sa_mail_body_size_limit and attachments
Henrik K
hege at hege.li
Fri Feb 25 06:37:28 CET 2022
On Thu, Feb 24, 2022 at 02:31:09PM -0500, Alex wrote:
>
> I identified an 8MB false-positive.
And what rules caused it to be a false-positive? Size doesn't matter here.
Fix the rules, add whitelisting etc.
> Is it the case that spammers are sending malware as large as 8MB files now?
Why wouldn't they? Bandwidth costs nothing and most servers these days even
accept 50-100MB mails. This is why amavisd started truncating scanned
messages in 2009, instead of just skipping processing. SA 3.4.3+ also have
mitigations to happily scan huge messages.
More information about the amavis-users
mailing list