Hello everyone, On Fri, 14 Dec 2007 I wrote:
> The clamav-milter manpage says > > "-Q, --quarantine=EMAILADDRESS > If this e-mail address is given, messages containing a virus or > worm are redirected to it." > > However it doesn't say that if you use this option then infected mail > will be accepted rather than rejected. I don't see why it should be > necessary to accept infected mail under any circumstances... >From the replies to my message it appears that there may be some misunderstanding of what I meant. To decide whether to accept or reject a message because of its content it is first necessary to read it. It is perfectly possible to allow a complete mail message to be transmitted to a recipient server, store it for future reference if required, send it (or not) to any desired recipients (including or excluding the original addressees), and then reject it with the appropriate SMTP code. When a message is rejected it means that the sending server still has the responsibility for it, and the recipient server has met all its obligations. Personally, I feel happier that the server that tried to send me a fraudulent mail still has possession of the danged thing, and has to do more work to deal with it, even if it means that it will continue trying to send it to me for another five days - as many do - before sending it back where it came from. Hopefully if it fills all its available capacity with that crap then a bit less will propagate around the Internet, and perhaps a few incompetent, irresponsible or criminal system managers will at least be put to some inconvenience. I store and reject mail all the time, mostly fraudulent messages which I then send to the Metropolitan Police: http://www.met.police.uk/computercrime/ -- 73, Ged. _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
