Skip scan for viruses
prandal at HEREFORDSHIRE.GOV.UK
Fri Jan 30 11:28:59 GMT 2004
Overstressed administrator, which, I'm sure most on this list would be
How the heck would the admin know the email has a virus, when Mailscanner
pretends it hasn't?
Look at my earlier mails to this list - viruses picked up by ClamAV 5 to 6
hours before the desktops have new patterns from the corporate AV vendor.
That's a huge windo for error and accidental damage.
I stand by what I said, it's an accident waiting to happen.
> -----Original Message-----
> From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK]On
> Behalf Of David H.
> Sent: 30 January 2004 11:20
> To: MAILSCANNER at JISCMAIL.AC.UK
> Subject: Re: Skip scan for viruses
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: RIPEMD160
> Randal, Phil wrote:
> > No, spam can't directly compromise your PC, viruses can.
> > As it stands it is a gaping security hole in MailScanner.
> > Hypothethical example: User phones, and says "your
> flipping anti-spam gizmo
> > has blocked an email which isn't spam, can you release
> it?". You look at
> > the logs, see that Mailscanner doesn't think it's a virus
> and release it
> > from quarantine. BOOM!
> Actually I would call that a perfect case of "idiot operator".
> a) _never_ trust a sofware solution completely
> b) Since it is known that a possible Virus _could_ be
> quarantined, scan
> it before you release it
> c) IN a Company environment , Mailscanner yes or no, each computer
> should run on-Demand Virus scanning.
> But then again, that is my personal opinion
> - -d
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.3 (Darwin)
> -----END PGP SIGNATURE-----
More information about the MailScanner