On Sun, 07 Sep 2003 08:12:38 GMT, Andreas Metzler
<eximusers@???> wrote:
> On Sat, Sep 06, 2003 at 09:17:14PM +0000, Patrick Starrenburg wrote:
>> On Sat, 06 Sep 2003 20:05:28 GMT, Philip Hazel <ph10@???>
>> wrote:
>>
>> > Exim does not bounce attachments *as attachments*. It just copies
>> > the textual form of the original message in the body of the bounce.
>>
>> Philip do you know if all mail servers work in the same way as Exim
>> in this regard?
>
> No, they don't. Afaik at least sendmail and postfix both send bounces
> as message/rfc822 attachment. - The format is properly documented in
> some rfc whose number I don't remember.
> cu andreas
Hmmm - what I suspected.
Some further background on this - a 'couple of viruses ago' when sender
addresses started being spoofed we tried to use Exiscan to block incoming
bounces containing potentially dangerous attachments but it doesn't have
that facility (yet?).
Philips proposal for "bounce_return_body" option, which I support, will
help Exim be a responsible mail server and reduce problems due to
viruses. I think it could go even further by saying that if a bounce
originating in an Exim site contained a site proscribed attachment type
(com, exe, pif etc.) then Exim silently drops the bounce message. This
obviously would not be a default option.
Also I am looking for options to protect *us* using Exim from all the
unresponsive and irresponsible mail servers and sites out there. That's
why I was suggesting the incoming rules of:
1. Incoming bounce with attachment -> strip attachment
(getting tough)
2. Incoming bounce with attachment -> reject SMTP connection
(getting really tough and this is, as we know, strictly speaking against
RFCs. But something has to happen to contain these virus induced email
broadcast storms. The signal-to-noise ratio is getting smaller every
day.)
Patrick
