[Mimedefang] Re: calling action_bounce() for viruses
Kenneth Porter
shiva at sewingwitch.com
Wed Oct 1 18:32:01 EDT 2003
--On Wednesday, October 01, 2003 9:03 AM +0600 Stas Ukolov <tigrus at pisem.net>
wrote:
> Seconde one means server accepted message, then determined is 'bad' in
> some sence and sent warning to address of 'sender' - real or forged -
> which was in mail _header_.
Not header, but envelope.
> Of course, bounce (first) can become negative DSN if mail goes thru
> another mailserver. But in this case: if we are are sure the mail is
> spam/virus we can conclude that mailserver is either misconfigured or
> is spammer/virus infected. In that case we must ASAP inform its admin
> and block it _entirely_ until its configuration fixed.
Or it came through the mail server of the infected user's ISP, and that server
does no checking of outbound mail.
Or it came through an inbound gateway that doesn't check for a valid user
before passing it to an internal server. (As a rule, all servers for a domain
should have the same rejection rules to avoid this issue.)
More information about the MIMEDefang
mailing list