* Jeff Lasman <blists@???> [2004-03-02 18:51]:
> I just received a notice from a mailing list that they're unsubscribing
> me because I refused a message.
>
> They sent me back this, which allegedly comes from my mailserver:
>
> <snip>
> xxx@???
> This message has been rejected because it has
> a potentially executable attachment
> your_picture.pif
> This form of attachment has been used by
> recent viruses or other malware.
> If you meant to send this file then please
> package it up as a zip file and resend it.
> </snip>
>
> I don't have any AV system on this mailserver (yet). Could I have
> somehow configured exim to send back this message? If so, I don't
> remember doing so (though it sounds like a good idea <smile>).
The demime feature of exiscan-acl could do this.
$ grep demime /path/to/your/exim.conf
> I just sent myself an email from another account, with a .exe
> attachment, and it got delivered without any such message.
>
> So is this likely a virus itself?
Have a look at your rejectlog. Exim should log it in case
it rejected a message. Maybe this message was forged and
did not originate from your system. Do you have full body
and headers of this bounce?
Dominik
