quarantine release might lose mail?
Glenn Steen
glenn.steen at gmail.com
Thu Dec 17 15:16:06 GMT 2009
2009/12/17 Frank Cusack <fcusack at fcusack.com>:
> On December 17, 2009 12:28:10 PM +0000 Steve Freegard
> <steve.freegard at fsl.com> wrote:
>>
>> On 17/12/09 12:05, Glenn Steen wrote:
>>>
>>> 2009/12/17 Frank Cusack<fcusack at fcusack.com>:
>>
>> << snipped entire discussion >>
>>
>> Why anyone still quarantines stuff using the queue file format is
>> completely beyond me.
>>
>> Every MTA supported by MailScanner implements sendmail binary argument
>> compatibility so just store your quarantine files in rfc822 format and
>> then release them like so:
>>
>> sendmail user at domain.com -i < /path/to/quarantine/date/id/message
>>
>> All that is needed for this to work is to exclude 127.0.0.1 from scanning
>> via a rulesets on the relevant configuration items ('Scan Messages' being
>> the easiest; but least safe).
>
> See my earlier email about how "Read IP Address from Received Header" works.
> That was never really answered fully but my takeaway from it is that MS
> cannot determine where mail comes from if there are a variable number of
> hops from your mx gateway to the MS host. Meaning, if your MX host is a
> hop away, and therefore you need to set "Read IP Address from Received
> Header" to 2, then you can never whitelist 127.0.0.1 because that first
> Received header will not be parsed by MS.
>
> Perhaps that's wrong but again that's just what I was able piece together
> from what answers I did get to that thread.
Could you explain why it is like that? Your "mail bastions" should be
your PF/MS-hosts, unless you have something very clever (like a
BarricadeMX) in between... And why would you set your secondary
path/fallback to have a different amount of hops?
You might have mentioned why before, but if so... I've forgotten.
Could you elaborate a bit? To my eyes, it seems you're doing something
less than optimal... but I might be wrong:-)
> -frank
Cheers
--
-- Glenn
email: glenn < dot > steen < at > gmail < dot > com
work: glenn < dot > steen < at > ap1 < dot > se
More information about the MailScanner
mailing list