Loading ...
Sorry, an error occurred while loading the content.

Re: header_checks when amavisd reinjects mail back into local smtpd

Expand Messages
  • mouss
    ... and if you do so, postfix will generate a bounce and send backscatter to an innocent. only reject during the smtp transaction. either deliver, quarantine
    Message 1 of 4 , Apr 28, 2008
    • 0 Attachment
      Jevos, Peter wrote:
      > Thank you for your answer. It's clear. But howcan I deal with email
      > called mail bomb, e.g. 42.zip or bzip2 bomb are examples of such
      > malware?
      > Amavisd cannot recognize it cause it has limited amount of space for
      > decoding. However it can tag it with string ***UNCHECKED***.
      > Here are some words from amavisd doc.:
      > When message decoding exceeds the storage quota, the decoding stops, the
      > virus scanning is not performed to protect the virus scanner, but a
      > header field is inserted, telling MTA it may place the message 'on
      > hold', or reject it, or just pass it - the action depends on MTA
      > configuration. This works well with Postfix.
      >
      > Therefore I thought that I can reject it when amavisd reinject mail back
      > into the postfix ( with header_check of string UNCHECKECD)
      >

      and if you do so, postfix will generate a bounce and send backscatter to
      an innocent.

      only reject during the smtp transaction. either deliver, quarantine or
      discard (not recommended) the message. the HOLD action will let you
      inspect the message (manually or via a script or whatever) and decide
      what to do. but once again, do not bounce.
    Your message has been successfully submitted and would be delivered to recipients shortly.