Skip scan for viruses

Dustin Baer dustin.baer at IHS.COM
Fri Jan 30 18:19:30 GMT 2004

"Randal, Phil" wrote:
> No, spam can't directly compromise your PC, viruses can.
> As it stands it is a gaping security hole in MailScanner.

That is a ridiculous statement.

> Hypothethical example:  User phones, and says "your flipping anti-spam gizmo
> has blocked an email which isn't spam, can you release it?".  You look at
> the logs, see that Mailscanner doesn't think it's a virus and release it
> from quarantine.  BOOM!
> Phil

Then the admin who released it is at fault.  I release spam everyday,
but put it back through MailScanner, AFTER adding a specific header
(X-SpamRequested-Email) that will subract 100 points from SpamAssassin.
The -100 score was added 1.5 years ago, when I did release infected
message into mqueue.  I sure as hell didn't blame MailScanner, or Julian
for my stupidity.  Luckily, Norton caught it on our Lotus Notes server,
before any problems were caused.

It is not a gaping security hole in MailScanner, but it is a gaping
security hole for an admin to send an email on without scanning it for

It really doesn't matter if a file is stopped because of spam first, as
long as you are smart enough to know to check it for viruses, before
giving it to an end user.

Dustin Baer
Unix Administrator/Postmaster
Information Handling Services
15 Inverness Way East
Englewood, CO 80112

More information about the MailScanner mailing list