OT: Blocking oversized messages during SMTP transaction
mailscanner at MANGO.ZW
Thu Jun 16 16:23:00 IST 2005
On Wed, 15 Jun 2005, Richard.Hall wrote:
> > We have only very limited bandwidth - 64k for 2,500 (yes) e-mail users
> Ouch :-(
Well would you believe that the same 2,500 users collect their mail via a
bank of only 6 dialin modems set up on a hunting line? We are able to
make this quite workable by getting 97% of our users to use ancient
FidoNet software that sends mail in compressed format and sends
attachments in binary format.
> > Is there any automated solution to this? We need to be able to terminate
> > the session with an appropriate error message the moment it is apparent
> > that the message is too large. Can sendmail be made to issue a fatal
> > error message during the DATA phase of the SMTP transaction? Or is the
> > crunch time when we need to bite the bullet and change to say Exim instead?
> Much as I love Exim, and despite the fact that sendmail's config makes me
> feel nauseous, I don't believe that Exim can help you here. But nor can
> sendmail IMHO. The problem is the SMTP protocol itself, which only gives
> you two (relevant) points at which you can reject the message:-
> 1) immediately after receiving the DATA command - but that is obviously
> too soon for you, as you don't yet know the size;
> 2) after the terminating '.', when you do know the size - but by then it
> is too late, as you clearly appreciate.
> In between those two points the traffic is all "one-way". The SMTP
> protocol does not define any way to stop the data transmission in
> mid-stream, except by dropping the connection. And the other end will
> treat that as a temporary failure, and retry later. Ah, you know that ...
Thanks for the confirmation. It is what I feared. However I had hoped
that as some virus scanners could be configured to block a virus during
the SMTP session this meant that it was possible to send a termination
signal during the DATA phase. Presumably they do in fact also have to
wait until the very end of the DATA phase and then reject the virus at
> The best I can suggest at the moment is that you limit the number of
> simultaneous connections from one IP address, eg so that you only have
> one rogue connection at a time. Exim can certainly do that; I don't know
> about sendmail. (Anyway, it's not foolproof - there are all sorts of
> trivial counter-examples - but it might help a bit.)
sendmail can do that. However the number of times I have such a problem
has been so small that the drawbacks would outweigh the benefits. (Now I
see that I have 3 oversize Yahoo messages in the mqueue.in directory as I
What is wrong with Yahoo and Google Mail??? Surely it would be to their
benefit to adopt the well-known SIZE extension? Perhaps they have so much
bandwidth that they simply don't care.
MANGO - Zimbabwe's non-profit e-mail service
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner