> On Thu, 14 Nov 2002 10:30:30 -0500 CertaintyTech > <[EMAIL PROTECTED]> wrote: > > > -r Rewrite message, adding or standardizing RFC 2045 MIME > > headers. > > > > I just ran it on the W32/Bride message and it strips out the virus > > because it is not standard MIME and the message that gets thru is no > > longer dangerous. I also tried it on a normal message and > it does not > > appear to alter it. Possible Q-S could run the message thru > "reformime > > -r" before attempting to unpack attachments? That way if > the message > > has broken MIME this will correct it before the "reformime > -x" is run on > > the message. Does this make sense? Maybe run "reformime -r < > > $scandir/$wmaildir/new/$file_id | reformime -x" Not sure > what the exact > > commandline would be. Any input from others? > > How can qmail scanner find a virus, if, as you say, reformime > -r strips > out it? > > Regards, > Nerijus
True. I realized that after I sent the message. I guess what I was implying was that Q-S could run all messages thru "reformime -r" first then send the output on thru the pipe as the message to be delivered. But that is real scary and means that you would have to have a lot of faith in reformime since it could potentially alter any message. Just trying to come up with ideas to solve this....Throwing more scanners on the system is not the solution since the root of the problem is the inability of reformime and therefore Q-S in not detecting an attachment that is a virus. The best long term solution is to fix Q-S... Ed. ------------------------------------------------------- This sf.net email is sponsored by: To learn the basics of securing your web site with SSL, click here to get a FREE TRIAL of a Thawte Server Certificate: http://www.gothawte.com/rd524.html _______________________________________________ Qmail-scanner-general mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
