Discard virus infected messages
Denis Beauchemin
Denis.Beauchemin at USherbrooke.ca
Fri Sep 28 16:17:30 IST 2007
Martin Strand a écrit :
> I want to discard virus infected messages but am not sure how to do
> that. I tried "Deliver Disinfected Files = no" but MS still disinfects
> and delivers with that inline report. What I'm after is something like
> "Virus Actions = delete". Help?
>
> Thanks,
> Martin
Martin,
I think you are looking for:
# Still deliver (after cleaning) messages that contained viruses listed
# in the above option ("Silent Viruses") to the recipient?
# Setting this to "yes" is good when you are testing everything, and
# because it shows management that MailScanner is protecting them,
# but it is bad because they have to filter/delete all the incoming virus
# warnings.
#
# Note: Once you have deployed this into "production" use, you should set
# Note: this option to "no" so you don't bombard thousands of people with
# Note: useless messages they don't want!
#
# This can also be the filename of a ruleset.
Still Deliver Silent Viruses = %rules-dir%/virus.to.quarantine.rules
[bead2306 at smtpe3 st_localbin]$ cat
/etc/MailScanner/rules/virus.to.quarantine.rules
Virus: BackDoor- no
Virus: Email.Hdr no
Virus: Email.Loan no
Virus: Email.Malware no
Virus: Email.Phishing no
Virus: Email.ScamL no
Virus: Email.Spam no
Virus: Email.Webaccount no
Virus: Email.FreeGame no
Virus: Exploit.HTML.IFrame no
Virus: fragmented no
Virus: Generic.Peed no
Virus: HTML.Malware no
Virus: HTML.Phishing no
Virus: Html.ScamL no
Virus: MSRBL-Images no
Virus: MSRBL-SPAM no
Virus: Phish-BankFraud no
Virus: Sanesecurity no
Virus: Trojan no
Virus: W32/ no
Virus: Win32 no
Virus: Worm no
Virus: default yes
Denis
--
_
°v° Denis Beauchemin, analyste
/(_)\ Université de Sherbrooke, S.T.I.
^ ^ T: 819.821.8000x62252 F: 819.821.8045
More information about the MailScanner
mailing list