On Sunday 14 November 2004 9:17 am, Julian Mehnle wrote: > John Jolet [EMAIL PROTECTED] wrote: > > On the issue of manually reviewing the mails to submit....isn't this the > > purpose of the quarantine directory? When it detects a phishing > > malware, look at the file in the quarantine directory. > > I also don't believe in quarantine directories, which have to be checked > by admins or users anyway after all. If I accepted messages and then > filtered them into a quarantine directory, false positives would get lost > without the sender being notified. Instead I outright reject unwanted > messages during the SMTP transaction, so the sender gets notified. My > users can see what messages have been rejected by skimming over a list of > recently rejected messages once or twice a week (see an example here[1]). > This practice has proven to work well for me and my users. :-) > > References: > 1. http://julian.io.link-m.de/misc/rejected-messages > > _______________________________________________ > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users I would agree with that practice, except in this day and age of spoofed addresses and zombies, that bounce is (a) unlikely to be read and (b) unlikely even to go to the right place. I would personally tend to a policy of quietly quarentining and cleaning out the directory of files > 30 days or so...
-- John Jolet Your On-Demand IT Department 512-762-0729 [EMAIL PROTECTED] www.jolet.net _______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
