Re: [exim] exim subjecting outbound e-mail to spamd and viru…

Góra strony
Delete this message
Reply to this message
Autor: Bill Hayles
Data:  
Dla: exim-users
Temat: Re: [exim] exim subjecting outbound e-mail to spamd and virus
Hi, Dominic

On Wed, 10 Aug 2011 11:41:36 +0100 in message number <4E426060.9010102@???>, received here on 10/08/2011 12:57:34, Dominic Benson <dominic@???> said:

> On 10/08/11 11:20, Bill Hayles wrote:


> > If that is the case, then it is the webmail configuration that needs
> > looking at, and not Exim.
>
> I agree with regard to spam checking - although there is a case for AV
> scanning outbound messages and then bouncing them if necessary. People
> do accidentally send infected attachments, after all.

That's true. However much I may nag my users to scan their mail on
receipt, you can't physically make them.

Having read what I wrote, and your reply, then I can see we're in almost
total agreement; Exim has a role to play here.

>
> Regardless of whether it was webmail, the real fix is to protect it from
> the original abuse.


I agree entirely - hopefully at the point of entry, not exit.


> With webmail, it is only as legitimate as authenticated SMTP.


The important word being authenticated, but agree.


> So it
> isn't necessarily unreasonable to have some last-ditch anti-abuse
> measures. Or AV. My point was not that the statement is unsafe, rather
> that if you wish such messages to be subject to other conditions, they
> need to be inserted before it in the ACL.


And for a comparative Exim novice (like me?), perhaps the easiest way is
simply to remove any accept hosts = automatic acceptance line in
exim.conf.

I still think that's simply papering over the original crack, which
needs fixing, but a last ditch backstop can't be a bad idea.


--
This is Spain. We do things differently here!

Bill Hayles
billnot@???