whitelist_to getting exploited
Furnish, Trever G
TGFurnish at herffjones.com
Fri Dec 29 19:23:48 CET 2006
> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info
> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf
> Of Ramprasad
> Sent: Friday, December 29, 2006 5:22 AM
> To: MailScanner discussion
> Subject: Re: whitelist_to getting exploited
>
> On Fri, 2006-12-29 at 19:34 +1000, Res wrote:
> > On Fri, 29 Dec 2006, Ramprasad wrote:
> But user-1 wants all mails including spam , not others
>
> For eg If I want to allow abuse at mydomain to get all mail
> without check someone sends a mail To:the_top_man at domain,abuse at domain
>
> Then this mail would bypass spam checks and reach
> the_top_man at domain Obviously this would be a concern to
> everyone , how are you folks getting over this issue
Mailscanner can't split one message into several and treat them
differently based on recipient. Doing so would risk queue filename
conflicts.
But you can have your MTA split messages with multiple recipients into
one message per recipient -- then each message that mailscanner sees
only has one recipient.
There are some definite caveats to consider though:
- you'll use more bandwidth, since you're
delivering multiple copies of a message where
before you only delivered one. This may or may
not be significant for you.
- you'll increase the number of rows in your
mailwatch tables, if you're using mailwatch.
- However, mailwatch 1.x is 'broken' in that
it only records one recipient per message
anyway, so while you're increasing the load
a bit, you also may be saving yourself a
different headache later.
- you'll increase the number of log entries -- this
is probably insignificant.
- you'll increase the mailscanner processing load,
since e.g. one message may become five messages.
I used to split all inbound messages. I wish I still could, but in my
case I started bumping against the limits of my hardware and opted to
gain some performance by turning off the splitting.
More information about the MailScanner
mailing list