[Mimedefang] Which first: stream_by_x or virus checks?
David F. Skoll
dfs at roaringpenguin.com
Thu Oct 18 08:44:24 EDT 2007
Kelson wrote:
> Streaming first, then scanning for viruses, means that a message gets
> resent locally, *then* rejected.
First of all, you should scan for viruses before streaming and discard
if you see a virus.
Secondly, if a message is coming from 127.0.0.1, you should *never*
bounce it but *always* discard it. Yes, this is against the spirit of
SMTP. However, it's the only safe way to avoid being blacklisted for
backscatter.
> I'm moving the calls to stream_by_recipient *after* the virus scanning
> logic (but still in filter_begin). The downside is that anything clean
> gets scanned N+1 times instead of N.
But if you detect a streamed-and-remailed message, you can omit virus-scanning.
> It also means that if we ever want
> to enable per-recipient reactions to clamd results, we'll need to move
> it back.
I would not recommend allowing end-user control over virus settings. It's
far too dangerous.
Regards,
David.
More information about the MIMEDefang
mailing list