From: John L. <jo...@bl...> - 2003-02-24 19:24:58
|
Hello, again. I split this question into a second mail because I thought it probably deserved its own discussion. The Courier-MTA has no good facility for allowing a message to bypass filtering short of direct injection into its mail queue, which would be very difficult to do synchronously and could be highly incompatible between courier versions. I had the notion of having amavis-ng add a special header which indicates that the message has already been scanned or has been cleared to bypass the scan. The next time it was run back through amavis-ng after reinjection via SMTP or `sendmail`, it would be passed through raw. The problem comes in how to make this header unforgeable. Of course, I can strip this header in accept_message so that a user could never 'see' it and determine how to send out mails that bypass the filter, and I can make it site configurable so that a user cannot simply read the sourcecode and determine how to bypass amavis-ng, but these seemed like inadequate solutions. Does anyone have any ideas on the best way to implement some way to do this securely? Not only would it make the Courier filter work much better, but it could also greatly simplify configuration on other MTA's. John Laur |