Am 14.03.2015 um 18:01 schrieb Robert Schetterer:
Am 14.03.2015 um 17:55 schrieb David F. Skoll:On Sat, 14 Mar 2015 17:08:50 +0100 Reindl Harald <[email protected]> wrote:Am 14.03.2015 um 17:00 schrieb Kevin A. McGrail:On 3/14/2015 1:14 AM, David B Funk wrote:truncating a large message and only passing the first N-KB to SA. As that involves munging MIME headers it has to be done inside the milter.I just truncate the message hard and it generally works better than not scanning. What do you do to truncate?how do you truncate messages for the scan?I can't answer for Kevin, but what we do is this: For oversize messages, we remove non text/* attachments. If they're still oversize, we truncate the text/plain parts. If they're still oversize, we truncate the text/html parts. We do this very carefully with MIME::tools to ensure that SpamAssassin always sees a valid MIME message and not (for example) one with a missing boundary. We use MIMEDefang for SpamAssassin integration, so we can play whatever tricks we like with the data that gets passed to SpamAssassin without actually messing with the original message.define oversize..., cutting mail content may not allowed in many countries, most legal policy, is reject ( at income smtp level ) or pass tag passed mail is allowed if the reciept accepts this
nobody but talks about cut contentwe talk about how to pass only a part to spamassassin instead skip large messages entirely which in many case would be enough to detect a message as spam because the "oversize" are just binary parts
signature.asc
Description: OpenPGP digital signature
