[Mimedefang] Virus Handling Question

Rick Mallett rmallett at ccs.carleton.ca
Tue Nov 26 16:10:01 EST 2002


The mimedefang-filter man page contains the following advice w.r.t.
action_bounce:

  action_bounce is not appropriate for use with viruses,
  or indeed in any other situation where you have the slightest 
  doubt about the authenticity of the sender's address.  Using
  action_bounce indiscriminately may result in relaying mail
  servers sending many annoying error messages to innocent users.

and yet the sample filter contains the following code in "filter"

    # Virus scan
    if ($FoundVirus) {
	my($code, $category, $action);
	$VirusScannerMessages = "";
	($code, $category, $action) = entity_contains_virus($entity);
	if ($category eq "virus") {
            md_log('virus',$VirusName, $RelayAddr);
	    # Bounce the mail!
	    action_bounce("Virus $VirusName found in mail - rejected");
    etc.

What gives? Is the man page incorrect or should the above code fragment
contain an action_discard instead of action_bounce?

- rick --




More information about the MIMEDefang mailing list