Re: [exim] two stage virus scan

Top Page
Delete this message
Reply to this message
Author: David Saez Padros
Date:  
To: Chris Lightfoot
CC: exim-users, Marten Lehmann
Subject: Re: [exim] two stage virus scan
Hi !!

> The difficulty here is that in the current email
> architecture the only person who can detect whether a
> bounce is valid is the (alleged) sender. A third-party
> mail server *cannot* determine whether a given bounce is
> valid or not.


i can check for headers included in the bounce message and
see if some special headers added by our server are present,
so i can known if the bounce was really originated by a
local user or not. I also use BATV in some commonly faked
addresses to archive the same purpose.

> Dropping delivery error notifications on the
> floor based on some heuristic is incorrect;


it depends on the heuristic, identifying virus warning messages
and reject all of them is a good heuristic as modern viruses
never use the email addess of the owner of the infected computer.

> refusing mail
> transactions from hosts purely because they correctly
> process delivery error notifications is idiotic.


Idiots are those that generate that bounces and most of that hosts
do not process delivery error notifications correctly (many of them
do not use the null envelope sender nor include the message headers,
etc ...)

>(I hope,
> by the way, that you fully inform your users that you are
> programming your mail server to discard information about
> whether their mail got through or not.)


yes, i do, i have a publicy available policy and my users are
very happy with it. Most of them get very confused when they receive
such idiot virus warning bounces and get worried about if they were
infected or not. Who used my computer to send virues ? nobody, that's
just a poor postmaster that likes to bother you. Then they ask to
blacklist that postmaster.

> Generally speaking I don't think that mail server
> administrators, who I guess are the main audience of this
> list, should be putting any effort into making email less
> reliable.


Mail is more reliable when you have only good mail in your inbox
and do not have to delete hundreds of iditic bounces.

--
Best regards ...

----------------------------------------------------------------
    David Saez Padros                http://www.ols.es
    On-Line Services 2000 S.L.       e-mail  david@???
    Pintor Vayreda 1                 telf    +34 902 50 29 75
    08184 Palau-Solita i Plegamans   movil   +34 670 35 27 53
----------------------------------------------------------------