F-prot update
Peter Bonivart
peter at UCGBOOK.COM
Sat Mar 6 13:28:35 GMT 2004
Dan Hollis wrote:
> On Sat, 6 Mar 2004, Peter Bonivart wrote:
>
>>Mail systems should keep mail flowing. Stopping to try to crack
>>passwords would impair mail flow a lot.
>
> More than say, the heuristics and checks done by virus scanners on files?
> Or calls to spamassassin?
Yes, of course because there's no telling when/if it finishes.
>>MailScanner shouldn't keep trying hard with anything that is meant to
>>obstruct mail flow, it should just make quick decisions whether it's
>>good or bad mail and get on with it.
>
> Is a callout to a virus scanner and/or spamassassin "quick decision"
> compared to trying 1 or 2 passwords on an encrypted zipfile?
1 or 2? People have already explained to you just a few of the
variations that easily could be deployed. If you think that parsing for
"Password: 12345" is enough you're really naive.
> I really think you overstate the case of testing passwords on encrypted
> zipfiles.
I think you don't understand the basic concept of modularized design
where each part does one task really well. As I suggested earlier, you
can add the functionality you want, but it's not the job of MS. You just
want it to be because it's convenient for you and you have no clue
implementing a solution yourself.
I'm out of this now.
--
/Peter Bonivart
--Unix lovers do it in the Sun
Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14,
SpamAssassin 2.63 + DCC 1.2.30, ClamAV 0.67 + GMP 4.1.2
More information about the MailScanner
mailing list