[Mimedefang] action_bounce - forget it!

[Sevo Stille]

Dirk Mueller wrote:

>>line ~220) looks like this - see below. No bouncing, no quarantines, just
>>action_discard. For ALL the viruses/worms. That's it!

I've dropped quarantines for all known mass worms. But action_bounce is 
mostly harmless, as it will reject the reception immediately. A "bounce 
message" would only be generated one step up, if that should happen to 
be a relay between the mimedefang box and the originating sender - 
accordingly, it may be wise to disable action_bounce for the few worms 
that deliver through the smart host of the infected box using a fake sender.

> Well, in most countries this is however illegal. 

Hardly so. By analogy with the transport obligation paper mail and 
telephony, it may be illegal to reject or discard unwanted mail without 
consent of the intended recipient. But the latter should generally be 
easy to get on most mail systems that use Mimedefang - on corporate 
servers, the management can usually proclaim a mail policy, and on 
private or smaller institutional systems it is not that hard to get 
consent from all users. Only access and mail providers have an issue 
with their transport obligation which they have to handle with suitable 
technology (such as running servers with a per-user selectable policy).

As a side issue, all currently relevant SMTP RFCs demand that mail may 
not be discarded without notification. IMHO, this is inapplicable 
whereever a legitimate recipient lets a server refuse reception on his 
behalf - if interpreted in any other way, the RFCs would violate the 
privacy laws of most countries. But right now, we disobey the RFCs if we 
discard worm mail to non-existent local recipients. AFAIK, alterations 
to the RFCs in question are already being proposed, so that is unlikely 
to cause trouble.

Sevo

-- 
Sevo Stille
sevo at radiox.de