Hi!

Yesterday I ran into a problem that might also bring other amavis users
into trouble:

Mailbombs containing special attachments caused clamav to get into
trouble. It became very slow on scanning those attachments, so amavisd
killed it after it reached the timeout. In my case (pre-queue-setup), it
caused the mail to be rejected with a 451 temporary error. The bad thing
is that amavisd didn't remove the temporary directory ("PRESERVING
EVIDENCE ..."), in some cases containing more than 100 MB of unpacked
files. Since it was a temporary error, the relaying mail-server retried
delivery after some delay, so the same procedure looped until the
filesystem containing the temporary files was full. After this point,
mail delivery was completely disabled.

I know that my pre-filter-setup isn't recommended for production use,
but I believe that this kind of loop (processing fails, directory is
kept and the mail is requeued) could potentially also happen in a common
post-queue scenario.

Maybe the decision what to do with a temporary directory after
processing the mail had failed should be configurable in order to
prevent possible DOS-attacks? Possible actions could be:
- keep directories only until a certain amount of disk space is filled
- move those temporary directories into another place
- generally do not preserve evidences

Cheers,
--leo
-- 
e-mail   ::: Alexander.Bergolth (at) wu-wien.ac.at
fax      ::: +43-1-31336-906050
location ::: Computer Center | Vienna University of Economics | Austria


-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/