North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: antivirus in smtp, good or bad?
- From: Matthew Sullivan
- Date: Wed Feb 04 01:04:31 2004
Stephen J. Wilcox wrote:
Hi,That's what I just wrote a patch into Postfix to do.... (
http://www.isux.com/projects/ if anyone is interested, uses libclamav )
When investigating our mail queue it seems we have quite a lot of mails which
are stuck in transit...
Whats happening is we're accepting the mail as the primary MX for the domain but
the user has setup a forwarding to another account at another ISP, they have
antivirus service on that other account. So we get the mail, spool it and try to
forward it but then we get a "550 Error: Suspected W32/MyDoom@MM virus" after
DATA and our server freezes the mail.
Surely this is an incorrect way to do this as there will be lots of similar MXs
like ours backing this mail up? They should accept the mail and then bounce it?
This is the only way I can see the virus laden mails should be dealt
with - you certainly cannot return it to the sender, that is _most_
annoying, causes no end of users to call the support desk about being
virus laden when they haven't actually been infected etc...