Matthew Byng-Maddick wrote:
> Wouldn't a fair bit of the virus code be outside the limit for the text of
> the bounce which exim will generate. Also, note that in the case of the
> MIME encoding, the return message will not have the relevant headers for
> auto-decoding to work.
Fair points and with return_size_limit at 100K that will probably
cover most, but kakworm, for example, was a lightweight 4116 Bytes so
I wouldn't like to count on that alone.
> > Maybe it would be better to just return the original headers so that
> > the "sender" can verify if the source was really them. You can then
> > produce your stored message as evidence on request.
>
> Personally I like to have a bit of context, especially if it's rejecting
> based on message body content.
Me too, but I think this can be handled as well, if not better, by
appropriate wording of the reject message.
Ken
--
# Ken Bailey, Computer Section, # Email: K.Bailey@??? #
# The Royal Botanic Gardens, Kew, # Tel: +44 (0)20 8332 5729 #
# Richmond, Surrey, TW9 3AE, UK # Fax: +44 (0)20 8332 5736 #
