Bug #3383

mail-server: no feedback for user if a virus is detected on submission port

Added by Davide Principi over 5 years ago. Updated about 5 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-mail-filter
Target version:v6.7
Security class: Resolution:
Affected version:v6.7 NEEDINFO:No

Description

In the past I wrote

Assuming virus false positives are rare enough, virus should be DISCARDED, whilst spam explicitly REJECTED.

Silently discarding an email message can be misleading for the SMTP user.

  • An email containing a false positive is submitted
  • The mail server discards it
  • The user thinks the mail has been sent

The enhancement #3348 is a regression and we must turn the virus policy to REJECT again to avoid discarding false positives.


Related issues

Related to NethServer 6 - Enhancement #3348: Amavis virus+spam policy tweaks CLOSED

Associated revisions

Revision 9e112dab
Added by Davide Principi about 5 years ago

MUA must show an error if a virus is detected. Refs #3383

Set REJECT policy on virus detection.

History

#1 Updated by Davide Principi over 5 years ago

  • Subject changed from mail-server: no feedback for user if a virus is sent on submission port to mail-server: no feedback for user if a virus is detected on submission port

#2 Updated by Davide Principi over 5 years ago

#3 Updated by Davide Principi about 5 years ago

  • Status changed from TRIAGED to ON_DEV
  • Assignee set to Davide Principi
  • % Done changed from 20 to 30

#4 Updated by Davide Principi about 5 years ago

  • Status changed from ON_DEV to MODIFIED
  • Assignee deleted (Davide Principi)
  • % Done changed from 30 to 60

MODIFIED

Added commit also on v7

Test case

  • Send a message on submission port (587), containing an EICAR signature. The delivery must be rejected with an explicit error message.
  • Send a message on smtp port (25), containing an EICAR signature. The delivery must be rejected with an explicit error message.

#5 Updated by Davide Principi about 5 years ago

  • Status changed from MODIFIED to ON_QA
  • % Done changed from 60 to 70

In nethserver/testing 6.7:
nethserver-mail-filter-1.3.6-1.1.g9e112da.ns6.noarch.rpm

#6 Updated by Giacomo Sanchietti about 5 years ago

  • Assignee set to Giacomo Sanchietti

#7 Updated by Giacomo Sanchietti about 5 years ago

  • Status changed from ON_QA to VERIFIED
  • Assignee deleted (Giacomo Sanchietti)
  • % Done changed from 70 to 90

Tests with eicar, the mail is blocked both on port 25 and 587:

May 20 12:35:25 test amavis[2075]: (02075-01) Blocked INFECTED (Eicar-Test-Signature) {RejectedInternal,Quarantined}, SUBMISSION/MYNETS LOCAL [192.168.5.22]:40506 <giacomo@neth.loc> -> <giacomo@neth.loc>, Message-ID: <441a47f8-3818-4107-c208-39e6f0bec6cb@neth.loc>, mail_id: zwDbWeQfYEnH, Hits: -, size: 4562, 62 ms
May 20 12:35:25 test submission/smtpd[2214]: proxy-reject: END-OF-MESSAGE: 554 5.7.0 Reject, id=02075-01 - INFECTED: Eicar-Test-Signature; from=<giacomo@neth.loc> to=<giacomo@neth.loc> proto=ESMTP helo=<giacomo.nethesis.it>

Client message:

An error occurred while sending mail. The mail server responded:  5.7.0 Reject, id=02075-01 - INFECTED: Eicar-Test-Signature. Please check the message and try again.

#8 Updated by Giacomo Sanchietti about 5 years ago

  • Status changed from VERIFIED to CLOSED
  • % Done changed from 90 to 100
Released in nethserver-updates:
  • nethserver-mail-filter-1.3.7-1.ns6.noarch.rpm

Also available in: Atom PDF