Guess what.... 4.28.4

Kevin Spicer kevins at BMRB.CO.UK
Wed Mar 3 20:33:56 GMT 2004 

On Wed, 2004-03-03 at 19:44, Julian Field wrote:
> >Just testing 4.28.4 - a great improvement!  I've only got one (small)
> >niggle.  The all-viruses keyword seems to encompass the Zip-Pasword
> >keyword, shouldn't All-Viruses only be viruses detected by scanners?
>
> Yes, but pretty much all of them are appearing as part of undetectable
> viruses at the moment. Someone else suggested including them, and it seemed
> a good idea. I might add it as an option to the Non-Forging Viruses list.
> Would that solve the problem for you?

Yes, I think it probably would.  My issue is that I have, at times,
suggested users use password protected zips for various reasons - so I
would like to use a ruleset to ensure that any local senders are
notified when they send a password protected zip.

I presume the Non-Forging list overrides the Silent Viruses list, so...
Silent Viruses = All-Viruses
Non-Forging Viruses = Zip-Password
Notify Senders of Viruses = /path/to/ruleset
.. would do what I want?#

A couple of points relating to reports I forgot to mention...
I'm seeing duplicate lines in the postmaster and sender notifications,
like this one from a copy of putty.exe zipped as putty.zip

     Report: Executable DOS/Windows programs are dangerous in email
(putty.exe)
             No programs allowed (putty.exe)
     Report: Executable DOS/Windows programs are dangerous in email
(putty.exe)
             No programs allowed (putty.exe)


The recipient notification also isn't as clear as it might be (not sure
if this is trivial or not).  It seems to imply that there were two
attachments, when in fact there was only one.

Warning: This message has had one or more attachments removed
Warning: (putty.exe, putty.zip).
Warning: Please read the "VirusWarning.txt" attachment(s) for more
information.


These are little niggles only, the core functionality is exactly what we
need.  Thank you so much.

Kevin




BMRB International
http://www.bmrb.co.uk
+44 (0)20 8566 5000
_________________________________________________________________
This message (and any attachment) is intended only for the
recipient and may contain confidential and/or privileged
material.  If you have received this in error, please contact the
sender and delete this message immediately.  Disclosure, copying
or other action taken in respect of this email or in
reliance on it is prohibited.  BMRB International Limited
accepts no liability in relation to any personal emails, or
content of any email which does not directly relate to our
business.

More information about the MailScanner mailing list