]On
> Behalf Of David Hooton
> Sent: 30 January 2004 11:05
> To: MAILSCANNER at JISCMAIL.AC.UK
> Subject: Re: Skip scan for viruses
>
>
> > So it seems to me that SpamAssassin and its spam checks is
> more of a CPU
> > hog than the whole virus scanning process.
>
> Depending on your configuration, but here it is...
>
> > My thought would be
> >
> > if a Virus is dropped before the Spam Scanning can even
> pick it up, that
> > would mean less work to the CPU, thus less ressources are
> consumed or am
> > I making a mistake?
>
> This is a very dynamic situation, a little while ago it was
> suggested that
> the order be configurable. I forget where that thread ended, but in
> situations like we've had this week it certainly would be
> nice to be able to
> reverse the process to virus scan first. _however_ we also
> have weeks when
> spam traffic is very significantly higher than virus traffic
> in which case
> obviously it would be good to have the other way around.
>
> I would really love to see an option for this, it's been
> asked for before,
> unless there is a serious security implication or it already exists!
>
> Regards,
>
> David Hooton
>
>
> ==============================================================
> ==========
> Pain free spam & virus protection by:
www.mailsecurity.net.au
Forward undetected SPAM to: spam at mailsecurity.net.au
========================================================================
More information about the MailScanner
mailing list