On 6/7/05 10:40 AM, "Tony Marques" <[EMAIL PROTECTED]> wrote:
> I don't operate or have experience with Exim, but I've have noticed a > problem with several different exim mail servers (one 4.50 several > 4.41 and probably other versions). Perhaps someone can look at this > and determine if it is a bug in Exim. > > A virus spoofing my domain will send an Exim server a message which > will initially accept the message but later tries to bounce the > message because it finds the illicit .scr/.pif/.exe attachment, the > mailbox is full, no such user or some other problem. So now the Exim > server generates and sends a bounce to my server which detects the > illicit attachment or forgery and responds with either a It's more an error in configuration. These days, sending back an entire message in a bounce is most unfriendly, since it's so likely to distribute a virus to an innocent third party. We cut off our bounce messages at--I think--10K. Newer Exims (I forget the transition point) can also be configured not to return the body at all). > Here is the problem, the Exim servers will retry to resend the message > (ignoring the 55x errors) every two hours for 2 or 3 days. The > bounce's message-id, date, other headers, and the quoted forgery all > demonstrate that the multiple bounces are caused by a single message > and the multiples are a result of a problem with Exim not > acknowledging my server's 55x responses. Normally this problem > wouldn't be noticed as bounces aren't normally seen. In my experience, Exim doesn't do that, and I'm not quite sure what I would do to cause it. --John -- ## List details at http://www.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
