-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Joseph,
@16 July 2002, 22:07 -0500 (04:07 UK time) Joseph N. [JN] in [EMAIL PROTECTED]">mid:[EMAIL PROTECTED] said to Marck D Pearlstone: MDP>> A virus in an executable parsed by an external AV is already both MDP>> loaded into and visible from the OS. Raw MIME data in a message MDP>> base folder is neither. JN> Yes, that's true. But if the attachment remains in the message body JN> under both conditions, then the difference you described does not JN> exist, right? Actually, in the case of an external AV having intercepted the infection before TB could even see it, it *won't* be in the message base, will it? It will never have reached TB. And if the detection was a false positive? How do you get the data back? As a discarded bit stream? You don't. As an internally and safely quarantined message? Easy! An attachment in a message body cannot be scanned by an external scanner. It must be scanned by either the TB AV plug-in or by an incoming mail stream scanner. This thread is about the merits of the plug-ins. To have an infected attachment sat calmly and unidentified in a folder is dangerous. IMHO a plug-in is the best way to handle virus scanning of incoming messages. - -- Cheers -- .\\arck D. Pearlstone -- List moderator SB! v1.61 on Windows 2000 5.0.2195 Service Pack 2 ' -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.1.90-nr1 (Windows 2000) iD8DBQE9M+ViOeQkq5KdzaARAnqqAJ90U3Ya7w1h4fgEg9rEpdJEcxwsFQCgm1uv /LLZNYWR3oCClzFgGEvVLhY= =yziO -----END PGP SIGNATURE----- ________________________________________________________ Current Ver: 1.61 FAQ : http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://www.ritlabs.com/bt/
