[prev in list] [next in list] [prev in thread] [next in thread] 

List:       clamav-users
Subject:    Re: [Clamav-users] clamscan delete the entire mailbox
From:       Richard Feldmann <rhun () oaksage ! dyndns ! org>
Date:       2006-02-23 19:39:13
Message-ID: 20060223193913.GA7719 () uller
[Download RAW message or body]

[Attachment #2 (multipart/signed)]


John Jolet spake thusly on Thu, Feb 23, 2006 at 01:02:32PM -0600:
> 
> On 2/23/06 12:56 PM, "Jason Haar" <Jason.Haar@trimble.co.nz> wrote:
> 
> > Richard Feldmann wrote:
> > > 
> > > It might be best to find a scanning system that checks at the smtp level,
> > > rather than scanning the mailbox of the user manually. This would delete the
> > > virus as it's being transferred while preserving the message, and you
> > > wouldn't have the same issue of having the entire mailbox being deleted.
> > > 
> > That's not standard practice. Most sites not only scan as mail comes in
> > via SMTP, but they also scan *nightly* the end mailstores to pick up
> > viruses missed at the SMTP level (e.g. Day-Zero viruses)
> > 
> > Just because a message got delivered doesn't mean it doesn't have a virus...
> You scan at smtp, you scan nightly at the mailstore, and you scan at the
> desktop...preferably with different brand scanners.  That avoids exposure
> during the "day-zero" window.
> 
> 
> _______________________________________________
> http://lurker.clamav.net/list/clamav-users.html

--- end quoted text ---

I agree that there must be a multi-layered approach to security. I was just \
suggesting an immediate fix for the problem of losing entire mboxs. Me, I use \
maildir. :)

-- 
Did this email or post help you? If so, please rate
me at affero: http://rate.affero.net/RhunDraco


[Attachment #5 (application/pgp-signature)]

_______________________________________________
http://lurker.clamav.net/list/clamav-users.html


[prev in list] [next in list] [prev in thread] [next in thread]