> Hi!
>
> Yesterday I ran into a problem that might also bring other amavis users
> into trouble:
>
> Mailbombs containing special attachments caused clamav to get into
> trouble. It became very slow on scanning those attachments, so amavisd
> killed it after it reached the timeout. In my case (pre-queue-setup), it
> caused the mail to be rejected with a 451 temporary error. The bad thing
> is that amavisd didn't remove the temporary directory ("PRESERVING
> EVIDENCE ..."), in some cases containing more than 100 MB of unpacked
> files. Since it was a temporary error, the relaying mail-server retried
> delivery after some delay, so the same procedure looped until the
> filesystem containing the temporary files was full. After this point,
> mail delivery was completely disabled.
>
> I know that my pre-filter-setup isn't recommended for production use,
> but I believe that this kind of loop (processing fails, directory is
> kept and the mail is requeued) could potentially also happen in a common
> post-queue scenario.
>
> Maybe the decision what to do with a temporary directory after
> processing the mail had failed should be configurable in order to
> prevent possible DOS-attacks? Possible actions could be:
> - keep directories only until a certain amount of disk space is filled
> - move those temporary directories into another place
> - generally do not preserve evidences
>
> Cheers,
Hi,
You may try this as a cronjob:
* */2 * * * /bin/bash -c "(find /var/spool/amavis -type d -name 'amavis-*'
-prune -mmin +120 -exec rm -rf {} \;)"
Regards,
Leon Kolchinsky
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
