[EMAIL PROTECTED] wrote on 03/30/2005 11:14:46 AM: > I wish i had that as an option, but since it could be a word > document etc(that may be needed), it's not a choice.
Do you know of any virii that send a valid word document in addition to the malicious program? If the infection is in the document(macro virus), then what you propose dwould strip it and store only the rest of the email, possibly some text. Are you willing to release the infected document to the end user from the quarantine? I sure as heck wouldn't! If you reject a virus infected document that was legitimately sent by a real person through a real mail server, then it will get bounced back to them. At least they'll get it back assuming that their mail server doesn't puke on the delivery failure due to virus scanning on the path back to the user. But it that's the case, it probably should have caught it on the way out! The responsibility is on the sender to get their act together and clean up their machine rather than spew infections at everyone else. In over a year of running CanIt Pro rejecting unsafe extensions (executables) and virii, I've only had two calls about it. One person thought they were sending a M$ Word document, but the extension was actually .URL. The second was something similar - "System operating as designed." We're up to filtering for 38 domains and around 28,000 mailboxes and about 1.9 million message/month. I'd consider that a low incidence of problems for rejecting unsafe email, and no complaints for rejecting infected email. _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
