[Mimedefang] Can't figure out fetchmail and mimedefang

Keli'i Martin werureo at bellsouth.net
Sun Sep 28 23:30:01 EDT 2003 

    I apologize in advance for the length of this post.  I am having a 
very difficult time figuring something out.  I am having a problem with 
emails that do not get deleted from my ISP's mail server after 
MIMEDefang finds a virus attached to the email.  Since these emails are 
not getting deleted from the server, every time fetchmail polls that 
account, it downloads the virus-infected email, mimedefange rejects 
this, and I guess fetchmail ends up leaving the message on the server 
until the next time it polls that server.

    First, here is a snip from my .fetchmailrc file:

set logfile "/home/fetchmail/.fetchmail_log"
set syslog
set postmaster root
set no bouncemail
set no spambounce
set daemon 45
 
poll ...... (list of mail servers follows)

    Whenever a message is rejected by MIMEDefang, a message is sent to 
the postmaster account, in this case, root, that looks like the following:

Date: Sun, 28 Sep 2003 23:03:42 -0400
From: FETCHMAIL-DAEMON at localhost.localdomain
To: root at localhost.localdomain
Parts/Attachments:
   1 Shown      2 lines  Text
   2 Shown    244 bytes  Message, "Delivery Status"
   3 Shown     12 lines  Text
----------------------------------------

General SMTP/ESMTP error.


    [ Part 2: "Delivery Status" ]

Reporting-MTA: dns; localhost

Final-Recipient: rfc822; werureo at localhost
Last-Attempt-Date: Sun, 28 Sep 2003 23:03:42 -0400 (EDT)
Action: failed
Status: 5.7.1
Diagnostic-Code: 554 5.7.1 Virus Exploit.IFrame.Gen found in mail - rejected

Received: from dmwxv ([68.19.125.233]) by imf24aec.mail.bellsouth.net
          (InterMail vM.5.01.05.27 201-253-122-126-127-20021220) with SMTP
          id <20030928071255.STDV1810.imf24aec.mail.bellsouth.net at dmwxv>;
          Sun, 28 Sep 2003 03:12:55 -0400
FROM: "Net Email Storage System" <webbot at rocketmail.net>
TO: "mail client" <client at homedomain.com>
SUBJECT: Message
Mime-Version: 1.0
Content-Type: multipart/alternative;
        boundary="zcbejgeernl"
Message-Id: <20030928071255.STDV1810.imf24aec.mail.bellsouth.net at dmwxv>
Date: Sun, 28 Sep 2003 03:13:06 -0400


    I have Googled this for days, and so far, I've found two proposed 
solutions, both from this mailing list.  One suggested changing the 
mimedefang filter to use action_discard() instead of action_bounce().  I 
didn't know where in the filter to change this.  So, I posted a message 
to this mailing list a few days ago.  Someone responded by saying that I 
should use the antispam feature in fetchmail.  Again, I wasn't sure 
where to put this.  I tried adding "antispam 554" right before the list 
of mail servers in my .fetchmailrc, but that just gave me a parse error.

    I did not set this up.  I had a friend who is a little more 
well-versed in this subject help me.  However, he doesn't know how to 
get fetchmail to delete all the messages from the server, even the ones 
that mimedefang rejects because of viruses.  As far as I know, I am 
running sendmail, mimedefang, and spamassassin.  procmail is used in 
there somewhere also.  As far as antivirus, I think I am using ClamAV.

    Now that I've tried to explain the situation, here is what I need 
help on.  How can I get fetchmail to delete all the messages from the 
mail server after it has downloaded them even when mimedefang rejects 
the email because of a virus?  Also, so that I may learn something from 
this situation, what resources would anyone suggest for me to learn 
about this type of stuff?  Thank you very much for any assistance.

Keli'i Martin

More information about the MIMEDefang mailing list