Re: [exim] two stage virus scan

Etusivu
Poista viesti
Vastaa
Lähettäjä: Kai Riasol
Päiväys:  
Vastaanottaja: Marten Lehmann
Kopio: exim-users
Aihe: Re: [exim] two stage virus scan
Hello,

can you differ the email which will be checked by the domain? If it is
so you can do it like us.
We give our mailserver two ip, one ip for domain which will be virus
check and one for no check.
And the you make in the data acl part this

       deny    message     = This message contains a virus: 
($malware_name) please scan your system.
                demime        = *
                malware       = *
                condition     = ${if !eq{$interface_address}{192.168.0.2}}


regards
kai


Marten Lehmann schrieb:
> Hello,
>
> licenses for commercial virus scans are expensive, so in our mailserver
> setup we cannot not provide a virus scan for everyone, but just for
> customers paying for this extension.
>
> In the acl_check_data we do a conditional virus scan: If one of the
> recipients given in this smtp-session has paid for the virus scan and a
> virus is found, then the mail is refused directly after the DATA-command.
>
> But there is a second case that may occur: Someone sends a virus to a
> mailforwarder on our server (e.g. info@???) that forwards to a
> mailbox (e.g. lehmann@???) that requires a virus scan. In that case
> the virus wouldn't have been refused by the acl_check_data, because
> info@??? hasn't paid for virus scan so our mailserver would accept
> the email. But the virus still shall not reach the mailbox of
> lehmann@??? and I don't know how to configure that in exim.
>
> As forwarders can have more than one recipient and these recipients
> might be handled internally or by external mailservers, it is impossible
> to check if the recipient of a forwarder requires a virus scan.
> Forwarders could also have multiple forwarders until they reach the
> mailbox (e.g. info@??? -> supportgroup1@??? -> lehmann@???).
>
> My goal is that no virus reaches a mailbox and that the sender of the
> mail gets a usual bounce message (as it would get by the refusal after
> the DATA-command). But since the mail has already been accepted by the
> mailserver at this point I don't know how to prevent the virus from
> reaching the mailbox and how to generate a bounce message then.
>
> Regards
> Marten
>
>