[Dev] Re: Dev Digest, Vol 16, Issue 13
Piero Giuseppe Goletto
piero.goletto at tin.it
Thu Jan 20 13:11:56 PST 2005
>
>
>Heikki Toivonen <heikki at osafoundation.org> wrote
>
>
>As the recent incident with CVS and antivirus software showed, we should
>have a plan/answer for the case where Chandler stores data containing
>viruses or other malware into the repository. The issue is that if
>malware removal tool notices them, and destroys files containing the
>offending parts, Chandler must be able to recover gracefully from the
>situation.
>
>
Should we have sort of an antispam module linked to Chandler?
You might want a *white list* and a *black list*. While the former would
be explicitly created by the user (If I want dev at osafoundation.org and
heikki at osafoundation org to be in the white list I must enter them in
it), the latter would be created by using both a black list of known
spammers' addresses, a black list of virus signatures and a filter (look
at bogofilter.sourceforge.net, for instance, it is the Bayesian filter
used by Novell Evolution for instance)
My idea is:
Chandler receives a message M via pop3/imap
Chandler stores the message M in a temporary area T
Chandler checks the message M against the Virus Signature List V
If the Message M *contains* a Virus Signature, then
Chandler deletes the message
Chandler stores, in the message Inbox, an error message
end if
If the Message M *does not contain* a Virus Signature, then
Chandler checks the from: address against the White
List
if From: address of the Message M is into the
White List then
Chandler stores the message in the Inbox
else
Chandler checks the message agains the black
list and the spam filter
if the message is spam - postive then
Chandler marks the message as spam
end if
end if
Regards
Piero Giuseppe Goletto
More information about the Dev
mailing list