Julian Field mailscanner at ecs.soton.ac.uk
Fri Feb 6 12:01:34 GMT 2004

At 11:29 06/02/2004, you wrote:
>Martin Hepworth wrote:
>>Pete wrote:
>>>We are Domino shop, we have MailScanner/postfix/sa filtering all inbound
>>>mail. Very vanilla installation.
>>>We have merged with a company who used Exchange. Tnhey are sending
>>>messages from thier site, from exchange, over the net, into MailScanner
>>>to us.
>>>Suddenly we have started seeing messages from this company only that
>>>have the attachments icon in the client, to indicate that there is an
>>>attachment, but there is NO sign of an attachment.
>>>All other messages from people with attachments come through with no
>>>issue, or if they are noxious we get the inline spam warning as per
>>>usual. We have NO rules, just basic/default filename/type/warnjing
>>>settings in MS.conf.
>>>The only messages with attachments to have the X_MS_has_attach "yes"
>>>header are the ones from this new company, they have NO anti spam tools
>>>at all. There is no entry in the logs for these messages to have had an
>>>attachment modfied or anything.
>>>Maybe there is a way to modify this header?, but what are the
>>>implications of this? IS this header generated by mailscanner, why?
>>>We are in a situation where the new company (controlling) wants to force
>>>MS Exchange onto us in place of Lotus Domino, so incompabilities, that
>>>seems to be our fault work against in a hieous way - please help me fend
>>>off these marauding ms exchange loving heathens...for the love of Man,
>>>the benefit of the world and all that we stand for - etc :)
>>you might want to setup a whitelist rule for the new companies email
>>server so SA doesn't scan - I guess you'll still need the virus
>>Given the fact the other half is a m-sexchange site you might want to
>>investigate the TNEF settings on the MS host. doing TNEF from the perl
>>module is generally more powerful and less error prone than the binary,
>>but YMMV so check that.
>>Another option might be to setup a VPN between to two LAN's, quite easy
>>Martin Hepworth
>>Snr Systems Administrator
>>Solid State Logic
>>Tel: +44 (0)1865 842300
>>This email and any files transmitted with it are confidential and
>>intended solely for the use of the individual or entity to whom they
>>are addressed. If you have received this email in error please notify
>>the system manager.
>>This footnote confirms that this email message has been swept
>>for the presence of computer viruses and is believed to be clean.
>Thanks a lot, i should have thought of that, i will whitelist them on
>Monday. Is this simple to do, but ensuring that virus scanning
>continues? I cant see any point turning AV off...

You can control just about everything in MailScanner with a ruleset that
lets you switch features on/off and change values for any arbitrary groups
of users or domains. Read /etc/MailScanner/rules/* and see the FAQ too.
There's plenty about rulesets there. You just want to tie a ruleset to
"Spam Checks".
Julian Field
MailScanner thanks transtec Computers for their support

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654

More information about the MailScanner mailing list