Mail Problem: How to refuse large incoming attachments?

Mail Problem: How to refuse large incoming attachments?

Post by Ben Hirashim » Thu, 21 Oct 1999 04:00:00



hi all. i'm running a redhat 5.1 x86 box as an email server with
sendmail 8.8.7 and qpopper 3.0.

i'm having a mail/security problem. people keep sending our employees
really large (30MB+) attachments that fill up the hard disk and
temporarily disable my pop3 daemon. is there a way to refuse large
incoming email attachments before they have a chance to fill up the
disk? i need a simple solution, because i'm not a linux/unix expert.

much obliged,
ben

Sent via Deja.com http://www.deja.com/
Before you buy.

 
 
 

Mail Problem: How to refuse large incoming attachments?

Post by Cowles, Stev » Thu, 21 Oct 1999 04:00:00


You might want to check www.sendmail.org for the following parameters (see below) in
/etc/sendmail.cf. I have used the MaxMessageSize paramater in the past. If I remember
right, this paramater also effects outbound email as well. Not for sure.

Steve Cowles

<parameters from /etc/sendmail.cf>
# minimum number of free blocks on filesystem
O MinFreeBlocks=100

# maximum message size
#O MaxMessageSize=1000000


Quote:

> hi all. i'm running a redhat 5.1 x86 box as an email server with
> sendmail 8.8.7 and qpopper 3.0.

> i'm having a mail/security problem. people keep sending our employees
> really large (30MB+) attachments that fill up the hard disk and
> temporarily disable my pop3 daemon. is there a way to refuse large
> incoming email attachments before they have a chance to fill up the
> disk? i need a simple solution, because i'm not a linux/unix expert.

> much obliged,
> ben

> Sent via Deja.com http://www.deja.com/
> Before you buy.


 
 
 

Mail Problem: How to refuse large incoming attachments?

Post by Bob PHILLIP » Fri, 22 Oct 1999 04:00:00


I am not sure under sendmail, but if you use qmail there is a maxmessage
size that can easily be set up to reject any incoming/outgoing messages over
the size you configure.

You may want to look at www.qmail.org for an alternative to sendmail as a
whole.

Without starting a flame, the whole concept of qmail is superior from a
security point of view than sendmail and even after several years sendmail
config files are quite difficult to understand, where qmail config files are
very easy.

I do run sendmail and qmail mail servers and find that qmail is better for
me.

--
Bob PHILLIPS
Director/System Administrator

                                                |  http://www.norcom.net.au
Yes, I am on the interthingy     |  If it aint broke, fix it, then it will
be
--------------------------------------------------------------------------
     dotnet dotau Pty Ltd PO Box 2762 SOUTH HEDLAND WA 6722 AUSTRALIA
--------------------------------------------------------------------------


Quote:

> hi all. i'm running a redhat 5.1 x86 box as an email server with
> sendmail 8.8.7 and qpopper 3.0.

> i'm having a mail/security problem. people keep sending our employees
> really large (30MB+) attachments that fill up the hard disk and
> temporarily disable my pop3 daemon. is there a way to refuse large
> incoming email attachments before they have a chance to fill up the
> disk? i need a simple solution, because i'm not a linux/unix expert.

> much obliged,
> ben

> Sent via Deja.com http://www.deja.com/
> Before you buy.

 
 
 

Mail Problem: How to refuse large incoming attachments?

Post by Yann Golans » Fri, 22 Oct 1999 04:00:00


:hi all. i'm running a redhat 5.1 x86 box as an email server with
:sendmail 8.8.7 and qpopper 3.0.
:
:i'm having a mail/security problem. people keep sending our employees
:really large (30MB+) attachments that fill up the hard disk and
:temporarily disable my pop3 daemon. is there a way to refuse large
:incoming email attachments before they have a chance to fill up the
:disk? i need a simple solution, because i'm not a linux/unix expert.

Try looking at www.exim.org. It is far superior to sendmail (ie easier
to confiugure, more secure and generally better ;)

--
                                ... abayo ...
yann at kierun.freeserve.co.uk                  No SPAM will be tolerated

 
 
 

Mail Problem: How to refuse large incoming attachments?

Post by Frederic Fau » Sat, 23 Oct 1999 04:00:00




>Try looking at www.exim.org. It is far superior to sendmail (ie easier
>to confiugure, more secure and generally better ;)

Considering the number of people recommending Qmail and other
competitors, why do so many sites stick to Sendmail, and why is it
typically the MTA installed by Linux distros? That 1,000-page O'Reilly
book sitting on my bookshelf sure looks scary...

Are there really functionnalities that make Sendmail stand out, or do
people just stick to Sendmail out of habit?

FF.
--
The system required Windows 95 or better, so I installed Linux!

 
 
 

Mail Problem: How to refuse large incoming attachments?

Post by Mike Dowli » Sat, 23 Oct 1999 04:00:00



>Are there really functionnalities that make Sendmail stand out, or do
>people just stick to Sendmail out of habit?

