[Mimedefang] Re: virus notifications, etc.
David F. Skoll
dfs at roaringpenguin.com
Wed Mar 26 20:57:01 EST 2003
On Thu, 27 Mar 2003, alan premselaar wrote:
> I was thinking that since these following virus types send email pretty much
> at random, that i should just reject any email that matches these virus
> types and not have to deal with a) processing and sending the messages to
> the exchange server and b) having the exchange server try to send mail out
> saying the user doesn't exist.
I bounce anything containing an MS executable. If the sending relay
tries to generate a DSN message, that's its problem.
I've had complaints about this, saying that my actions result in viruses
being bounced to innocent third parties. I have very little sympathy for
that viewpoint; viruses send themselves to innocent third parties anyway,
and my server returning a 554 code is hardly responsible for what a virus
does.
> (on a side note, i'm currently looking into ways to allow sendmail to check
> the existance of a user on the exchange server and return a user unknown at
> SMTP protocol time, but that's a seperate issue. [although any suggestions
> will be greatly appreciated])
Please see http://support.microsoft.com/default.aspx?scid=kb;en-us;304897
for why this is rather difficult to do sensibly. People running a
proper mail server can use md_check_against_smtp_server in filter_recipient;
people running M$ Exchange cannot.
You may be able to hook into M$'s user-authentication scheme and write
a filter_recipient routine that checks. However, my guess is that only
a few nonexistent users get the bulk of the spam or other unwanted mail;
you can just write a special-purpose filter_recipient routine to catch
those.
Regards,
David.
More information about the MIMEDefang
mailing list