> Terry, if you could explain the demime thing, that would be appreciated.
I'm sorry - I've been tied up all day working on name server issues. The application I referenced earlier was an xmail mail server. Declude is not available for it so I wrote my own program that is called by xmail for messages. My program does something similar to what declude does but not nearly as well. Giving a message to either NAI or ClavAV is inconsequential because both of those programs will not dismantle the message into its mime parts (demime). As I said Fprot actually does a certain amount of demime itself. I don't know how declude accomplishes this but I know declude does something to make NAI and others scan the pieces of the message. In my case I use an external program (munpack I think it is). My program creates a temporary directory and then calls munpack with that directory and message path. munpack then takes the message and splits into the various mime segments. For instance there might be a text segment, an html segment, and a zip file attachment. It is quite common to have 4 or more files. Then my program next calls fprot, nai, and clamav in turn for that directory. Each of those programs scan all the files in the temp folder and create a report file. My program extracts the virus name from the report files if an infection is indicated, logs it, quarantines the message, and tells the mail server to delete the message (if infected). Finally my program does some spam checking including a call to the sniffer engine. I don't do a lot of stuff that declude does however. As for the daemon issue I'm going to look a that and see if I can figure some way to keep the thing loaded - just no time today. Terry Fritts --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". The archives can be found at http://www.mail-archive.com.
