OT: Blocking oversized messages during SMTP transaction

Scott Silva ssilva at SGVWATER.COM
Wed Jun 15 17:52:59 IST 2005 

    [ The following text is in the "ISO-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

Jim Holland said the following on 6/14/2005 2:00 PM:
> Hi all
> 
> Sorry to be a little off topic here, but we have a sendmail issue that I
> hope someone might be able to assist with.  It is driving us mad!
> 
> We have only very limited bandwidth - 64k for 2,500 (yes) e-mail users -
> so need to utilise our bandwidth as efficiently as possible.  We have
> therefore configured the maximum message size in sendmail 8.13.1 to 1.5 MB.
> This normally works fine with intelligent mail systems that understand 
> what "250-SIZE 1500000" means.
> 
> However some systems such as Yahoo and, surprisingly, GoogleMail, fail to
> use the SIZE extension when sending us mail.  The result is that we accept
> large messages from them as we don't know what the message size is going
> to be in advance, and then when the specified size limit is reached for
> the temporary mail file, sendmail still stupidly insists on continuing
> with the transaction even though it will no longer write to disk.  That
> means that if Yahoo sends us an 8 MB file we accept the first 1,5 MB and
> write that to disk but then keep accepting the remaining 6,5 MB bytes only
> to chuck them into the bit bucket.  Only when the transaction is complete
> does sendmail inform the sender that the message is too large.  Clearly
> this is a total waste of time and bandwidth.
> 
> This evening some idiot tried to send us 12 separate copies of a 4,5 MB
> message!  Killing the connections doesn't work as Yahoo obviously just
> keeps resending.  I had to wait until it became apparent who the sender
> was, then blacklist them in the access file and only then kill the
> connections.
> 
> Is there any automated solution to this?  We need to be able to terminate
> the session with an appropriate error message the moment it is apparent
> that the message is too large.  Can sendmail be made to issue a fatal
> error message during the DATA phase of the SMTP transaction?  Or is the 
> crunch time when we need to bite the bullet and change to say Exim instead?
> 
> With the increase in size of messages allowed by systems such as Yahoo and 
> Gmail this is going to be more and more of a problem for us.  If the above 
> messages had arrived during the day they would have killed our bandwidth
> completely for several hours.
> 
> Any help would be most appreciated - apologies for being off-topic, but I 
> know the gurus are here on this list!
> 

Maybe a better option would be to rent a virtual server out on the net
to act as a mail gateway. That way you could kill the large messages, as
well as the bandwidth choking spam and viruses, and then pass the
"clean" messages on to your server.
I think several people on this list host servers, and it might not be
too expensive. It would be cheaper then more bandwidth!


-- 

/-----------------------\           |~~\_____/~~\__  |
| MailScanner; The best |___________ \N1____====== )-+
| protection on the net!|                   ~~~|/~~  |
\-----------------------/                      ()

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!

More information about the MailScanner mailing list