Autor: Tom Kistner Data: A: Nigel Cass CC: exim-users Assumpte: Re: [Exim] New mailhub/virus/spamassassin installation.
Nigel Cass wrote:
> I have used exiscan before with reject at smtp time behaviour, but as far as
> I can see there is not an exiscan option to fail but with a generated e-mail
> message. [..]
Not exactly :)
First of all, with exiscan-acl, you can add a header like
X-Malware: this message contains W32/Klez-H
And then fail the message in a router, quoting the header content.
Secondly, if the inner relays would reject at SMTP time, the DMZ
machines will generate the bounces. If you choose the above strategy,
both the DMZ and internal machines will have to cope with bounce traffic.
And finally, you should really reject malware at SMTP time, at the very
border of your system. Sending bounces is almost useless, since most
sender addresses are randomly chosen from victims address books. :)