Steffen Heil wrote: > I cannot prevent such things. I have no way to tell my customers: "you > may not send each other executables or html-files with frames." They > would go somewhere else immediately.
Just shifted the reply to this thread, Steffen. The iframe exploit, you are already discriminating against, as it is in the Clam database as: Exploit.IFrame.Gen I never meant to imply that you use draconian methods on any broad areas of email communication, but as you can see from the above, there are specific portions of a laden email which can only point to one designated purpose. I disagree, however, with ISP's or companies who use lax restrictions on email content, just to keep customers or staff happy. At the end of the day, maintaining a proper, healthy, and most of all, sociable system takes precedence over peoples whims. It is the same in any business. You do your best to meet your customers needs, but you never allow customers to dictate poor practice. If you generalise areas, then you are theoretically arguing against AV interception altogether. The 'html-files with frames' bit above is generalising. A specific combination is what you protect against, not a general range. > For the same reason, excessive header line lengths need to work. Long header lines are fine, but when they are above the maximum laid down in the RFC's? Why should someone send an email which violates the specs, and expect for it to be accepted without further ado? With regards to greylisting and SAV, and other such components, they are purely a business or preference decision. They do work, but at an offset cost. They are an extra line of defence, they are not compulsory. All the best, Matt ------------------------------------------------------- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
