Re: [exim] spam in attachments

Pàgina inicial
Delete this message
Reply to this message
Autor: W B Hacker
Data:  
A: exim users
Assumpte: Re: [exim] spam in attachments
Judy Angel wrote:
> We have noticed a significant amount of spam that is included in .gif
> attachments but is not caught by the spam filters. The policy is to deliver
> spam, but tag the Subject line.
>
> We run Exim, MailScanner, SpamAssassin, Sophos. I understand that FuzzyOCR
> can add value but there are many dependencies for that installation. I am
> interested to hear how other sites deal with such attachments.
>
> Thanks
> Judy Angel
> University of Hertfordshire
>
>


Checking a specialized 'whitelist', then either rejecting, delivering, or
'quarantining' is much cheaper in resource use than OCR'ing and more precise
than a site-wide policy.

Per-domain and/or per-recipient preferences can be driven from an acl_m variable
or an X-Header set during the DATA phase.

Message returned for those not on the welcome list tells them what to do to open
that door:

    ...
    ...
    message     = \n Addressee accepts attachments, \
                  \n ONLY by prior arrangement! \
                  \n Send plaintext message first to arrange.


    ....


Works nicely between HQ/branch offices and friends or family members that
actually have a regular need to exchange graphics - but not with strangers 'on
the first date'.

;-)

HTH,

Bill Hacker