On 2003-12-10, 02:13:27 (+0100), Romek Zylla wrote:
> It seems that Sanitizer mangles file attachments when fp-linux-fs
> expires - f-prot gives unknown error and eventually sanitizer
> not knowing what to do delivers files with mangled names.
> For example first.rtf is mangled to first_rtf.something which
> cannot be clicked in Eudora or any mail reader.
This is normal behavior.
If the virus scanner crashes for some reason, then all the Sanitizer
can assume about the security of said attachment is that it crashes
virus scanners - which implies a security risk and should be treated
conservatively.
I recommend you fix your virus scanner installation, instead of
changing the behavior of the Sanitizer.
However, if that is what you want, then this behavior can be changed
by modifying the sanitizer configuration. Basically, you change the
virus-scanner's policy line to do something other than "mangle" or
"defang" when it receives unknown exit codes. This is done by
creating (or adding to) a sanitizer config file a line which sets
the policy for the virus-scannign rule to something like this:
file_list_1_policy = unknown:warn:drop:unknown
The last policy, "unknown" here is probably set to "defang" on your
installation. The policies separted by ':' characters apply, from
left to right, to "clean", "disinfected", "infected" and
"unknown/error" results from the virus scanner.
-- Bjarni Rúnar Einarsson 105354@xyz.molar.is http://bre.klaki.net/PGP: 02764305, B7A3AB89