>
> What we *should* do is include a qmail patch to allow q-s to
> return "550 message rejected because it contains a virus"
> when it detects a virus.
> Then if the virus is using its own SMTP engine (most do) it
> will be unable to send mails to our servers. No bounces are
> generated; virus can't propagate. We can still keep a copy
> of the incoming virus in the quarantine (I don't believe SMTP
> protocol forbids keeping a copy of messages after sending a
> 550... does anyone else know?) for analysis.
>
Its allowed, all you gotta do is issue a smtp code to the EOF of the
DATA portion... While you got the mail in queue, you can do with it as
you please.
Quarantine and reject is very simple to do... I do it like this...
# quarantined & rejected
if (int $HANDLE == 4) {
&debug("****** QUARANTINE TO $QADDR ********");
$EVENT_INFO = "quarantined+rejected";
&qmail_parent_check;
&qmail_requeue($env_returnpath,"T$QADDR\0\0","$scandir/$wmaildir/new/$fi
le_id");
&error_condition("rejected",$ERRCODE);
}
-------------------------------------------------------
This SF.Net email is sponsored by Sleepycat Software
Learn developer strategies Cisco, Motorola, Ericsson & Lucent use to
deliver higher performing products faster, at low TCO.
http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3
_______________________________________________
Qmail-scanner-general mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
