Re: [Mimedefang] action_drop_with_warning and refuse to sender
On Fri, 24 Aug 2018 23:35:54 +0200 Marcus Schopen wrote: > That might me right in most of the cases. But if you do a "silent" > reject, this has to be communicated very clearly to the recipient, as > well as rejecting at a spamassassin score of >= 5. This is nothing you > can decide on your own as postmaster, just because it makes sense. It's not silent. The sender will get a delivery failure notification. [...] > I agree that most detected virus mails (I use clamav) are virus mails. > But I myself got some valid emails from Amazon, which were marked as > "Heuristics.Phishing.Email.SpoofedDomain" and therefore those emails > were rejected. Ah, well. Don't use those dangerous signatures. Were those official ClamAV signatures or third-party signatures? Also, I'd check the virus name and maybe quarantine rather than bounce on "Heuristics" hits. Regards, Dianne. ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
[Mimedefang] OT: Bouncing *and* forwarding (was Re: action_drop_with_warning and refuse to sender)
On Fri, 24 Aug 2018 08:37:21 -0700 Jeff Makey wrote: > If you are willing to risk the dangers of both bouncing and forwarding > a message, https://www.youtube.com/watch?v=koRRqOJcaHs Regards, Dianne. ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] action_drop_with_warning and refuse to sender
On 2018-08-24 11:10, Marcus Schopen wrote: I don't agree. Rejecting a virus email means not receiving it from the law side. If you accept an email or just drop it, the problem is on your side. That's why I want to reject it, but inform the recipient - not the sender - about the rejection. I agree, that most of the senders will ignore the rejection, don't scan their logs, or the sender ignores bounces from the sending smtp. But again, this is not my problem then. I don't know how to do a facebook like in ascii, but from me, for *exactly* this. A surprising number of commercial systems get this wrong, or rather they if they're good they try to do it, but don't get it quite right... I've a call with SpamTitan about this this very day! How odd (; Mimedefang for almost a decade now. Love it. Love the configurability / programmability. Dave ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] action_drop_with_warning and refuse to sender
Am Freitag, den 24.08.2018, 08:42 + schrieb Paul Murphy: > > > a REJECT is not a bounce, its a denied to accept it > > A REJECT is potentially likely to cause a bounce, but yeah... it > > won't > > be backscatter from your machine. > > Plus a REJECT is only possible if you don't stream by recipient. If > you have streamed, it becomes a bounce. Either way, nobody cares any > more what you do with it - they're not scanning their logs to see > which emails failed and why, because there's no return code for "Your > user tried to send us a virus, please investigate". Plus false > positives still happen, which is part of the reason they can't be > bothered to follow up even if you tell them that you've found what > you think is a virus. I don't agree. Rejecting a virus email means not receiving it from the law side. If you accept an email or just drop it, the problem is on your side. That's why I want to reject it, but inform the recipient - not the sender - about the rejection. I agree, that most of the senders will ignore the rejection, don't scan their logs, or the sender ignores bounces from the sending smtp. But again, this is not my problem then. Ciao! m ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] action_drop_with_warning and refuse to sender
>> a REJECT is not a bounce, its a denied to accept it >A REJECT is potentially likely to cause a bounce, but yeah... it won't be backscatter from your machine. Plus a REJECT is only possible if you don't stream by recipient. If you have streamed, it becomes a bounce. Either way, nobody cares any more what you do with it - they're not scanning their logs to see which emails failed and why, because there's no return code for "Your user tried to send us a virus, please investigate". Plus false positives still happen, which is part of the reason they can't be bothered to follow up even if you tell them that you've found what you think is a virus. Paul. ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
