Notify Sender when a virus is detected
Damien Robinet
damien at robinet.net
Wed May 25 14:54:17 CEST 2011
Hi Gary,
Not, it's not possible, because if you have a SMTP login to my server,
I check if you use the good FROM.
I start my policy with that:
if($attr{"sasl_username"} =~ /^[\w\.-_]+\@[\w\.-]+$/) {
One example of my rule:
if($status == 0) {
my $track1 = $mysql->prepare("SELECT domain
FROM mail_rewrite WHERE domain = '\@$sender_from' AND goto =
'\@$sender_domain'");
$track1->execute();
if(my $ref1 = $track1->fetchrow_hashref()) {
$status = 1;
}
}
And if the sender (from) are not allowed with the sasl login:
$mysql->disconnect;
return "reject Sender address $sender_from not
owned by $sender_domain";
}
If the sender match, i return "dunno".
I use my policy with the smtpd_end_of_data_restrictions of postfix :)
Regards,
Damien
2011/5/24 Gary V <mr88talent at gmail.com>:
>
> I think if it's a virus it could still fake sender address regardless
> of whether it comes from trusted networks or authenticated clients. I
> think if it is smart enough to be able to relay through your server,
> it would at least be smart enough to attempt forging the sender
> address. Same applies to spam or banned files that are created by
> spambots/malware or whatever.
>
> --
> Gary V
>
More information about the amavis-users
mailing list