[Avcheck] Патч для работы с drweb 4.31
Michael Tokarev
mjt at tls.msk.ru
Tue Feb 24 13:38:07 MSK 2004
Wartan Hachaturow wrote:
[]
> +#define DERR_SPAM_MESSAGE 0x00020000
> +#define DERR_ARCHIVE_LEVEL 0x00040000
Hmm... What is this?
"SPAM_MESSAGE" is understandable, drwebd has it's
own regexp-based "antispam engine". It may be a
good idea to recognize this bit in avcheck and
handle it the same way as done with infected emails -
i.e, pass it to `infected' script with appropriate
message.
But how about DERR_ARCHIVE_LEVEL? What does it mean
at all? Is it something similar to DERR_ARCHIVE_LEVEL?
That is, should this bit be treated as indicator to
reject the message, or should it be ignored?
And, reading the code, it looks like avcheck needs
another option. That is, to either ignore codes
like DERR_TOO_COMPRESSED, DERR_TOO_BIG and so on
and pass the message, or to reject such messages as
it currently does...
/mjt
More information about the Avcheck
mailing list