[clamav-users] Structured.CreditCardNumber bounce
Vladislav Kurz
vladislav.kurz at webstep.net
Sun Apr 3 22:55:57 UTC 2016
Dne Pá 1. dubna 2016 12:16:06, Bowie Bailey napsal(a):
> >
> > Thanx! Guess I used the term bounce incorrectly. After looking at my
> > amavisd.conf file, I realized I have:
> > $final_virus_destiny = D_REJECT;
> >
> > So it is properly configured, just not behaving the way we want it to yet.
>
> If that is the case, you have no control over the behavior. Your server
> simply sends a message something like:
>
> 554 Virus found - Signature is Heuristics.Structured.CreditCardNumber
>
> to the sending server. It is up to them what they do with that. You
> have no control over the content of the bounce message because your
> server isn't the one sending it.
>
> However, you should verify that Amavis is being called during the
> original receipt of the message. If it is being called later in the
> process, after your server has accepted the message, then that D_REJECT
> will turn into a bounce. (AFAIK... I haven't messed with Amavis configs
> in a while)
The most common setup of postfix+amavis, I have seen, is that amavis is called
AFTER the message has been accepted by postfix. In that case even if you set
amavis to D_REJECT you effectively do bounce. The difference is who controls the
content of the bounce message. In D_BOUNCE it is amavis, in D_REJECT it is
postfix. But both are under your control, and both are wrong. You do
backscatter spam in both cases.
More information about the clamav-users
mailing list