MailScanner at ecs.soton.ac.uk
Thu Feb 19 11:10:49 GMT 2009
On 12/2/09 22:56, Mike Masse wrote:
> One of my users received an Outlook express fragmented email message
> and kudo's to MailScanner because it didn't know how to handle the
> second portion of the email and it quarantined it. This could very
> well be related to:
> I searched the archive for fragmentation and did not get any results, so:
> Can MailScanner be set to properly detect and log and quarantine these
> fragmented emails vs what my system is doing right now which is only
> quarantining because it doesn't know what to do with the attachment.
> The fact that the email doesn't come through is fantastic, but without
> the logging bit, it's difficult to track down why for explanation
> purposes to clients.
Yes, MailScanner does detect fragmented messages and rejects them.
Imagine what would happen if you started storing them and attempting to
reassemble them. Here's message 1 of 1,000,000. Here's a different
message 1 of 1,000,000. And so on. DoS attack very easily!
What extra logging would you like it to do?
Julian Field MEng CITP CEng
Buy the MailScanner book at www.MailScanner.info/store
MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
PGP public key: http://www.jules.fm/julesfm.asc
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the MailScanner