BANNED_FILES, Quarantine but send notice to original recipient

Olivier Nicole Olivier.Nicole at cs.ait.ac.th
Tue May 19 07:04:59 CEST 2015 

Greg, 

> So, I'd like to quarantine banned files, but rather than notifying the sender [usually a bot, or virus etc - and usually with a forged sender address] I'd like to quarantine the file and send a notice to the original recipient. [The one the message was addressed to when we received it.]
>
> I'd also like a quarantine notice to go to the admin email addy, but I can already do that.
> I can't find a way to send one to the recipient. Is there a way?
>
> [While not as important as for banned files, I'd like to do the same for virus quarantines.]
> (Essentially I'm trying to avoid any possibility that one of our users
> has/had an inbound message blocked and that the *user* wasn't notified
> about it.)

What I have implemented is a cron that send a daily summary of the
quarantined messages, so mething like:
You have received email(s) that is suspicious spam and was quarantined.

Quarantined messages are kept for 30 days before they are automatically
removed (http://www.cs.ait.ac.th/laboratory/email/spam.shtml#spam).

You can see any of the following messages in your Junk folder on CSIM
mail server.

If you wish to get any of the following message delivered to your
mailbox, reply to this email, including the lines with the File:
information below.

The word File: MUST be in your reply message, along with the filename.

  1 File: 1431927124.14899_1.mail.cs.ait.ac.th
    Spam Level: 11.675
    Date: Mon, 18 May 2015 0:30:01 -0500
    From: whatever at someaddress.org
    Subject: Some subject

  2 File: 1431930238.15572_1.mail.cs.ait.ac.th
    Spam Level: 17.831
    Date: Mon, 18 May 2015 15:23:44 +0900 (JST)
    From: some_other_guy at elsewhere.com
    Subject: Some more wasted bandwidth

Users can go to their junk folder and see the messages, or they can
reply to the summary message and the quarantined mail will be released
to their mailbox.

It works for quarantined messages, but could be adapted for banned
messages too, but experience shows thare are about 2% banned to spam
ratio and users never asked the release of a banned message (those who
really need an executable to get through will know already that they
have to zip and password protect it).

Olivier


>
> TIA
> -Greg
>
> [2:text/html Show]
>

--

More information about the amavis-users mailing list