Valentin Laskov
2014-02-27 10:44:30 UTC
Hi all,
Recently my mail servers receive many emails with .exe files attached. These files are actually viruses but ClamAV still does not
recognize them.
MailScanner puts exe files in quarantine, sends the letter without the file to the recipient and sends notice letter to the sender
about the attached file removal. Notice returns with "User unknown" because the sender's e-mail address does not exist.
Here's why:
1. How can I configure MailScanner NOT to send any information to recipients of these letters?
Rules for letters with executable files attached to be like this:
quarantine = yes
send report to sender = yes
send report to recipient = no
send cleaned message to recipient = no
2. Is it possible for MailScanner to provide this new feature:
- email with restricted attachment arrived;
- MailScanner puts the whole letter in quarantine and sends following notice to the sender:
"If you are the real sender of the letter to ......... with ....... file attached, please respond to this letter without any
changes. If you are not the sender please do nothing.
If you are the sender, please confirm, otherwise your original letter will be deleted entirely."
- If MailScanner receive "User unknown" for the notice letter, it deletes original letter immediately;
- If MailScanner does not receive confirmation, it (optionaly informs recipient for the letter with quarantined attached file like
now) waits some days;
- If confirmation received MailScanner sends the original letter optionaly with or without attachment;
- If timeout of some days expired and no confirmation received, MailScanner deletes the letter.
Regards!
Valentin Laskov
Recently my mail servers receive many emails with .exe files attached. These files are actually viruses but ClamAV still does not
recognize them.
MailScanner puts exe files in quarantine, sends the letter without the file to the recipient and sends notice letter to the sender
about the attached file removal. Notice returns with "User unknown" because the sender's e-mail address does not exist.
Here's why:
1. How can I configure MailScanner NOT to send any information to recipients of these letters?
Rules for letters with executable files attached to be like this:
quarantine = yes
send report to sender = yes
send report to recipient = no
send cleaned message to recipient = no
2. Is it possible for MailScanner to provide this new feature:
- email with restricted attachment arrived;
- MailScanner puts the whole letter in quarantine and sends following notice to the sender:
"If you are the real sender of the letter to ......... with ....... file attached, please respond to this letter without any
changes. If you are not the sender please do nothing.
If you are the sender, please confirm, otherwise your original letter will be deleted entirely."
- If MailScanner receive "User unknown" for the notice letter, it deletes original letter immediately;
- If MailScanner does not receive confirmation, it (optionaly informs recipient for the letter with quarantined attached file like
now) waits some days;
- If confirmation received MailScanner sends the original letter optionaly with or without attachment;
- If timeout of some days expired and no confirmation received, MailScanner deletes the letter.
Regards!
Valentin Laskov