I've heard that postfix is all the rage.  It is faster.  I believe that
sendmail has more anti-spam possibilities.

I won't swear to this, as I only have experience with sendmail.

Cheers,
  Mike Dowling

--

It is, in fact, a sendmail alias; the digit 'N' is incremented regularly.
Spammed aliases will be deleted.  Currently, mike[5,7-9,10,12,13,16-19]
have been deleted.  If email to mikeN bounces, try mikeN+1.

 
 
 

Mail Problem: How to refuse large incoming attachments?

Post by Ralf Hildebran » Sat, 23 Oct 1999 04:00:00




>>Are there really functionnalities that make Sendmail stand out, or do
>>people just stick to Sendmail out of habit?

>I've heard that postfix is all the rage.  It is faster.  I believe that
>sendmail has more anti-spam possibilities.

Sendmail is a grown piece of software. Don't look under the
hood. Looks real bad down there.
Competitors like zmailer, qmail, exim and postfix are both faster and
supposedly more secure.

I'm using postfix now. It's easier to configure, faster, you've got
this nice mailinglist for support where the author hangs out.
I've installed it on HP-UX 10.20 here in chroot()-jail. No part of the
program is setuid(root) which I think is "a good thing" (TM)

Quote:>I won't swear to this, as I only have experience with sendmail.

:)

--
Ralf Hildebrandt   http://www.stahl.bau.tu-bs.de/~hildeb   (0)531/391-3366
Institute for Steel-Structures, Technic. Univers. of Braunschweig, Germany
"Those who do not understand UNIX are condemned to reinvent it -- badly."
                                                          -- Henry Spencer

 
 
 

Mail Problem: How to refuse large incoming attachments?

Post by Rod Smi » Sat, 23 Oct 1999 04:00:00






>>Try looking at www.exim.org. It is far superior to sendmail (ie easier
>>to confiugure, more secure and generally better ;)

> Considering the number of people recommending Qmail and other
> competitors, why do so many sites stick to Sendmail, and why is it
> typically the MTA installed by Linux distros? That 1,000-page O'Reilly
> book sitting on my bookshelf sure looks scary...

Sendmail being installed by Linux distributions is starting to change.
With version 6.1, Mandrake switched from Sendmail to Postfix.  Debian now
ships with Exim.  I don't know about 6.1, but with 6.0 Red Hat still used
Sendmail, as does SuSE 6.1.

Part of the reason for sticking to Sendmail is that it's the "traditional"
MTA for UNIX systems.  Part of it's that many of the competitors are new
(Qmail and Postfix, in particular, are pretty recent entrants to the MTA
arena).  Some alternative MTAs have licensing issues.  Qmail, for
instance, has a no-binary-distribution clause that makes it difficult to
include it in a distribution.  I've not examined the Postfix license very
carefully myself, but I'm told that until recently it had a non-standard
freeware license with a clause that said the freeware status could be
revoked.  That might well keep entities like Debian and Red Hat from using
it.  I've heard that clause is now absent, so Postfix might be more
appealing now.

--

http://members.bellatlantic.net/~smithrod
Author of _Special Edition Using Corel WordPerfect 8 for Linux_, from Que

 
 
 

Mail Problem: How to refuse large incoming attachments?

Post by Ralf Hildebran » Sat, 23 Oct 1999 04:00:00



>Sendmail being installed by Linux distributions is starting to change.
>With version 6.1, Mandrake switched from Sendmail to Postfix.  Debian now
>ships with Exim.  I don't know about 6.1, but with 6.0 Red Hat still used
>Sendmail, as does SuSE 6.1.

SuSE supports Postfix now. Dunno if as default MTA, but it's there.

Quote:>include it in a distribution.  I've not examined the Postfix license very
>carefully myself, but I'm told that until recently it had a non-standard
>freeware license with a clause that said the freeware status could be
>revoked.  That might well keep entities like Debian and Red Hat from using
>it.  I've heard that clause is now absent, so Postfix might be more
>appealing now.

Yup. That has been resolved.

--
Ralf Hildebrandt   http://www.stahl.bau.tu-bs.de/~hildeb   (0)531/391-3366
Institute for Steel-Structures, Technic. Univers. of Braunschweig, Germany
"Those who do not understand UNIX are condemned to reinvent it -- badly."
                                                          -- Henry Spencer

 
 
 

Mail Problem: How to refuse large incoming attachments?

Post by Frederic Fau » Sat, 23 Oct 1999 04:00:00




>Competitors like zmailer, qmail, exim and postfix are both faster and
>supposedly more secure.

>I'm using postfix now. It's easier to configure, faster, you've got
>this nice mailinglist for support where the author hangs out.
>I've installed it on HP-UX 10.20 here in chroot()-jail. No part of the
>program is setuid(root) which I think is "a good thing" (TM)

What about anti-virus features? Considering the number of virus coming
through e-mail, I'd like to find an app that would work with the MTA
so as to quarantine any suspicious e-mail before users even get the
chance of d'loading it. BTW, are the above MTAs all open-source?

