On 4/15/08 5:09 PM, "John Rudd" <[EMAIL PROTECTED]> wrote: > Tilman Schmidt wrote: > >> So why am I dissecting that list like this? Just to show that blocking >> or not blocking certain unusal characters in mail addresses is indeed a >> policy decision which should not be forced by a piece of software, but at >> most offered as a configurable option. > > Absolutely agree. It is not ClamAV's place to make policy decisions for > me. It is ClamAV's place to match email messages to signatures. It is > up to me what to do with messages that match signatures. At most, it > should offer me policy options, but only _options_.
Also agree. It seems to me that this sort of policy is better placed outside the virus scanner (unless the scanner is protecting itself). Just as another data point, Exim (as of 4.69) ships with these rules in the default configuration. There is considerably more discussion of the reasons, including noting that most of the characters are indeed legal in addresses. Oddly, the sequence .. Is not allowed per RFC although Exim allows it because Philip encountered it, but he did then do extra work to block /../ 1. For "incoming" mail (addressed to an address local to the installation) # The rule blocks # local parts that begin with a dot or contain @ % ! / or |. If you have # local accounts that include these characters, you will have to modify # this rule. (And indeed when the listed characters except leading dot were blocked for all messages in an earlier Exim version, we had to remove the % for submissions as one of our users needed to send to such an address.) 2. For "outgoing" mail # This rule allows your own users to send outgoing # messages to sites that use slashes and vertical bars in their local # parts. It blocks local parts that begin with a dot, slash, or vertical # bar, but allows these characters within the local part. However, the # sequence /../ is barred. The use of @ % and ! is blocked, as before. # The motivation here is to prevent your users (or your users' viruses) # from mounting certain kinds of attack on remote sites. --John _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
