Justin Mason wrote:
Anthony Peacock writes:
Rick Cooper wrote:
From: decoder [mailto:[EMAIL PROTECTED]
Sent: Friday, August 25, 2006 4:23 PM
To: Rick Cooper
Cc: users@spamassassin.apache.org
Subject: Re: Discourage broken content
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Rick Cooper wrote:
-----Original Message----- From: decoder
[mailto:[EMAIL PROTECTED] Sent: Friday, August 25, 2006 2:24
PM To: users@spamassassin.apache.org Subject: Re: Discourage
broken content
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
[...]
I've heard that it truncates the mail at 30kb, no matter if that
is within a MIME block or not... So my plugin gets a broken
image.. though it was not broken originally...
That is patently false. I have a graphics design/advertising
department at one of my locations and these fellas send huge
graphics files back and forth when they have emergency
proofs/changes and MailScanner has *never* damaged anything, ever,
anywhere. Now, there is a setting for scanning (much like exiscan
IIRCC) that allows you to truncate the message and only scan xxx
amount, it's optional and doesn't modify the actual message in
anyway.
Rick
I did not say it damages the mail. I said it feds only a given amount
of the message to SpamAssassin and THAT breaks plugins requiring the
whole message, especially when MailScanner breaks messages in the
middle of attachments.
And as far as I know, it is the default setting of mailscanner to feed
only a given amount of kb to SpamAssassin. That does not mean it
truncates the message before delivering it.
My apologies, the way I interpreted the original I thought you were saying
it truncates the email and breaks they message. I will bring this up on the
Mailscanner list that the default, given the recent image spams, should be
disabled so the entire message is sent to spam assassin. Before the current
spat of image spam you could generally tell within 20k or so if a message
was spam or not, this is not the case in today's world and the entire
message really should be fed to SA. I have never used the default setting
myself.
This issue is currently being discussed on the MailScanner users list,
under the Subject "Max SpamAssassin Size problems".
The size limit is configurable
(http://www.mailscanner.info/MailScanner.conf.5.html#SpamAssassin "Max
SpamAssassin Size), so people can raise the size limit or disable it to Agreed
get around this issue at the moment.
There is some concern about removing the limit completely, so the
current discussion is about a scheme that checks ahead for a Mime
boundary within a fixed window after the max size value is reached.
I'm sure they know this -- but there are dangers there too. It's pretty
trivial in HTML to craft a MIME part that contains 100 KB of
innocent-looking HTML, followed by 4 KB of spam payload, where the payload
is the only part that's visible.
Length truncation for non-text/plain data is very tricky -- that's why we
don't use it in SpamAssassin itself ;)
Agreed!
My personal suggestion was when the configured limit was reached, roll
_back_ to the starting MIME boundary. This honoured the Admins
configured "Maximum SA Size" setting but didn't pass any truncated
images to SA that may then cause problems with the various image plugins.
But the debate is still underway, so I better pop back there to keep an
eye on things. I just wanted to pop up here to let people know that the
MS list is aware of this issue and discussing ways to make life better
for all concerned.
:-)
--
Anthony Peacock
CHIME, Royal Free & University College Medical School
WWW: http://www.chime.ucl.ac.uk/~rmhiajp/
"If you have an apple and I have an apple and we exchange apples
then you and I will still each have one apple. But if you have an
idea and I have an idea and we exchange these ideas, then each of us
will have two ideas." -- George Bernard Shaw
