-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tue, 13 Apr 2010, Andreas Schulze wrote:
So, you want postfix to accept the virus, send it to dovecot's deliver which then calls a virus scanner and finds it infected and deletes it, that makes absolutely no sense ACK.
but imagine:
MTA delivers a mail where the virusscanner finds nothing. Mail gets delivered. Some time later there is a scannerupdate. Now the scanner would find a malicious content.
So I may instantly scan the complete mailstore each time a new pattern arrives or scan only each accessed mail with the latest pattern. This seems smarter to me.
For this scenario I would like to see a concept for datainspection/datamodification in dovecot.
What about when dovecot would act as a milter client? Sounds strange but the problems are the same, why not use existing solutions ?
The problems are the same, but a milter has the duty to filter incoming mail. It's not a general mail-(content)-only filter.
You want a IMAP/POP3 mail inspector, well, that's fine. There are in-between firewall inspecting the contents of the routed connections. They understand POP3 and IMAP, as long as it is not encrypted. Some can act as proxy themselves, decrypt the connection. They work transparently.
To solve the problem in Dovecot one need to create an "iilter" (IMAP filter), aka Dovecot plugin. Which hands over the contents to the virus scanner and replaces the malicous part with a dummy value. However, because of caching in IMAP clients doing so may not work as expected.
That plugin could be derived from the zlib plugin, as it also has the duty to inspect the data on its flow from the disk to client and around. This won't work in Dovecot proxy mode, however, I guess.
Regards,
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBS8RZVr+Vh58GPL/cAQKOYQf+Ke46qAcH2ro7y9txCg2HhNgKZgtTA0BI 9+09ipuzkz4Pmqhz7rQtFmnl3LVs9aWfdJH3TIBipXi4wOkchiiw1Wb3iVPhSCyJ vdsAloCA2MhBqGKgdLx+uTQ39OIT66ysk2iRqVJHJblkyn3bpUyLtWf1XKokyjCe 0BZkbObg7eYmDQGS8RctS+QFoVslmlggr2qPHKxmBrKbUGAvK2NzI5jGEDntBWLl NuSTZRoV4szBZlISCczw0yDq+B/KVGLtAikC7PQAt6Osu/Lx7iz6mQrcsd8e8tIF d7BxYJwuzau3E6yCNdEXN3UKSRcACNVgADln3K4lpJZYf8yxWVJTFw== =MVDW -----END PGP SIGNATURE-----