Hi All, I have attached a patch for qmail-scanner-1.12 that created another option to the configuration process that allows you to specify a list of virus keywords that will not be reported on when using the --notify sender option.
Let me explain with an example: My mail servers are currently detecting 30,000 virii a day of which 28,500 are the Klez virus. So I have had to turn off sender notification because the Klez virus does not have the valid sender email address. Now this leaves me in a dilemma because the other virus infected emails are deleted without the user knowing what happened. So I needed to have QS only send a notification to the sender for virus' I wanted. Now specifying a list of all the virus names that you want to report on is just not going to happen and would be a real pain to keep up-to-date, so the --virus-list option takes a comma separated list of 'virus keywords' that NOT to be reported on. The keywords are checked against the detected virus and is a _case insensitive_ substring check. So, for my mail server to not send notifications to the sender for all Klez and Hybrid worms I configure QS with the following option: --virus-list "klez,hybrid" This then will match WORM_KLEZ.E, WORM_KLEZ.H, and WORM_HYBRIS.M and no notification will be sent out for these detections. Does this make sense? Let me know if you find this useful? I will also be implementing the same check for sending notifications to the recipient soon. -- Greg
qmail-scanner-1.12-virus-list.patch.gz
Description: GNU Zip compressed data
