Thoughts about finding viruses in email inboxes

[David M. Karr]

Ok, I can see that there's one detail that I didn't specifically say 
here.  I thought it was obvious, so I didn't mention it. I think it 
wasn't obvious to some of you.

I'm not having trouble with clamav telling me what FILE a virus is in.  
The report is clear on that.  The problem is that the IMAP INBOX file is 
a formatted file containing many email messages.  What I'm looking for 
is some sort of ability to introspect into the mailbox format in the 
clamav report so that I can tell which email message contains the 
virus.  I certainly am not going to run clamav in "auto-remove" mode, as 
it would remove my entire inbox.

David M. Karr wrote:
> If I have clamav running an automated scan each night, and it finds a 
> virus in my IMAP inbox, what good does that do me?  I have 156 
> messages in my Inbox currently, and no way to know which one has the 
> virus (although it's pretty likely it was one of the messages I've 
> received in the last 24 hours).  It seems like it would be useful for 
> clamav to have some sort of integration/knowledge with the mail 
> system, so it can provide better information about which email message 
> has a virus.  Is there any practical way to do this?  Has this ever 
> been considered?