MailScanner and the postfix hold queue

[Julian Field]

Scott Silva wrote:
> Rodney Green spake the following on 9/24/2007 11:43 AM:
>> Hello,
>>
>> Has anyone using postfix and MailScanner investigated using the
>> smtpd_data_restrictions postfix config parameter to hold incoming
>> e-mail? This would be used instead of placing the HOLD statement in
>> the header_checks config file.
>>
>>
>> smtpd_data_restrictions =
>>        permit_mynetworks
>>        check_client_access static:HOLD
>>
>> The above would allow local mail from internal clients to bypass
>> MailScanner, I think. Anything
>> else would be put in the HOLD queue for MailScanner to scan.
>>
>> Any thoughts on this?
>>
>> Thanks,
>> Rod
>>
> Internal clients can get infected also, and you probably are not wise 
> to exempt them from scanning. You would be amazed at how hard someone 
> will try to get something they think they want or they think is OK 
> even if I.T. says no.
And if you ever let a virus out of your site, you better be prepared for 
some lawyer-happy recipient to try to sue you for negligence in not 
virus-scanning your outgoing mail when you have systems in place that 
could be set up to do it :-(
You also don't want to get blacklisted if one of your internal machines 
is ever infected by a botnet. Traditionally, the boss's laptop is the 
most likely offender in this case :-)

There are a thousand other reasons why exempting *any* mail from 
complete virus, malware and spam content checking is A Bad Thing(tm).

Jules

-- 
Julian Field MEng CITP
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
For all your IT requirements visit www.transtec.co.uk


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
For all your IT requirements visit www.transtec.co.uk