> 
> My latest antivirus idea is to have postfix burst MIME messages, and run
> md5(1) on each attachment.  It will compare the digest to a set of known
> digests; if the attachment it known, it will be deleted.  If the message
> contains only known attachments, the message itself will be rejected.  
> 
> Is this possible?  

The spammers are already ahead of you here.  Look at the end of just
about any spam e-mail these, and see something like

	txuyuryykexjerudeezzqkgu glg zw haexz mcgu atzadyvf dsz

That is, random strings of characters inserted to defeat hashing schemes
like yours.  Back to the drawing board ...

David S.

>