> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Jeremy > Kitchen > Sent: Friday, December 03, 2004 11:51 AM > To: ClamAV users ML > Subject: Re: [Clamav-users] RE: Re: This is how I use ClamAV > > > On Friday 03 December 2004 09:44 am, Kiril Todorov wrote: > > Ian Lewis wrote: > > > That is very interesting information Samuel. I shall be interested to > > > compare it to my own data. > > > > > > We quarantine our emails just in case there are any which are > genuine but > > > holding viruses. Not very likely but you never know. > > > > > > Do I understand from what you say that having identified 4 million > > > viruses you reject them and they go 'back' to the often > spoofed sender, > > > still capable of causing trouble? > > > > I belive he meant rejected at SMTP level with a permanent error code > > (5.x.x) > > in which case, the only way they would go to an innocent third > party is if > they were relayed through another smtp server, and that's Somebody Else's > Problem, because if that other smtp server had rejected the virus in the > first place, you wouldn't have had to reject the message yourself. > > Any legit emails that get rejected because of infections (false > positive or > not) should go back to the original sender without any problems. >
That's just what I meant =) I don't like the idea of adding to quarantine 300K viruses daily 'just in case' and then use the helpdesk to help people recover their messages. -Samuel _______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
