On 4/13/2010 6:21 AM, Andreas Schulze wrote:
Am 13.04.2010 20:37 schrieb Noel Butler:
So, you want postfix to accept the virus, send it to dovecot's deliver which then calls a virus scanner and finds it infected and deletes it, that makes absolutely no sense ACK.
but imagine:
MTA delivers a mail where the virusscanner finds nothing. Mail gets delivered. Some time later there is a scannerupdate. Now the scanner would find a malicious content.
So I may instantly scan the complete mailstore each time a new pattern arrives or scan only each accessed mail with the latest pattern. This seems smarter to me.
With this logic, you should virus scan at every point along the chain. That is overkill for such a i/o intensive operation like virus scanning. Let the MTA scan it, and the MSA (or client's network) scan it before opening. Ken
For this scenario I would like to see a concept for datainspection/datamodification in dovecot. What about when dovecot would act as a milter client? Sounds strange but the problems are the same, why not use existing solutions ?
-- Ken Anderson Pacific Internet - http://www.pacific.net