* G.W. Haywood wrote:
> Hi there,
>
> It should come as no surprise to anyone that having read the message,
> it's possible to store it somewhere in the filesystem, e.g. for later
> analysis, despite the fact that the message is to be rejected.
>
:-)
>> Does anyone know a way to make sendmail return a 550 for quarantined
>> messages? I'm using Sendmail 8.14.3.
>
> Not if the quarantining is caused by clamav-milter. When I asked
> about this a while ago, the new milter's author said "if you don't
> like it, you can always use the old version which is kept under
> /contrib/old-clamav-milter". To be fair, I don't think his first
> qualification was in Customer Relations. :)
>
Chomp, chomp, chomp.
Down, be nice.
>
> When the old clamav-milter quarantined a message by putting it in a
> directory of its own, not within the grasp of Sendmail, as far as all
> the mail servers were concerned if Sendmail then rejected the message
> that was the end of it. You would have a copy, but Sendmail neither
> knows nor cares about that.
>
I understand the desire to have someone else's code do the work, but
there is a gain in flexibility when you do it yourself.
> To mimic the old behaviour you could have clamav-milter add headers to
> infected messages, and use another milter to read those headers then
> store and reject the mail if it sees an 'infected' header. MIMEDefang
> can do what you want, at the price of some complexity and overhead.
>
> A simpler alternative is to write all the incoming mail to a log file,
> as it comes in, during the SMTP conversation. One of the milters that
> I use (milter-regex, which I highly recommend) does this as an option.
> If a message is rejected for any reason, the full text (or, depending
> on how you configure things, perhaps just the text up to the point at
> which a decision was made to reject) will be in the log. It's a bit
> of a pain to retrieve messages from the logs, and naturally they grow
> rapidly and will need to be rotated regularly.
>
> ..oOo..
>
Added complexity to something that should be simple.
Then again, why do it simply when we can get the users to do it
back-tailwards.
Grrrr, ROAR.
DOWN!
> * To try it, all you'd probably need to do is change one line in the
> function action_quarantine() clamfi.c and recompile:
>
> static sfsistat action_quarantine(SMFICTX *ctx) {
> if(smfi_quarantine(ctx, "quarantined by clamav-milter") != MI_SUCCESS) {
> logg("^Failed to quarantine message\n");
> return SMFIS_TEMPFAIL;
> }
> return SMFIS_ACCEPT;
> }
>
C Coding, something that, fortunately for this project, I don't know how
to do.
> Change SMFIS_ACCEPT to SMFIS_REJECT and see what happens. If it does
> work, please let us know. If it doesn't work, then maybe we can come
> up with something. It might mean quite a bit of coding to set up a
> quarantine directory, and I probably wouldn't have time for that, but
> a lot of the work has probably been done in the old milter. The odds
> are that the code wouldn't make it into the ClamAV trunk unless a lot
> of people make their appreciation known on this list.
>
HERE! HERE!
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
