On Thu, Aug 21, 2003 at 02:18:40PM +0100, Hine,Chris wrote: > > * Q-S now skips virus-scanning messages that are either text/plain > > or non-MIME/uuencoded. This will speed things up a tad. > > Is it possible for a malicious email to be created that is in for > example html format with a content-type of text/plain? If so, would > a broken email client (possibly written by Microsoft) render it as > html (possibly including VB script)?
That is the point. I do have to be very careful that is done right. Basically Q-S looks through the headers for evidence of MIME attachments, and through the body for evidence of UUENCODED attachments. If it find no evidence of either, then it is classified as text-only and skips the scanners. All other e-mails are scanned. > > > * SpamAssassin now sets the spamc "username" field to the > > recipient address. This only happens if there is ONE recipient. > > Is there any disadvantage to this if you are only using site-wide > SpamAssassin settings? Currently I have commented out the relevant Nope - if you don't use any per-user configs, then that is just ignored by SA. > From the CHANGES file: > > Changed defaults so that clamav scanners are listed as the first > > scanners. > > I'm using spamassassin, sophie and clamdscan, and it listed sophie > first, even when I specified: > --scanners 'clamuko,sophie,verbose_spamassassin' > when configuring. Fixed > ---perlscanner results --- > problem 'Disallowed characters found in MIME headers' > found in message > --- > when I used to get: > > ---perlscanner results --- > problem 'Illegal MIME chars found in header' > found in message /var/spool/qmailscan/mx01.oce.co.uk106125793143818893 > --- > > It's not a major problem, but it makes it easier to check the message > manually when you can copy and paste the filename. Privacy violation: you're just giving away information about your OS,etc. I agree that there's 1/2 a dozen different ways of working all that out anyway, but we might as well be tight. As far as your "copy and paste" statement goes - that can't be right: that path is deleted by cleanup - so you can't use it directly anyway.. Thanks for you feedback! -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 ------------------------------------------------------- This SF.net email is sponsored by: VM Ware With VMware you can run multiple operating systems on a single machine. WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the same time. Free trial click here:http://www.vmware.com/wl/offer/358/0 _______________________________________________ Qmail-scanner-general mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
