Re: Linux bandwidth monitoring

From: Henry Stilmack (hps_at_shangri-la.cx)
Date: 07/22/05

Next message: Michael Heiming: "Re: Linux bandwidth monitoring"
Previous message: Michael Heiming: "Re: Procmail"
In reply to: Jenda Mudron: "Re: Linux bandwidth monitoring"
Next in thread: walace: "Re: Linux bandwidth monitoring"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Fri, 22 Jul 2005 09:46:43 +0200

The muse whacked Jenda Mudron over the head on 22 Jul 2005 and caused
hir to enscribe <dbq47b$kkc$1@domitilla.aioe.org>:
> Thank You for the reply.
>
> I have spamassassin running on my mail server, but what happens is I
> have a procmail rule that blocks out attachments for eg: zip files.
>
> then what it does is sends out a autoreply to the sender stating he
> sent a zip file and it is not allowed. But viruses come onto the
> server with forged headers and the server sends the autoreply to
> somebody that did not send the e-mail.
>
> Any other suggestions ?
>
>
For this very reason, sending auto-replies is a Bad Thing. Virus and
spam checkers should just reject the Email with an error message that
indicates to the sender why it was rejected. If you have users who
routinely need to get .zip attachments, their corespondents should be
whitelisted.

If you are not running spamassassin until after the SMTP transaction
has completed, you should just drop the message into a spam folder and
notify the recipient so s/he can (a) manually check the attachment
and/or (b) notify the sender if it is legit.

Every time a new virus that fakes From: headers comes out, I get
hundreds of bogus "we rejected your message" autoreplies from clueless
mail servers. It is really irritating.

-- 
Henry Stilmack, CISSP
Email to hps (at) shangri-la (dot) cx
Registered Linux User #324965

Next message: Michael Heiming: "Re: Linux bandwidth monitoring"
Previous message: Michael Heiming: "Re: Procmail"
In reply to: Jenda Mudron: "Re: Linux bandwidth monitoring"
Next in thread: walace: "Re: Linux bandwidth monitoring"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages

Re: content filtering
... opinion on experience that's limited to dealing with domestic US ... Considering that the large majority of spam originates from the US, ... Now all you need is some method of identifying the sender. ... 550 code would come to the attention of the mail server admin who could ...
(microsoft.public.exchange.admin)
Re: Returning an email to its sender. Is that possible?
... How do you know the sender used their own e-mail address? ... will notice the sending mail server DURING the mail session. ... Fake bounces are tantamount to vigilantism. ...
(microsoft.public.outlook.general)
RE: SPF record confusion
... associated with a different set of message headers from which the PRA ... the sender CLAIMS to be. ... a receiving mail server that relies on determining the PRA from the address ... command is defined in RCF8281 along with other SMTP commands like EHLO, ...
(microsoft.public.windows.server.sbs)
Re: Outlook Express Undeliverable
... If your client is not getting an NDR message back from ... his mail server (which means his sending mail server got rejected during the ... Maybe you have server-side spam filtering enabled and his mails ... sender is infected so his mails could also be infected. ...
(microsoft.public.internet.mail)
Re: hotmail password request tool (intranet usage)
... that some email viruses started sending themselves as passworded files. ... I personally consider it bad practice for a mail server to alter the ... It also fails to inform the *sender* ... language has no way to express 'partial delivery'. ...
(comp.security.firewalls)