File Attachment size setting questions

[Julian Field]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



Stephen Swaney wrote:
>> -----Original Message-----
>> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-
>> bounces at lists.mailscanner.info] On Behalf Of Golden, James
>> Sent: Tuesday, August 08, 2006 11:15 PM
>> To: MailScanner discussion
>> Subject: File Attachment size setting questions
>>
>> I am trying to accomplish 2 things.  In upgrading our MTA's (MailScanner,
>> SA, ClamAV), I thought it would be best to block large attachment files
>> here instead of on the mail server (conserve internal bandwidth).  In
>> doing so there are 2 settings I can't figure out via my research.
>>
>> 1.  How can I NOT send the recipient the message at all?  I just want a
>> message going to the sender.
>>
>> 2.  How do I not store that message locally.  Currently we store the mail
>> (temporarily).
>>
>> Thanks,
>>
>> James Golden
> 
> If you using sendmail or the latest Postfix that can use milters, look at:
> http://www.snertsoft.com/sendmail/milter-length/
> 
> Milter-lengtf is a free milter form Anthony Howe. It is a Sendmail utility
> milter that imposes message size limits by IP address, domain name, or
> sender address on a message body length, excluding the message headers.
> Sendmail's MaxMessageSize option only allows for a single global server wide
> message size limit, which is insufficient for some sites that would prefer
> finer granularity in the application of message size limits. This is
> particularly useful for mail hosts that manage several domains and/or a
> large number of users, such as an ISP.
> 
> The MTA is the right place to block oversize messages, before acceptiong tem
> and then running them through MailScanner. 

What error message does the Milter produce?
One advantage in rejecting the message in MailScanner is that a full 
report message explaining the problem, including a message to both the 
sender and recipient telling them what happened and why their mail was 
rejected.

I have expanded this functionality in the latest release. It used to 
treat the message as if it was infected, the only clue being in the 
"report line" in the middle. It now sends a completely different message 
in response to size problems with messages and attachments. This can 
also result in the oversized attachment being stored in the quarantine, 
giving the recipient an alternative, more efficient way of retrieving 
the attachment, provided you have some sort of web-based quarantine 
management and retrieval system in place, such as the excellent 
MailWatch or DefenderMX packages.

Rejecting at the MTA is more efficient, but it doesn't have a chance to 
explain the reason in language that users might understand. And it 
doesn't notify the recipient at all, so they just see the message as 
having either never been sent, or just "lost en route", which is less 
than helpful.

This behaviour will damage your business reputation with your customers 
as they will just see it lose messages for no apparent reason, making 
them conclude that you run an unreliable mail service. And then they 
tell all their friends that your service doesn't work. Not good for 
business.

The max message size check is done early on in the processing of a message.



- -- 
Julian Field
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at MailScanner.biz

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
Get your PCs and servers from Transtec.de, very well built and reliable!

-----BEGIN PGP SIGNATURE-----
Version: PGP SDK 3.7.0
Charset: ISO-8859-1

wj8DBQFE2hhxEfZZRxQVtlQRAgx/AKCbJGscU3XBkbyXLIjTqu32NBiPVwCgvfD0
/E7OAGK58h2pQYECjhybO1A=
=qTxm
-----END PGP SIGNATURE-----

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
MailScanner thanks transtec Computers for their support.