--On Wednesday, February 11, 2004 18:42:10 +0000 Calum Mackay <calum.mackay@???> wrote:
>> ...
>
> I note that the current exiscan docs have as an example:
>
> deny message = This message contains malware ($malware_name)
> demime = *
> malware = *
>
> which will of course cause a virus warning bounce back to the forged
> sender. Since many of us use exiscan, and are likely to follow its
> documentation, perhaps someone should ask Duncan to discuss this issue
> further in the docs?
No, this doesn't bounce the message, it blocks it at SMTP time with
an appropriate error code. That is -exactly- the right thing to do.
It is not trusting any header, or even the envelope contents; just
notifying the agent that is actually attempting to send the message.
(And if that agent is another MTA that didn't recognize the virus
and -does- generate a bounce, that's their problem, not yours.)
-Pat
