Scanning outbound mail?

Ken A ka at pacific.net
Thu Feb 9 18:34:26 GMT 2012


On 2/9/2012 10:44 AM, Richard Lynch wrote:
>
> Hi Everyone,
>
> We currently don't use MailScanner to scan outbound mail -- we only scan
> inbound messages. We do use clamav with some of the sanesecurity DBs on
> outbound but that's it. Scanning outbound mail would be problematic
> because of false positives and differing requirements. For example, I
> don't want to bounce spam detected messages on inbound but on outbound
> it would probably be a requirement so that the sender (one of our users)
> would know that their message wasn't sent.
>
> So, I'm trying to get a feel for what other sites do. Do you use
> MailScanner for outbound mail? If so how do you handle messages that are
> rejected? Do you bounce it or just ignore it or what?

We only use MailScanner on outbound from web servers. On outgoing from 
users (submission or webmail), we run several milters, including clamav 
w/sanesecurity, milter-limit, and have a few scripts that watch logs for 
odd behavior. Suspicious outgoing mail from users is much less common 
and is usually quarantined for asap inspection. There are very rare 
circumstances where we might bounce mail from a local user - user 
infected, or a brain-dead autoresponders.

Ken

> I appreciate any input or advise anyone wants to offer.
>
> Richard Lynch
> WVNET
>
>

-- 
Ken Anderson
Pacific Internet - http://www.pacific.net
Latest Pacific.Net Status - http://twitter.com/pacnetstatus


More information about the MailScanner mailing list