[Mimedefang] Mimedefang 2.36 and how to drop a blocked attachment message - action_bounce?

John Scully jscully at isupportisp.com
Sun Sep 28 19:32:00 EDT 2003

Although it violates the "basic tenets" of mail processing to silently
discard a message...that is really the best thing to do.  Action_bounce
is going to bounce it back to the "sender" which in the case of a virus
is only the sender maybe 10% of the time.  The others will either go
nowhere or pile up in some poor guy's mailbox.

We just use action_discard to silently drop the message.  We used to
also send a message to the recipient telling him that a virus laden
message had been blocked, but sobig put an end to that.  Who wants 400
"you were just protected from a virus" messages?

You will find this list divided between those who say mail is never to
be discarded, and those who decided that the spammers no longer make
that philosophy practical.

John Scully
-----Original Message-----
From: mimedefang-admin at lists.roaringpenguin.com
[mailto:mimedefang-admin at lists.roaringpenguin.com] On Behalf Of Schuyler
Sent: Sunday, September 28, 2003 2:11 PM
To: mimedefang at lists.roaringpenguin.com
Subject: [Mimedefang] Mimedefang 2.36 and how to drop a blocked
attachment message - action_bounce?

I've seen a few messages somewhat relating to this in the archives but
nothing with an authoritative answer.  Apologies if you feel it's a
repeat.  ^_^

After a few iterations of perl upgrades, many CPAN module installs,
sendmail recopiles and other standard challenges, I got mimedefang
working.  Celebrations aside, I'm trying to see how difficult it would
to just delete the e-mail, or bounce it with an error?  The problem I've
had is I have mailman lists where the e-mail address for the list has to
be posted on the website so every e-mail bomb ever grabs it and I get
hundreds of blaster, sobig, etc infected messages per day sometimes.
sure you all have much exaggerated versions of this. ;)

Granted, mimedefang now removes the harmful part of them but I sure
rather not have to add a header line, change my .procmailrc (and
to filter those, etc.  It'd be better for them to just go away.

It seems that using action_bounce for - well - everything but spam -
handle this nicely at the SMTP level and I just wanted to verify that
doesn't have any unwanted "challenges".  Where should this change take
place in the filter file?

Thanks in advance.

--Schuyler Bishop

MIMEDefang mailing list
MIMEDefang at lists.roaringpenguin.com

This email scanned for Viruses and Spam by iSupportISP using SpamViper. 
For more information on our best in class VISP Solutions please visit us at http://www.isupportisp.com

More information about the MIMEDefang mailing list