Autor: Paul Dekkers Data: A: exim-users CC: Riemer Palstra, oxo Assumpte: Re: [exim] malware and defer_ok
Hi,
Riemer Palstra wrote:
>> 2) If I put malware = */defer_ok in my check data ACL, will that
>> accept the mail and relay it out to the world, or will it accept and
>> queue until clam is back up. The latter would be better, but I'm not
>> sure if it is possible.
>
> The first. Consider putting a second scanner in the chain if you
> *really* don't want a message to be sent out to the world without any
> type of scanning.
Can't we detect if the scanner failed or not? (I have a suspicion.)
If not; wouldn't it make sense to have a variable that indicates this?
(Something like $malware_failed or so. Something that can be used as to
add a header as a warning, try another scanner instead, ...)
With defer_ok we can't add a header at a later stage that tells if the
scan was successful... we can only be sure if there was indeed malware
detected, if malware_name is defined, right?