AVG Antivirus scanner problem

[Steve Freegard]

[Resent from different account as my original didn't seem to make the 
list last nigh...]

Hi Rick,

Rick Cooper wrote:
> That brings me to a question I was going to ask next week. How about 
> standardizing the virus found log messages? I look through the MailWatch 
> code and every time something is added to MailScanner they would have to 
> re-write the section that handles logging the virus and filename regex. 
> If there was a standard logout put such as
>     Scanner::ScannerName VIRUS_NAME Found  In FILE_NAME
> then MailWatch (and other utlities) could easily parse the scanner, the 
> virus name and the file.
>  

You raise a really good point here.

I've recently made a start on the virus reporting for MailWatch 2.0 and
the 'auto' functionality has now made this much harder for MailWatch to
accurately report statistics per virus scanner, having consistent
reports would therefore make this far easier.  In the next released
version of MailWatch - I wanted to avoid having to have regexps for the
virus scanners and this would solve the problem for me.

I would actually have liked to have taken this a step further and have
an attachments structure as part of the Message object that records each
attachment found by MailScanner on every message containing the name,
filetype, and if any viruses found within it etc.

If the above were done, and the filetype command was modifed to use
'file -i' instead of plain 'file', then MailWatch 2.0 would be able to
report on attachments by MIME type also.

Cheers,
Steve.