Let me try to explain that. I believe (until we see proof from a -raw- email to indicate otherwise as requested by Jason) that the message you received was indeed a PLAIN text message and I strongly -suspect- that Norton is doing "more" than perhaps it should by un-encoding the base64 content within that message body, quarantining what it found, altering the message, etc...
trying to clarify a bit more by what I mean by Norton doing more that it should:
_IF_ the (my?) assumption about all this is correct-
These types* of messages we're discussing would normally (e.g. without- the interference of Norton AV) have their base64 encoded contents displayed by MUA as plain text and thus present no (attachement) danger to the recipient.
So...the fact that Norton AV (and I've heard reports of Trend doing same?) is extracting and quarantining a file that would -normally- not be "seen" (or acted on), could actually makes things -worse- for the user by making the bad file -available-
"gee, something got quarantined...let's check it out...cool! a screen saver!" - Tell me users haven't done sillier things than that?
As I said in earlier post, a test with Eudora 5.2.1 and Grisoft AVG v6 presented no way for the user to "get to" the virus. I've not tested or heard about other MUA/AV combos.
* = bounced mail message where the original virus-infected mail is simply appended to the message (i.e. not an attachment)
------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ Qmail-scanner-general mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
