Denial Of Service Attack Messages

[Andrew Southgate]

I get the exact same thing, also running under a vm after I upgraded a few
months ago.

 

You can find the emails in question, the path is wrong but they are under
/var/spool/MailScanner/quarantine/

 

I've not yet hunted down where the timeout is to try raising it, although by
forwarding one of the deleted emails I had it get deleted once, and get
through once so it doesnt seem reliable.

 

my server is fairly low power (3x atom cores for this vm), but low usage
(handful of domains for friends and family), so I'd thought it may be
something to do with that.

 

 

From: MailScanner
[mailto:mailscanner-bounces+mailscanner=z00b.com at lists.mailscanner.info] On
Behalf Of Steven Jardine
Sent: 07 March 2016 18:02
To: MailScanner Discussion
Subject: Re: Denial Of Service Attack Messages

 

What would cause a timeout?  My system is fairly new.  I would like to
determine the reason for the problem rather than just disable the scan.  Any
ideas?

On 03/07/2016 10:57 AM, Jerry Benton wrote:



This happens when the scanner times out. You can disable Dangerous Content
scanning to eliminate the error.

-

Jerry Benton

www.mailborder.com

Sent from my iPhone


On Mar 7, 2016, at 12:21, Steven Jardine <steve at mjnservices.com> wrote:

Yes.  I recently upgraded to 4.86.1-1 and the install log shows:

HTML::Parser => OK



On 03/07/2016 10:19 AM, Jerry Benton wrote:

is the HTML parser installed?

-

Jerry Benton

www.mailborder.com

Sent from my iPhone


On Mar 7, 2016, at 11:25, Steven Jardine <steve at mjnservices.com> wrote:

I upgraded MailScanner several months ago to v4.85.2-3 and now v4.86.1-1.
Often I am getting the error message:

MailScanner was attacked by a Denial Of Service attack, and has therefore
deleted this part of the message. Please contact your e-mail providers for
more information if you need it, giving them the whole of this report.
Attack in:
/var/spool/MailScanner/incoming/20499/u27Em5eK000564/nmsg-20499-47.html

The file reported in the attack is not there so I am unable to to any
troubleshooting.

I am using a OpenVZ container with Ubuntu 14.04 - 6 CPUs and 12GB RAM. The
messages are causing problems with valid mail messages both incoming and
outgoing.

Is there a way to disable this feature?  Any ideas on how to suppress these
messages?


Thanks!
Steve

IMPORTANT: This email does not constitute a contract or an offer or
acceptance of an offer to enter into a contract. Further, this email may not
be used to modify, supplement, novate, or waive any rights with respect to
an existing contract or other binding commercial terms.



-- 
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/listinfo/mailscanner





 

IMPORTANT: This email does not constitute a contract or an offer or
acceptance of an offer to enter into a contract. Further, this email may not
be used to modify, supplement, novate, or waive any rights with respect to
an existing contract or other binding commercial terms.



-- 
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/listinfo/mailscanner






 
 

 

IMPORTANT: This email does not constitute a contract or an offer or
acceptance of an offer to enter into a contract. Further, this email may not
be used to modify, supplement, novate, or waive any rights with respect to
an existing contract or other binding commercial terms.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20160308/31d51fed/attachment.html>