> On December 14, 2007 at 06:35AM G.W. Haywood wrote: > > The clamav-milter manpage says > > > > "-Q, --quarantine=EMAILADDRESS > > If this e-mail address is given, messages containing a virus or > > worm are redirected to it." > > > > However it doesn't say that if you use this option then infected mail > > will be accepted rather than rejected. I don't see why it should be > > necessary to accept infected mail under any circumstances... > > From the replies to my message it appears that there may be some > misunderstanding of what I meant. > > To decide whether to accept or reject a message because of its content > it is first necessary to read it. It is perfectly possible to allow a > complete mail message to be transmitted to a recipient server, store > it for future reference if required, send it (or not) to any desired > recipients (including or excluding the original addressees), and then > reject it with the appropriate SMTP code. > > When a message is rejected it means that the sending server still has > the responsibility for it, and the recipient server has met all its > obligations. Personally, I feel happier that the server that tried to > send me a fraudulent mail still has possession of the danged thing, > and has to do more work to deal with it, even if it means that it will > continue trying to send it to me for another five days - as many do - > before sending it back where it came from. Hopefully if it fills all > its available capacity with that crap then a bit less will propagate > around the Internet, and perhaps a few incompetent, irresponsible or > criminal system managers will at least be put to some inconvenience. > > I store and reject mail all the time, mostly fraudulent messages which > I then send to the Metropolitan Police: > > http://www.met.police.uk/computercrime/
I believe that it is worth mentioning, that the receiver of said messages must insure that they do not engage in the practice referred to as "backscatter". http://en.wikipedia.org/wiki/Backscatter#Backscatter_of_email_spam An improperly configured system could lead to this problem. -- Gerard _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
