dealing with the quarantine
mailscanner at ecs.soton.ac.uk
Wed Nov 13 10:56:26 GMT 2002
At 22:32 12/11/2002, you wrote:
>2 things in the quarantine I notice the directories are in a date format
>such as year/month/day is this our server or is it in the code somewhere
>that I can tweak to be European date format i.e. year at the end.
The date format is yyyymmdd intentionally. If you alphabetically or
numerically sort the directory names (like "ls" does) then you get the
dates in chronological order. So a simple "ls" command will sort them with
oldest first, newest last.
>next and most important thing which is probably more of a sendmail issue if
>you have a Spam or a virus mail that a customer needs/wants (why I'm not
>sure) how do you get it processed - I suppose you need to do it from
>localhost and have a rule that won't block it or scan it from localhost but
>how do you get sendmail to process that raw file?
If you store the messages as raw queue files (i.e. the qf+df pair) then you
can just drop the files into /var/spool/mqueue. If you want to trigger
immediate delivery of it, then do
/usr/sbin/sendmail -qIxxxxxxxxx -v
where xxxxxxxxx is the raw queue filename excluding the qf or df off the
front of it.
That way it won't get scanned at all.
If you are using an old version of sendmail, and you have the whole message
stored as 1 file, then you can do
sendmail -t < blahblah
where blahblah is the filename of the quarantined message.
If you are using a newer sendmail (8.11 and beyond I believe) and you have
the whole message stored as 1 file, then it's harder as invoking sendmail
directly will still cause the message to be scanned. At that point you will
need rulesets which stop MailScanner scanning messages coming from 127.0.0.1.
Julian Field Teaching Systems Manager
jkf at ecs.soton.ac.uk Dept. of Electronics & Computer Science
Tel. 023 8059 2817 University of Southampton
Southampton SO17 1BJ
More information about the MailScanner