Logwatch being marked as virus

Alex Neuman van der Hans alex at rtpty.com
Mon Aug 17 21:21:42 IST 2009

This can be dangerous.

If the host itself has a webmail service, or an exploitable form, the  
server won't scan messages sent from the compromised system.

Perhaps a two-factor system, like From: and  
From:mailwatch at myserver or somesuch, would be better, don't you think?

On Aug 17, 2009, at 3:11 PM, Jules Field wrote:

> A sender can set the sender address to anything they like, it has no  
> effect on the delivery of the message.
> So don't do this, do it by IP address, such as
> From: no
> so you don't scan mail originating from the localhost itself.

More information about the MailScanner mailing list