Michael Scheidell wrote: > sanesecurity site: > refrences this archived email: > says to set bypass_decode_parts=1 in amavisd.conf > > amavisd says to set it to 0 if you are using bounce_killer or using > 'file' to guess the attachment type. > > (i have it set to 0, using bounce killer and file) > > (http://marc.info/?t=117951293700001&r=1&w=2) > > OT: bill, funny thing: I can't look up your DNS servers from our > internal network..
Well that's strange, since the domain is public hosted by EditDNS (check "whois inetmsg.com"). The other strange things is I just sent you an email off list about something else. > http://sanesecurity.com/usage.htm > > says: uncomment the #qr'^MAIL' > > @keep_decoded_original_maps = (new_RE( > qr'^MAIL$', # retain full original message for virus checking (can be > slow) > qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains > undecipherables > qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i, > # qr'^Zip archive data', # don't trust Archive::Zip > )); > > > and it looks like sane security test #2 and 3 did fail if I don't do > this in amavisd.conf: > (uncomment out the qr'^MAIL'. > > so, 'can be slow'. how slow is it? and is bill landry wrong saying I > need bypass-decode_parts=1? > is this something fixed in 2.6.2? Not required, but if you don't use "bypass-decode_parts = 1", then you will want to set "$keep_decoded_original_re = 1" so that clamd can also scan the entire message and not just all of the decoded parts separately. Bill ------------------------------------------------------------------------------ This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/