Hi,
Before I consider
this feature further, let me doublecheck.
If a mail fails the
vulnerability check AND a virus check, but has an EML template with
"ONLYSENDIFVIRUSNAMEHAS" - will the notification be sent or not?
Example:
12/11/2003 15:40:24 Qd6020076008c5842 Outlook 'MIME
Header' Vulnerability: type=audio/x-midi, name=hbxxo.exe.
12/11/2003 15:40:27 Qd6020076008c5842 Scanner 1: Virus= application Exploit-MIME.gen.c. Attachment=[HTML segment] [13] I
12/11/2003 15:40:27 Qd6020076008c5842 File(s) are INFECTED [ application Exploit-MIME.gen.c.: 13]
12/11/2003 15:40:28 Qd6020076008c5842 Scanned: CONTAINS A VIRUS [MIME: 2 106767]
12/11/2003 15:40:27 Qd6020076008c5842 Scanner 1: Virus= application Exploit-MIME.gen.c. Attachment=[HTML segment] [13] I
12/11/2003 15:40:27 Qd6020076008c5842 File(s) are INFECTED [ application Exploit-MIME.gen.c.: 13]
12/11/2003 15:40:28 Qd6020076008c5842 Scanned: CONTAINS A VIRUS [MIME: 2 106767]
If I have a
"SKIPIFVIRUSNAMEHAS" for the sender.eml but a
"ONLYSENDIFVIRUSNAMEHAS" for a
vulnerability.sender.eml,
Will the above
scenario send 1 email (the vulnerability.sender.eml) or 0 emails (because
the "infection" by a virus overrides the vulnerabilty
status)?
Best
Regards
Andy Schmidt
Phone: +1 201 934-3414 x20
(Business)
Fax: +1 201 934-9206
