On Wed, May 12, 2004 at 10:07:26AM -0400, Jesse Guardiani wrote: > Yes, let's look at my actual issue: > > 4. I am a business customer, and I rely on email to do business. I send > a word doc or a zipped binary attachment that just happens to contain > a signature that looks an awful lot like a virus to a business associate's
Huh? When does this happen? This comes back to choice of AV then. Seriously, how often does it happen? And don't say "it can so therefore we should handle it" as I don't want code showing up in Q-S that is only of use in 1 in 100000000 cases. > ISP. The remote mail server silently drops the email and because my email > looks like it contains a virus. I am NOT a customer of this remote ISP, so > they do NOT send me any kind of notification whatsoever. The email is lost > and I don't realize that it didn't reach it's destination until it is too > late. Is this the sort of thing that law suites are made of? I don't know. > Well that's why it's configurable. If you are actually concerned about law suites, you would notify ALWAYS. No other option would suffice. > CONS? Yes, there are some that you've described already. If the computer > on the other end of qmail-scanner's SMTP session is NOT equiped with a > virus scanner AND is relaying the virus for someone else then someone will > receive a very cryptic bounce message. Maybe this will happen more often > than I anticipate. So what? That remote mail server should be running AV > software anyway. At least we don't have to worry about false positives > anymore. Also, I think the sting of this can be lessened if we include a > qmail patch in the contrib directory that will allow us to return more > informative bounce messages. ... > > If your AV is blocking clean files as being viral, complain or change AV. > > I use ClamAV, and as far as I can tell it hasn't blocked any false positives. > But I watch the virus database changelogs, and false positives are submitted > all the time. The possibility is real, and if you think your particular AV > software is immune then you're not being honest with yourself. But it's not my fault if the AV is generating False Positives either. As far as "legal liability" goes - I'd say the AV company was to blame more than me of Q-S - wouldn't you? Let's drop the legalize - there be dragons there... > > I'm not suggesting that we make this change the default behavior. I'm simply > suggesting that we make it an option. Off to read the next on this thread. Don't think I'm dissing you on this. I just want this topic thrashed out. -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 ------------------------------------------------------- This SF.Net email is sponsored by: SourceForge.net Broadband Sign-up now for SourceForge Broadband and get the fastest 6.0/768 connection for only $19.95/mo for the first 3 months! http://ads.osdn.com/?ad_id=2562&alloc_id=6184&op=click _______________________________________________ Qmail-scanner-general mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
