At 14:10 09/07/2004, Valdis(_dot_)Kletnieks(_at_)vt(_dot_)edu wrote:
*MY* thinking is in line with yours - if the lack of MIME is that broken,
the virus scanner shouldn't bother. However, there's 2 points to remember:
1) the MUA may be silly enough to attempt message reassembly, or auto-parse
by default) - remember we live in a world where "helpful" MUAs will find
executable code *inside a .JPG* and run it for you...
Yes, that's my concern.
(The thing that brought this issue up was that the virus scanning function
in our MTA isn't currently detecting a virus in the email, but the same
virus scanning engine with its 'scan inside mailbox' option enabled IS
detecting a virus in the mail file. So, obviously we're getting complaints
that our MTA scanner isn't working.)
I've thought about it and I really can't see any sensible way to actually
scan the message.. It looks as if the virus scanning engine is just looking
for the text 'Content-Transfer-Encoding:' anywhere in the message text and
is trying to decode the following text accordingly. This seems decidedly
dodgy to me.
Paul VPOP3 - Internet Email Server/Gateway