Skip scan for viruses
Dustin Baer
dustin.baer at IHS.COM
Fri Jan 30 18:19:30 GMT 2004
"Randal, Phil" wrote:
>
> No, spam can't directly compromise your PC, viruses can.
>
> As it stands it is a gaping security hole in MailScanner.
That is a ridiculous statement.
> Hypothethical example: User phones, and says "your flipping anti-spam gizmo
> has blocked an email which isn't spam, can you release it?". You look at
> the logs, see that Mailscanner doesn't think it's a virus and release it
> from quarantine. BOOM!
>
> Phil
Then the admin who released it is at fault. I release spam everyday,
but put it back through MailScanner, AFTER adding a specific header
(X-SpamRequested-Email) that will subract 100 points from SpamAssassin.
The -100 score was added 1.5 years ago, when I did release infected
message into mqueue. I sure as hell didn't blame MailScanner, or Julian
for my stupidity. Luckily, Norton caught it on our Lotus Notes server,
before any problems were caused.
It is not a gaping security hole in MailScanner, but it is a gaping
security hole for an admin to send an email on without scanning it for
viruses.
It really doesn't matter if a file is stopped because of spam first, as
long as you are smart enough to know to check it for viruses, before
giving it to an end user.
Dustin
--
Dustin Baer
Unix Administrator/Postmaster
Information Handling Services
15 Inverness Way East
Englewood, CO 80112
303-397-2836
More information about the MailScanner
mailing list