mrm at medicine.wisc.edu
Thu Feb 19 22:11:52 GMT 2009
>>> On 2/19/2009 at 5:10 AM, in message <EMEW,
499D3E39.5050807 at ecs.soton.ac.uk>, Julian Field <MailScanner at ecs.soton.ac.uk>
> On 12/2/09 22:56, Mike Masse wrote:
>> One of my users received an Outlook express fragmented email message
>> and kudo's to MailScanner because it didn't know how to handle the
>> second portion of the email and it quarantined it. This could very
>> well be related to:
>> I searched the archive for fragmentation and did not get any results, so:
>> Can MailScanner be set to properly detect and log and quarantine these
>> fragmented emails vs what my system is doing right now which is only
>> quarantining because it doesn't know what to do with the attachment.
>> The fact that the email doesn't come through is fantastic, but without
>> the logging bit, it's difficult to track down why for explanation
>> purposes to clients.
> Yes, MailScanner does detect fragmented messages and rejects them.
> Imagine what would happen if you started storing them and attempting to
> reassemble them. Here's message 1 of 1,000,000. Here's a different
> message 1 of 1,000,000. And so on. DoS attack very easily!
> What extra logging would you like it to do?
Thanks for replying. It turns out that it did detect the fragmentation and logged it as so, so never mind. Keep up the good work!
More information about the MailScanner