On 5/25/2012 3:16 PM, Alex wrote: > Hi, > > I have a header check that I added some time ago that rejects mail > with message/partial content type because I believe it can't be > scanned for potential viruses unless it is first assembled: > > /^(Content-(Disposition|Type)\:|[[:space:]]+).*message\/partial.*;?$/ > REJECT This mail server does not permit messages with 'Content-type: > message/partial'. > > Does this still present a significant threat these days, or is it okay > to permit partial messages?
I don't know of any malware that uses message/partial, but it's still true that partial messages cannot be effectively scanned by the MTA. > If I were to permit it for a specific IP address or sender, would that > be done in a check_sender_access hash? There is no bypass mechanism for header_checks. If someone must send you message/partial content, they will either need to use an alternate channel or you'll need to remove that check (or use HOLD for manual inspection rather than REJECT). I would personally judge the risk as fairly low, but you'll need to decide that for yourself. -- Noel Jones
