[Avcheck] inclusion / exclusion of envelope recipients

[Michael Tokarev]

Luke Dudney wrote:
> 
> I have not played with avcheck a great deal beyond testing and customizing
> the infected script.
> I am wondering if there is an easy way to give avcheck a list of recipient
> email addresses to scan and to simply pass all other addresses without
> scanning.

I don't know if this is acceptable from *policy* point of view (technically
this isn't a problem at all).  The solution was once proposed on this list,
here is is again, very simple.

Allow avcheck to scan *all* mails.  It's *technically* ok to do this,
especially if most of your users will "subscribe" to this virusscanning
service.  Next, in infected handler (it will be called very infrequently),
log a line to syslog, check sender/recipients, and send original mail to
non-subscribers and/or virus notifications to subscribers.  Handle
non-subscribers first and ignore errors sending notifications to subscribers,
so that non-subscribers will not receive several copies in case of some
failure.  That's all.  This way, you will have logs "for free" -- to be
able to convince non-subscribers to subscribe to this service for example...

You can choose to check all outgoing (locally-originated) mails -- "we
don't want to send your viruses to other parties, even if you don't
subscribed to this service".

But as I said, I don't know if this will be acceptable from the "political"
point of view.

Regards,
 Michael.