[plug] [Hey Bernd] Re: Undelivered Mail Returned to Sender
Craig Foster
fostware at westnet.com.au
Sun Sep 12 18:49:20 WST 2004
> -----Original Message-----
> From: plug-bounces at plug.linux.org.au
> [mailto:plug-bounces at plug.linux.org.au] On Behalf Of Bernd Felsche
> Sent: Sunday, 12 September 2004 9:51 AM
> To: plug at plug.linux.org.au
> Subject: Re: [plug] [Hey Bernd] Re: Undelivered Mail Returned
> to Sender
>
> On Saturday 11 September 2004 22:58, Cameron Patrick wrote:
> > Sorry for sending this to the list :(
> >
> > Bernd, your mail server doesn't seem to like me. I'm not sure what
>
> It doesn't like Westnet... In March this year, several of
> their customers (multiple source IP) started flooding my mail
> server with (hundreds/thousands of) viruses. I have no idea
> of WestNet's dynamic IP range, nor that of any other ISP, so
> I have no choice but to refuse mail delivery from their whole
> netblock by default.
Wow, I would have thought that heavy handed... (maybe it's just me).
Blocking ~20% (wild guess) of Perth net users seems a little drastic.
Why not just drop mail with executable / scripting sttachments? Spamassasin
with vbs/pif/exe attachments +100 will do it.
You can also use Messagewall to scan and drop Clam AV-positive mail at the
SMTP level. It's in unstable I think.
> > would make it think my messages contained viruses after seeing just
> > the RCPT TO command, but there's something a bit odd there.
>
> You're white-listed now.
>
> --
> /"\ Bernd Felsche
<snip>
Personally, I would like to see ISPs build in the outbound virus scan into
their base products.
I love the way SME Server / E-smith transparently proxies SMTP traffic
through the mail server (mailfront / qmail), and combined with ClamAV, it
cleans most (if not all) mail for viruses. Why couldn't ISPs do something
similar?
CraigF
More information about the plug
mailing list