mail's back

Okay, so, I admit, I wasn't ready to ditch email yet. This morning, the reasons remained: if I loaded my mail server I suddenly received a flood of messages, including the virus, spam, and "rejected" messages from addresses that had received the virus with my own address spoofed.

But even as the problems remained, I needed email, not least to reply to the clevercactus-dev list, and even do some work. Last week's crisis led me to think in new directions, and maybe we'll be able to come up with a good solution for this problem (or part of it). In the meantime, I had to get my mail back. I had no choice.

So I breathed deeply and started looking for configuration options for postfix, the mail server that I use. I found good information here, here and especially here. I started adding options and it took me some time to get them running, in particular the regular expressions that parse both the headers and the body of the message were a bit of a pain to get right, as usual. (I am now, for example, rejecting EXE, PIF, BAT and other MS-virus-related attachments, knowledge of MIME and how it is usually done has its uses :)).

I still have to tweak things a bit, but in principle it should be back to normal. Interestingly enough, most of the messages are being rejected with the error "Helo command rejected: need fully-qualified hostname". I wonder if this will affect legitimate email (I am not entirely sure which of the postfix settings is requiring this, maybe it's "reject_non_fqdn_sender" or "reject_non_fqdn_recipient" or "reject_unknown_client"...).

If you're trying to contact me via email and you can't, leave a comment here--also, if I haven't replied in the last few days just give me a few hours as I go through my queue.

Update: in the roughly three hours since I completed the filtering configuration, postfix has rejected 1128 emails, most of them infected with the Sobig virus. One thousand one hundred twenty-eight! Jeez. Anyway, it feels weird now. Like the quiet right after the storm has passed.

(In the time it took to write the previous paragraph, another nine invalid emails were bounced!)

Posted by diego on August 25 2003 at 10:20 AM

