in order to do any kind of analysis, you need to have physical access to the entire mail object. i am not aware of any smtp/rfc that allows for that kind of information polling ...
am not sure either that this is/will be an issue for the company in question some most mail servers behave in a similar manor. workaround ?? download, analyze, process a dos attack can be done with a 1KB mail just as easily as a 1 gb mail. the principle behind james is to accept all and then process - this prevents address harvesting and to some extent, allows some protection to dos (james can fire off threads and process individual mails to determine junk or not almost as fast as they can be received) ~-----Original Message----- ~From: Lahu [mailto:[EMAIL PROTECTED] ~Sent: Saturday, March 27, 2004 08:32 ~To: James Users List ~Subject: Re: MailSize ~ ~ ~Ok.. great.. I ve read the article and have fairly ~understood the logic behind not implementing FastFail. ~ ~So, wat do those users do who have to implement a ~company-policy that restricts oversized emails (say ~above 3 MB) from being downloaded to the server. Lets ~not discuss the case of hackers/crackers/spammers etc, ~for the sake of simplicity. ~ ~Any workarounds ? ~ ~Lahu ~ ~--- Craig Raw <[EMAIL PROTECTED]> wrote: ~> What you are asking for is fast fail. See ~> http://wiki.apache.org/james/NoFastFail for reasons ~> why ~> this is not implemented in James. ~> ~> In my experience I find that the culprits are ~> restricted to one or two remote servers. I have ~> written a mailet that logs a summary of every ~> email's size and remote host to the database. When I ~> ~> notice smtp bandwidth is high, I consult this log to ~> find the likely source. I can then block the ~> responsible hosts at the firewall level. ~> ~> -craig ~> ~> ~> Lahu wrote: ~> > Hi, ~> > Is there a way to block/reject AND MOST ~> IMPORTANTLY ~> > prevent over-sized emails from being downloaded AT ~> ALL ~> > to the company mail-server. ~> > ~> > The current "SizeGreaterThan" mailet does this ~> only ~> > after downloading the emails first and then ~> > analysing/evaluatiing etc. In my case, I dont want ~> the ~> > email/attachment/message/etc. to be downloaded at ~> all. ~> > ~> > If not, then wat is the workaround ? Coz, without ~> > this, it is possible for anybody to bombard the ~> mail ~> > server wid heavy mails such as 5 MB and do a DOS ~> > attack on us?? ~> > ~> > I m very concerned about this. ~> > ~> > ~> > __________________________________ ~> > Do you Yahoo!? ~> > Yahoo! Finance Tax Center - File online. File on ~> time. ~> > http://taxes.yahoo.com/filing.html ~> > ~> > ~> ~--------------------------------------------------------------------- ~> > To unsubscribe, e-mail: ~> [EMAIL PROTECTED] ~> > For additional commands, e-mail: ~> [EMAIL PROTECTED] ~> > ~> > ~> ~> ~> ~--------------------------------------------------------------------- ~> To unsubscribe, e-mail: ~> [EMAIL PROTECTED] ~> For additional commands, e-mail: ~> [EMAIL PROTECTED] ~> ~ ~ ~__________________________________ ~Do you Yahoo!? ~Yahoo! Finance Tax Center - File online. File on time. ~http://taxes.yahoo.com/filing.html ~ ~--------------------------------------------------------------------- ~To unsubscribe, e-mail: [EMAIL PROTECTED] ~For additional commands, e-mail: [EMAIL PROTECTED] ~ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
