Sender notifications - disable? customize?

Tue Nov 29 01:13:03 CET 2016

On 2016-11-28 15:34, Patrick Ben Koetter wrote:
> * MRob <mrobti at insiberia.net>:
>> Patrick,
>> 
>> Really appreciate your help, especially if Mark's not around here any 
>> more.
>> 
>> > > - Are there best practices advice about sender notifications?
>> >
>> > Don't notify senders for
>> >
>> > - spam
>> > - viruses
>> > - unchecked
>> >
>> > as the envelope sender is usually forged. You'd end up barking up the
>> > wrong
>> > tree and the server might get listed as backscatter server.
>> >
>> > Notify senders for:
>> >
>> > - banned files
>> >
>> > > - Looks like default is to have notifications ("warnings?") enabled
>> > > for
>> > > attachments with banned file extensions. Doesn't this risk backscatter
>> > > problems when sender address is forged?
>> >
>> > Yes.
>> 
>> Given that you advised sending banned notifications to senders, you 
>> consider
>> the backscatter potential an acceptable risk for keeping that turned 
>> on?
> 
> It's a calculated risk that tries to balance useful information against
> getting on innocent peoples nerves. I am not aware of facts (numbers) 
> that
> make this an easy decision. Personally I use notifications for banned 
> files.

I understand, but you contradicted yourself when you said:

>> Does disabling $warn_offsite prevent ALL non-local notifications 
>> (based on
>> $mynetworks?)? Should I set it to undef to disable?
> 
> I wouldn't use warn_offsite, because it opens the door to backscatter. 
> I'd
> leave it at its default, effectively disabling offsite warnings.

I'm trying to understand your particular opinion clearly. Are you saying 
that you do send banned file notifications, but only to internal 
senders?

As for the rest, I'm tempted to walk through the code by hand since 
playing with the configuration has gotten me nowhere and seems more time 
consuming. I will reply further and appreciate your guidance.

Since it appears the notification text for banned files is called 
"notify_virus_sender_templ" (am I correct?), I guess it is dual-use and 
will have some variables that change depending if it is a virus 
situation or a banned file situation?