The firewall provides a simple mechanism which can be used for scanning for viruses transmitted by e-mail. Such viruses usually have well-known subject lines, and it is this which is used by the firewall to attempt their identification.
The postmail mail delivery daemon, which delivers POP mail as well as invoking sendmail for SMTP mail delivery, reads a file named /usr/local/custom/subject_filters upon startup. This file can contain any number of entries, each of which consists of two fields separated by a colon. The first field is a description, while the second is a regular expression which is used to match subject lines. A mail message whose subject line matches an entry in the file will be rejected, and notification will be sent to the postmaster about this, with the description given as the reason. For example, an entry which can be used for filtering the Melissa virus is:
Melissa virus:Important Message From .*
As of release 4.1, there is support for much more comprehensive virus scanning of e-mail messages using Sophos PLC's anti-virus software. If you are concerned about viruses in e-mail messages, it is recommended that you use this approach instead. More information can be found in Section 4.5.2.