Mike,
> I've run into a problem lately. I have a ton of spam
coming in that is
> being scored quite highly and properly, but they tried
to hide their spam
> message inside a zip file. It's not actually a virus,
so the zip doesn't
> get hit by ClamAV. The problem is that Banned status
seems to be higher
> priority than Spam, and we generate a warning message
to a user if they
> get a banned file (whereas spam is quarantined with no
message and Viruses
> are just discarded with no notification).
Indeed, banned has a higher priority than spam.
> So, this stuff is all getting blocked but the zip files
within are
> generating a ton of banned file notifications to my
users. Is there any
> easy way to solve this? I notice that the Spam score is
still calculated
> even for Banned notifications - perhaps there could be
a threshold where
> if a message with a Banned file type has a certain Spam
score it will
> discard it and not send a notification?
The spam score is only available if it is cached from some
previous
check of a message with the same contents, or in case of
multi-recipient
mail where some recipients are set to bypass banned checks.
If there is
no other need for spam checking and a message contains a
banned contents,
then spam checking is skipped.
I dont't see any obvious solution, except to (temporarily?)
disable
banned recipient notifications, of lift a ban on zip and let
spam checks
take over.
Mark
------------------------------------------------------------
-------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
AMaViS-user mailing list
AMaViS-user lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amav
is.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/ho
wto/
|
