What does "UNCHECKED" really mean?
Nick Tait
nick at tait.net.nz
Wed Jun 18 10:52:03 CEST 2025
On 17/06/2025 20:02, Damian wrote:
>> Messages with ambiguous content should be treated as a security risk.
>> In particular, if MIME::Parser is used in an email security tool,
>> ambiguous messages should not be delivered to end-users.
>
> Per default, Amavis delivers them, but flags them as "CC_UNCHECKED,3",
> which is a dedicated subcategory for this case.
>
Thanks Damian.
It looks like the source of my confusion was the assumption that the
addition of the header "X-Virus-Scanned: Debian amavis at tait.net.nz"
to the message meant that the message had been virus-scanned, but what
it was really saying was that it had tried to scan the message, but was
unable to parse the multi-part sections due to the extra
"Content-Transfer-Encoding" header within the section. And as a
consequence it flagged the message as being UNCHECKED.
Makes sense to me now. Thanks for your help.
Nick.
More information about the amavis-users
mailing list