[prev in list] [next in list] [prev in thread] [next in thread] 

List:       vchkpw
Subject:    Re: [vchkpw] Pop before smtp bypasses qmail-scanner
From:       Oden Eriksson <oden.eriksson () kvikkjokk ! net>
Date:       2004-01-29 21:33:44
Message-ID: 200401292233.44260.oden.eriksson () kvikkjokk ! net
[Download RAW message or body]

torsdagen den 29 januari 2004 20.52 skrev Michael Bowe:
> ----- Original Message -----
> From: "Jeremy Kitchen" <jeremy@inter7.com>
>
> > On Thu, 2004-01-29 at 12:21, J. Kendzorra wrote:
> > > Jeff Koch:
> > > > Then, it seems, for the period of time these entries stay in the
> > > > database email that comes from these IP addresses bypasses the
> > > > qmail-scanner virus filter.
> > > >
> > > > Is there a way to correct this problem? It is letting viruses through
> > > > our mailserver.
> > >
> > > Try putting
> > > QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
> > > export QMAILQUEUE
> > > into your qmail-smtpd-runscript.
> > > It should catch *every* mail now.
> >
> > as I mentioned in my previous reply, even if it's like this, the
> > presence of the RELAYCLIENT environment variable overrides the
> > scanning.  This is documented in the qmail-scanner ... documentation :)
> >
> > -Jeremy
>
> No that isn't correct
>
> If you are settings QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl" in
> your smtpd run file, then qmail-scanner will run for all SMTP connections.
> However if RELAYCLIENT is set, then qmail-scanner wont try to run the
> spamassassin subroutines. The antivirus will still run though.
>
> Alternatively, if you have coded the QMAILQUEUE commands into your tcp.smtp
> (rather than the smtpd run script), then qmailscanner will not be run at
> all for pop-before-smtp users. The only fix for this would be to modify the
> vpopmail source and change the lines where the open-smtp file is generated
> and make it include the QMAILQUEUE command also.

I tried that once but had problems with it. I guess there wasn't enough buffer 
for all those characters or something.

It would be nice in a future release if one could flag this on/off per user or 
at the least per domain. That would be cool for the current spamassassin code 
too (the "Track Spam" feature).

The system owner should be in charge of which domains should be able to use 
this as it puts additional load to the system and it could be charged 
differently. Like; "Track Spam" €40 per domain/user, "Virus scan" €20 per 
domain/user, etc.

Just my 0.2€.

Cheers.


[prev in list] [next in list] [prev in thread] [next in thread]