Scanning outbound mail?
ka at pacific.net
Thu Feb 9 18:34:26 GMT 2012
On 2/9/2012 10:44 AM, Richard Lynch wrote:
> Hi Everyone,
> We currently don't use MailScanner to scan outbound mail -- we only scan
> inbound messages. We do use clamav with some of the sanesecurity DBs on
> outbound but that's it. Scanning outbound mail would be problematic
> because of false positives and differing requirements. For example, I
> don't want to bounce spam detected messages on inbound but on outbound
> it would probably be a requirement so that the sender (one of our users)
> would know that their message wasn't sent.
> So, I'm trying to get a feel for what other sites do. Do you use
> MailScanner for outbound mail? If so how do you handle messages that are
> rejected? Do you bounce it or just ignore it or what?
We only use MailScanner on outbound from web servers. On outgoing from
users (submission or webmail), we run several milters, including clamav
w/sanesecurity, milter-limit, and have a few scripts that watch logs for
odd behavior. Suspicious outgoing mail from users is much less common
and is usually quarantined for asap inspection. There are very rare
circumstances where we might bounce mail from a local user - user
infected, or a brain-dead autoresponders.
> I appreciate any input or advise anyone wants to offer.
> Richard Lynch
Pacific Internet - http://www.pacific.net
Latest Pacific.Net Status - http://twitter.com/pacnetstatus
More information about the MailScanner