[EMAIL PROTECTED] wrote on 09/20/2004 01:40:50 PM: > On Mon, 20 Sep 2004, Paul Boven wrote: > > > The way I see it, there are these possible actions upon detecting a virus: > > 1.) action_discard: *poof*, the virus vanishes without a trace.
> That's my preferred action. What about rejecting with a permanent error? I have been very satisfied with ClamAV, but I've seen enough false positives to not completely trust them. If it's a real message from a real server, I'd rather the sender get a failure. > > 2.) action_notify_sender, which I really wouldn't use unless I am sure > > that the virus in question doesn't forge the From: header > That's truly evil. All modern viruses forge the From address. And how do we get mail admins to turn this off? Maybe we need a BVNRBL (Bogus Virus Notification RBL) <G> _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
