IMP and virus checking
Mike Coughlan
mcoughlan@gothambroadband.com
Wed, 2 Jan 2002 16:24:55 -0500
i know my opinion was not asked but...
my 2 cents is that virus checking needs constant updating, so you might need
to revisit this often even if you did make this dealine
we have been very very happy with procmail and this script:
http://www.impsec.org/email-tools/procmail-security.html
note that it is very robust - defanging javascript, webbugs, malicious word
macros, anything that could compromise privacy or do damage. i will also
testify that only a regex guru can touch it, and that some have found it
annoying that html mail is defanged, but so far it has caught every virus
sent via mail.
i don't know much on your planned contribution, but i do think that:
1) A stale or half-implemented virus scanner can do more harm than good
2) SAs should be encouraged to scan for virus on the mail server to warn the
sender immediately
3) Centralizing your mail scans can make it easier for users
ps - we get email updates from the site above when new virus code is
necessary to install
Thanks for listening
> I wanted to write a virus checking hook and thought this could be
> interresting
> for others.