Re: [Exim] Re: Limit on message size for filtering?

トップ ページ
このメッセージを削除
このメッセージに返信
著者: Tim Jackson
日付:  
To: exim-users
題目: Re: [Exim] Re: Limit on message size for filtering?
Hi Karl, on 16 Dec 2003 13:57:54 +0100 you wrote:

[drop/bounce viruses]
> The consensus here seems to be to drop them, so I will change it.


Thanks.

> The cons of dropping them are mostly theoretical (not 'polite' to delete
> stuff with no notice) but in practice, I guess it's much better.


It's not "better", because as you say, you end up making your mail system
unreliable (if there is a false positive, nobody will know). However,
given the choice between "drop" or "bounce", "drop" is definitely the
right choice here.

> As people have assumed the reason why I use Exim 3 is that I'm using
> Debian


You do know you can already get Debian packages of Exim 4 from a number of
sources? (I don't use them myself, but this discussion has been had a
number of times...whilst I sympathise with wanting to stick with the
distribution-based packages for support etc., it doesn't seem to me to be
a huge deal to upgrade one specific service when there are well-supported
packages out there that will insert cleanly into the running system.
Obviously, that's your choice, but you're missing out on a lot of
features/support for Exim 4 in the meantime.)

> In what way can this type of messages be handled more properly in Exim
> 4?


By scanning (and rejecting, if a virus/spam/etc.) at SMTP time, using
Exiscan-ACL ( http://duncanthrax.net/exiscan/ ) and/or SA-Exim (
http://marc.merlins.org/linux/exim/sa.html ) for spam scanning. Also,
Exiscan is more reliable as it does "real" MIME parsing: be aware that the
system_filter you are using is very basic and will not catch certain mails
that have "banned" extensions in attachments.

Even if you're not going to upgrade to Exim 4 just yet, you might be
interested to read my (hopefully) fairly simple guide/HOWTO on doing
spam/virus scanning here:

http://www.timj.co.uk/linux/exim.php


Tim