Dangerous Content Scanning inconsistancies

Julian Field MailScanner at ecs.soton.ac.uk
Mon Apr 4 18:46:49 IST 2005 

    [ The following text is in the "ISO-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

All good points. Thanks for the comments.

Alan wrote:

>Julian,
>
>1) In the MailScanner.conf comments for Dangerous Content Scanning, you
>mention that setting it to 'no' will disable all content checks except for
>"Virus Scanning, Allow Partial Messages and Allow External Message Bodies".
>Unless you do not consider the 'Phishing' test to be one of the 'Dangerous
>Content' checks, I think it should be added to the list of what is not
>disabled. I use a ruleset for both Virus scanning and Dangerous Content
>Scanning so that my customers can request to be removed from filtering.
>Today I had one of these customers report that they were still getting the
>Phishing edits done to their messages, even though they were set to a 'no'
>in the Dangerous Content Scanning ruleset. It was easily fixed by pointing
>the test for Phishing to the same ruleset, but it would have been nice to
>have known earlier via the comments that it was one of the tests that was
>not disabled in the Dangerous Content Scanning setting.
>
>2) Along these lines, I have a feature request for the two settings:
>  "Allow Partial Messages =" and "Allow External Message Bodies ="
>
>These two settings use the reverse logic of the other settings, such as
>"Dangerous Content Scanning", "Find Phishing Fraud", "Virus Scanning". Each
>of these settings referrs to testing for something bad, and if you want to
>allow one of these bad things by not looking for it, you set the config to a
>'no', typically by using a ruleset.
>
>However, "Allow Partial Messages =" and "Allow External Message Bodies ="
>refer to 'allowing' something bad rather than 'testing', so if you want to
>allow one of these bad things to happen, you have to set it to a 'yes'.
>
>My point is that I can't use a single ruleset, I have to use two, each being
>the opposite of the other. If I have a customer, say 'jdoe at acme.com' who
>does not wish to be filtered, I have to put his address in one ruleset with
>his address set to 'no' for virus, content, and phishing checks, and then
>also put him in a second ruleset with his address set to 'yes' for 'Partial
>messages' and 'external message bodies.
>
>I then have to maintain two ruleset files.
>
>If "Allow Partial Messages =" and "Allow External Message Bodies =" were
>changed to perhaps "Partial Message Scanning" and "External Message Body
>Scanning", we could then use the same logic and rulesets as we do for the
>other settings; the 'yes' would become a 'no'.
>
>------------------------ MailScanner list ------------------------
>To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
>'leave mailscanner' in the body of the email.
>Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
>the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>
>Support MailScanner development - buy the book off the website!
>
>
>

--
Julian Field
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
Professional Support Services at www.MailScanner.biz
MailScanner thanks transtec Computers for their support

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!

More information about the MailScanner mailing list