FF.
--
The system required Windows 95 or better, so I installed Linux!

 
 
 

Mail Problem: How to refuse large incoming attachments?

Post by C. Newpo » Sat, 23 Oct 1999 04:00:00



: >Try looking at www.exim.org. It is far superior to sendmail (ie easier
: >to confiugure, more secure and generally better ;)

: Considering the number of people recommending Qmail and other
: competitors, why do so many sites stick to Sendmail, and why is it
: typically the MTA installed by Linux distros? That 1,000-page O'Reilly
: book sitting on my bookshelf sure looks scary...

: Are there really functionnalities that make Sendmail stand out, or do
: people just stick to Sendmail out of habit?

Sendmail is best at doing the things that very few people need, such as
working over UUCP and doing fancy X400 stuff.

Apart from that it just happens to have been around the longest so
it has inertia on it's side.

I use Exim for all new work because it is less likely to suffer
from security problems and is *much* easier to set up.
sendmail.cf is a nightmare if you want to verify your configuration
instead of taking things on trust.

 
 
 

Mail Problem: How to refuse large incoming attachments?

Post by Rainer Lin » Sun, 24 Oct 1999 04:00:00



> >Competitors like zmailer, qmail, exim and postfix are both faster and
> >supposedly more secure.
> What about anti-virus features? Considering the number of virus coming
> through e-mail, I'd like to find an app that would work with the MTA
> so as to quarantine any suspicious e-mail before users even get the
> chance of d'loading it. BTW, are the above MTAs all open-source?

Well, please have a look at AMaViS (http://aachalon.de/amavis) - it
provides scanning of incoming eMail (attachments). It currently works
with sendmail and qmail.
Ive wrote a small patch for AMaViS to scan incoming and outgoing
eMails. But you need smtpd/smtpfwdd from the Juniper Firewall Toolkit
(www.obtuse.com). My patches can be found at
http://www.ce.is.fh-furtwangen.de/~link/security/amavis-patch.php3
(its still alpha - so use this patch at your own risk!)

For postfix see the FAQ at http://postfix.merit.edu/faq.html#scanning

A commercial solution could be Trend InterScan VirusWall (still beta),
www.antivirus.com. I know that also an another company is working on a
smtp-store-and-forward proxy with virus scanning capabilities. And
AVPDaemon + AVPMonitor from KasperskyLabs (www.avp.ru) provides
"scanning of the files attached to e-mail messages" (quote from the
website - I did not tested it).

HTH

best regards,
Rainer Link

--

Student of Communication Engineering/Computer Networking, University of
Applied Sciences,Furtwangen,Germany,http://www.ce.is.fh-furtwangen.de/

 
 
 

Mail Problem: How to refuse large incoming attachments?

Post by QuestionExchang » Sun, 24 Oct 1999 04:00:00


there's a line in /etc/sendmail.cf:
# maximum message size
#O MaxMessageSize=1000000
uncomment it, so it looks like this:
# maximum message size
O MaxMessageSize=1000000
as you see it above, that's a limit of 1Mb, if you want a limit
of 10Mb on a mail, it would look like this:
# maximum message size
O MaxMessageSize=10000000
do killall -v -9 sendmail
/usr/lib/sendmail -bd -q15m
or reboot the machine
bye,
Boaz

Quote:

> hi all. i'm running a redhat 5.1 x86 box as an email server
with
> sendmail 8.8.7 and qpopper 3.0.

> i'm having a mail/security problem. people keep sending our
employees
> really large (30MB+) attachments that fill up the hard disk
and
> temporarily disable my pop3 daemon. is there a way to refuse
large
> incoming email attachments before they have a chance to fill
up the
> disk? i need a simple solution, because i'm not a linux/unix
expert.

> much obliged,
> ben

> Sent via Deja.com http://www.deja.com/
> Before you buy.

--
  This answer is courtesy of QuestionExchange.com
  http://www.questionexchange.com/showUsenetGuest.jhtml?ans_id=6102&cus...
 
 
 

1. Sendmail...arrgghh...only incoming mail is refused...

Ok, I've got a very simple mail set up...no databases either defined or
existing anywhere...  so why does incoming mail (local net mail traffic
 is ok) choke with the following syslog'd error :



the "/directory/non-existant.db" that I had failed to properly setup)

Is there some sort of default database or a bare minimum database
that I am overlooking?...

sorry for being such a newbie -- appreciation in advance...

2. Can't type euro sign

3. Mail Attachment for two or more attachments

4. Opinions wanted: HP vs SGI vs SUN

5. Mail problem for incoming mail

6. AuthName change/ Confused clients

7. Is there a mail reader for MSWord/WordPerfect mail Attachments?

8. [KBUILD] Fix filechk_gen-asm-offsets

9. Is there a way to send mail attachment using /usr/ucb/mail ?

10. Mail relay program that TRASHES ALL INCOMING MAIL?

11. Problem retrieving mail with msword attachments

12. problem mail attachment

13. Mail problem - attachments