Block SOBER at MTA (postfix)

Dhawal Doshy dhawal at NETMAGICSOLUTIONS.COM
Mon Dec 5 17:34:57 GMT 2005

    [ The following text is in the "ISO-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

Dhawal Doshy wrote:
>>>>> Hello All,
>>>>> A simple body check in postfix will reject all sober.u mails.  Create
>>>>> a file
>>>>> /etc/postfix/virus_body_checks with this content:
>>> This sounds remarkably like you are trying to make a virus scanner of
>>> your own. You better be sure this is really the sort of thing you want
>>> to take on as a project. You'll have users wanting signatures very
>>> quickly and stuff like that, before you know where you are.
>>> Personally I would steer well clear of it, and try out various ways of
>>> deploying ClamAV at MTA level if that's what you want to achieve.
>>> Just my 2p worth...
>> Julian is right on the money! Any paid programmer knows that if you
>> touch it once, you support it forever.

> b. Rejected as soon as the offending MIME line is found, this is done
> using the body_checks_size_limit (default 51200) in postfix. This is 
> what really happens (see postfix ain't so bad after all).

Replying to myself, how remarkable.. there are no bandwidth savings 
except for the bandwidth saved in rejecting rather than bouncing (not 
that i do) the virus. This was just confirmed by one of the co-authors 
of postfix.

the whole message is received over the network before the response to 
"." is sent.

The reduction in resource usage continues to be there (unless i reply to 
myself again)

- dhawal

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki ( and
the archives (

Support MailScanner development - buy the book off the website!

More information about the MailScanner mailing list