On Mon, Jun 10, 2002 at 01:43:02PM -0500, Derrick 'dman' Hudson wrote: > That does sound like a good idea, though. You can use your MTA to > limit the processing of over-large messages and spamc can limit > spamd's processing to just the first nK of not-quite-as-large > messages. In addition, spamc could simply output the modified headers > (Subject:, X-Spam-*, maybe Content-Type:) and reduce the output on the > pipe. (Marc's local_scan() only reads the headers from that side of > the pipe and only pays attention to some of them anyways)
There are several problems with that though:
- spamc would need to know how to mangle messages, the goal is
to let spamd do that kind of stuff.
- if said message is larger than the nK setting, who knows what
gets chopped out. I wouldn't want to send partial MIME content
to spamd for processing.
- you won't get a "proper" score out of the message -- who knows
what's in the last (size-n)K that would raise/lower the score?
--
Randomly Generated Tagline:
"The user's computer downloads the ActiveX code and simulates a 'Blue
Screen' crash, a generally benign event most users are familiar with
and that would not necessarily arouse suspicions."
-- Security exploit description on http://www.zks.net/p3/how.asp
msg06148/pgp00000.pgp
Description: PGP signature
