Hi.
I want to stop a message getting through.
I want to tell the sending mailserver that I do not want to accept
this (ie cancel) but without creating a "Undelivered Message".
Scenario:
~
I check the incoming mail and refuse to take the mail if the sender
comes from our domain, rejectin
Hi,
Is it possible to make the filter accept password protected ZIP files only when
the password is the company's chosen (configured) one and the virus scan
did not report any virus ? The company would then give the password to use
to its customers/suppliers/...
I see in the man page of Archiv
On Tue, 2005-08-30 at 04:49, Jobst Schmalenbach wrote:
> How can I reject the email without the "Undelivered Message"
> being created? Do I just drop the mail? How I do that?
action_discard() silently drops the message. If you use any
rejection code you obligate the sending relay to return the
n
I would use the action_discard() function to drop the
mail without taking any further action. This is
against the RFC some will say, but it will accomplish
what you are trying to do.
--Curtis
--- Jobst Schmalenbach <[EMAIL PROTECTED]> wrote:
> How can I reject the email without the "Undelivered
Group,
I'm looking to offer my helpdesk an explanation of why a user's expected
inbound email is being discarded because of MIMEDefang's "suspicious_chars"
check, in filter_begin. I'd explained basically that there could be a
carriage-return or other character found in a line within the header of
> --- Jobst Schmalenbach <[EMAIL PROTECTED]> wrote:
>
>> How can I reject the email without the "Undelivered Message"
Curtis wrote:
> I would use the action_discard() function to drop the
> mail without taking any further action. This is
> against the RFC some will say, but it will accomplish
> w
jobst wrote:
> However if the spammer/worm/trojan now has an email address
> that exists in our domain, than the email is rejected
^
> but the person (unknowingly) receives an email of the rejection.
Well, the person receives an email of the rejection whether the email ad
--On Tuesday, August 30, 2005 14:21 -0400 "Cormack, Ken"
<[EMAIL PROTECTED]> wrote:
Group,
I'm looking to offer my helpdesk an explanation of why a user's expected
inbound email is being discarded because of MIMEDefang's
"suspicious_chars" check, in filter_begin. I'd explained basically th
1) Mailscanner has the ability to detect and block HTML segments that
have iframe tags, certain codebase tags, etc. Does mimedefang have
anything like that? (Is that what the HTMLCleaner module does? And if
so, does it detect and block, or does it sanitize? if it does the
latter, what doe
On Tue, 2005-08-30 at 13:23, [EMAIL PROTECTED] wrote:
> I am one of the "some" -- false positives will drop into the black hole
> of nothingness.
As you will prefer if your address is ever forged as the sender on
thousands/millions of virus or spam-bot messages.
> But this is a religious war wit
1) Mailscanner has the ability to detect and block HTML segments that
have iframe tags, certain codebase tags, etc. Does mimedefang have
anything like that? (Is that what the HTMLCleaner module does? And if
so, does it detect and block, or does it sanitize? if it does the
latter, what doe
Les Mikesell wrote:
> On Tue, 2005-08-30 at 13:23, [EMAIL PROTECTED] wrote:
>
>> I am one of the "some" -- false positives will drop into the black
>> hole of nothingness.
>
> As you will prefer if your address is ever forged as the sender on
> thousands/millions of virus or spam-bot messages.
I
From: Joseph Brennan [mailto:[EMAIL PROTECTED]
> I wish the value of $SuspiciousCharsInHeaders and
> $SuspiciousCharsInBody was something like "null" or "cr" instead of
> just true.
> Even if we had this, though, the error is still pretty obscure and
> needs to be taken to tech staff not your av
John Rudd wrote:
> 1) Mailscanner has the ability to detect and block HTML segments that
> have iframe tags, certain codebase tags, etc. Does mimedefang have
> anything like that? (Is that what the HTMLCleaner module does?
Yup
> And if
> so, does it detect and block, or does it sanitize? if it
On Tue, 30 Aug 2005, John Rudd wrote:
> 1) Mailscanner has the ability to detect and block HTML segments that
> have iframe tags, certain codebase tags, etc. Does mimedefang have
> anything like that?
Joseph Brennan posted code that he developed to look for dangerous tags
in a text/html par
On 08/30/05 at 14:47, 'twas brillig and Jim McCullars scrobe:
[...]
> > 2) Does mimedefang have a way to detect and deny encrypted archives
> > (like encrypted zip files), while still allowing through unencrypted
> > archives. (it's ok if zip files are the only such archive)
>
>You could do s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
MIMEDefang 2.53-BETA-2 is available at http://www.mimedefang.org/node.php?id=1
This release is specifically to work around a problem in clamd:
Some ZIP files are compressed with a new "deflate64" algorithm.
clamd can't handle this, and neither ca
--On Tuesday, August 30, 2005 4:12 PM -0400 "David F. Skoll"
<[EMAIL PROTECTED]> wrote:
It's also likely to be the only "correct" solution for a while, because
the zlib authors aren't interested in supporting deflate64, and the clamd
authors are unlikely to integrate support for external unpack
[EMAIL PROTECTED] wrote:
Interesting. Viruses can and do forge Received headers, or their
absence, of course... but some might not...
More specifically, viruses are likely to ignore the reject code and just
move onto the next target instead of generating a bounce message the way
an intermedi
Kenneth Porter wrote:
> Any idea why the zlib authors don't want to support it? Is it patented
> or not-invented-here? (This is the first I've heard of deflate64.)
I didn't investigate zlib (Dave O'Neill did), and it seems that
they had to reverse-engineer deflate64. Apparently, there were
comme
--On Tuesday, August 30, 2005 8:19 PM -0400 "David F. Skoll"
<[EMAIL PROTECTED]> wrote:
I didn't investigate zlib (Dave O'Neill did), and it seems that
they had to reverse-engineer deflate64. Apparently, there were
comments in the code that it was experimental, unsupported, and
unlikely to be
On Tue, Aug 30, 2005 at 08:19:34PM -0400, David F. Skoll wrote:
> I didn't investigate zlib (Dave O'Neill did), and it seems that they
> had to reverse-engineer deflate64. Apparently, there were comments in
> the code that it was experimental, unsupported, and unlikely to be
> supported.
There is
22 matches
Mail list logo
