Re: [Exim] Re: Exiscan and Clam AntiVirus

Góra strony
Delete this message
Reply to this message
Autor: Tom Kistner
Data:  
Dla: Dickenson, Steven
CC: 'exim-users@exim.org'
Temat: Re: [Exim] Re: Exiscan and Clam AntiVirus
Dickenson, Steven wrote:

> I'm still unclear on this. If we're not using the new MIME ACL's, is
> Scanmail safe to turn off? Your last post seemed to indicate that the
> demime facility does unpack UUENCODED and TNEF attachments, but that the new
> MIME ACL does not. Is this correct?


Yes. In -16, you can either use the "classic" demime facility, which
will try to unpack UUENCODE and TNEF, or use the MIME ACL, which can
only handle standard MIME encodings.

The MIME ACL is much more flexible. You can match filenames (or parts
thereof), MIME content types, decoded part content or charsets. You can
distinguish between multiparts/singleparts or RFC822-attached messages
(like bounces) and much more...

I will keep the old "demime" code in the patch for backward
compatability reasons.

If you use clamd, I recommend to keep "demime" in your config. If you
use a commercial scanner, you can leave it out. They'll happily handle
the MBOX formatted mail (.eml) provided by exiscan, including TNEF and
UUENCODE. And since their decoding routines are written to mimic MS
client behaviour, they'll be better suited for the task than my demime
code is.

regards,

/tom