mcr -

Alex Broens ms-list at alexb.ch
Thu Aug 31 09:06:00 IST 2006


On 8/31/2006 12:33 AM, Kash, Howard (Civ, ARL/CISD) wrote:
>> I don't like that, as most spam can be identified by the first 20k, and
>> your idea would let through large spam.
> 
> How about this for a compromise - add a new MailScanner.conf option that specifies the behavior if the message size exceeds Max Spamassassin Size.  Quick and easy options would be:
>  
>     truncate - current/default behavior
>  
>    drop - no content is sent to SA
>  
>    continue - continue until next blank line (no limit)
>  
>    continue N - continue until next blank line up to a maximum of N bytes - still risk truncating MIME content
>  
> The first two options should just be a few lines of code.  Based on previous emails, sounds like you've mostly coded variations of the last two options.  So just add a new MailScanner.conf option to choose which method to use.
>  
>  
> Future enhancements could include:
>  
>     - make drop and continue options MIME-aware and only drop or continue if truncation occurs inside a MIME block.  Use MIME boundaries instead of blank lines.
>  
>     - backtrack option - if truncation point is within a MIME block, revert back to previous MIME boundary, otherwise truncate at Max SpamAssassin Size
>  
>  
> Howard

Isn't that making it overly complicated? and prone to (?:human|system) 
error?

Wouldn't a total msg size be enough?

If a msg has a 23 MB .doc attached to it... I doubt it will be spam, so 
why even waste SA time on it?
Why send a voicemail 1.5Mb .wav file thru SA?, even if its only 50 kb of 
it, or when aunt Emily sends you the contents of the digital camera you 
gave her for her birthday, why even worry about sending 50kb of an 80Mb 
mail thru SA?

It would save LOTS of MS/SA processing power and all kinds possibly 
inherent issues.





More information about the MailScanner mailing list