Domains not to scan?

[Julian Field]

At 18:35 27/06/2002, you wrote:
>Anyway, what I'd like to be able to do is prevent MailScanner from modifying
>the headers of outgoing messages from our users, perhaps a
>"domains.not.to.scan.conf" file or negative entries in
>"domains.to.scan.conf" is in order.

I really must write a FAQ about this, I get asked it about once a month.

Summary: it's impossible.

Right, say you have domains under your control called scanme.com and
dontscanme.com. There is some other domain out there on the net called
other.com.

You want to restrict scanning by having a "domains.not.to.scan.conf" file
containing "dontscanme.com".

Okay so far?

Someone sends a message from other.com to scanme.com. You scan it as
scanme.com isn't in the list. Now you get a message from other.com to
dontscanme.com. You still scan it as other.com isn't in the list.

The same arises from scanme.com and dontscanme.com *to* other.com.

Last case: someone sends a message from scanme.com to dontscanme.com. Do
you scan it or not? As scanme.com is not in the list, then you should scan
it. The guys at scanme.com are going to get real mad at you for not
scanning their incoming mail, if you decide to not scan it as
dontscanme.com is in the list. So you have to scan it. So you have to give
priority to domains that are *not* in the list, and these over-ride domains
that *are* in the list.

So you end up scanning everything. It isn't what you think you wanted to
do, but it is the logical consequence of what you have to do (i.e. scan
mail for people who want it scanned).

So it can't be done.

Must put this in a FAQ...
--
Julian Field                Teaching Systems Manager
jkf at ecs.soton.ac.uk         Dept. of Electronics & Computer Science
Tel. 023 8059 2817          University of Southampton
                             Southampton SO17 1BJ