Releaseing mail from quarantine (wiki instructions didn't work)
Chris W. Parker
cparker at swatgear.com
Wed Aug 29 17:24:39 IST 2007
Hello,
First issue is that I've got an email that is being quarantined because
it is claimed to be "nested too deeply".
To release it from the quarantine I referred to
http://wiki.mailscanner.info/doku.php?id=maq:index#quarantine_management
. It says to simply copy the qf/df file pair of the offending email into
the outgoing queue. But when I do that nothing happens. The email just
sits there in the queue whilst other emails (that are received and found
to be clean) come and go through the queue. I finally restarted
MailScanner and that seemed to get the message on its way. Which brings
me to the second issue... After MailScanner restarted it was quarantined
again for the same problem. Back to square one.
I'd like to suggest that the wiki be updated with more complete
instructions since, unless my system is out of the norm, those
instructions very lacking. It doesn't mention the need to restart
MailScanner and simply copying the qf/df files to the outgoing queue
merely results in the email(s) being quarantined again.
So now I'm looking for the rule that caused this email to be quarantined
in the first place and the best I could find is:
ClamAVmodule Maximum Recursion Level = 8
I raised the max up to 25 and redid the release+restart and the user was
able to receive the email. When I checked the .zip it only had one
folder with two files.
So...
file.zip:
folder
fileA.xls
fileB.xls
This is hardly 25 levels of nesting. What could cause this to be
flagged?
Another part in this puzzle is that the message was larger than the "Max
Spam Check Size = 150000" limit. Could this be related?
Thanks,
Chris.
More information about the MailScanner
mailing list