> Some of nondetections are due to non-standard format of bounces, so new > features are continuously added; some are because of various > non-standard, proprietary formats used by various MTAs. There are also > misconfigurations in submitters' systems. > I cannot stress it too much: > > IT'S NOT A DATABASE PROBLEM! > > It would be good if submitters try to scan a "real" file (not a mail > message, but an extracted attachment) before submitting a sample. > Such extraction can be done with utilities like mimedecode, mimencode, > uudeview, ripmime, reformime etc.
I think you should write it on the web interface and even automaticly reject with an e-mail notification each e-mail file. I admit I've send few day ago a Dumaru.Y infected message because I didn't know how to deal with the problem (manualy extracted attachement was detected but clam (the web site, http://www.gietl.com/test-clamav/, provided on this page had the same problem) wasn't able to detect the infected e-mail). I think that most of peoples just don't know that this kind of problem should not be repported there. Regards -- ================== Cedric Foll Ingénieur sécurité & réseaux, Rectorat de Rouen mèl: [EMAIL PROTECTED] tèl: 02 35 14 77 51 "L'orgueil a plus de part que la bonté aux remontrances que nous faisons à ceux qui commettent des fautes; et nous ne les reprenons pas tant pour les en corriger que pour leur persuader que nous en sommes exempts." La rochefoucauld ===================
signature.asc
Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=
