Notifying Recipients of Blocked Messages

Alex Neuman van der Hans alex at nkpanama.com
Thu Jun 29 04:01:03 IST 2006 

Kaplan, Andrew H. wrote:
> Sorry to keep on asking about this, but I still have the situation where the
> Administrator is getting notified when users receive viruses, but the users
> themselves are not getting the notifications. I modifed the MailScanner.conf
> file line Still Deliver Silent Viruses = no to Still Deliver Silent Viruses =
> yes and I have restarted MailScanner. What else do I need to 
> do in order for the users to get the notifications? I know most setups do not
> have this, but it is our company's policy that users do get informed. Thanks. 
>   
Perhaps you should try to change the company's policy. Most viruses fake 
the sender's address (and have done this for almost 5 years now), so 
such notifications can be considered spam (and are, depending on 
circumstances and policy). Take the following situation: someone using 
your proposed setup, someone receives 10k copies of a virus purporting 
to be from "ahkaplan at partners.org". You then get 10k notifications 
saying "OMG you sent teh virus"; maybe even with a copy of the 
attachment. I know *I* would block mail from this site until they 
changed it back to something more reasonable.

Notifying users that they received viruses is almost as bad. I, for one, 
delete viruses and rarely, if ever, notify the admin. The logs and/or 
MailWatch usually provide enough info for you to know how effective your 
setup is at blocking viruses.

Attachments labeled as "dangerous" are another thing. You may want to 
notify people when they send you unwanted attachments; I'm usually 
inclined to notify people when they send attachments that, although not 
dangerous, are against company policy (i.e., some companies don't like 
receiving powerpoint presentations, files bigger than 2mb, etc.) - so 
the sender and the receiver might want to be reminded of policy. 
Executables, however, are usually disallowed completely - people can 
choose other means like an FTP site to host the executable and the 
MD5sum, or zipping it up and using yousendit.com to send it, or whatever...

More information about the MailScanner mailing list