Page 76 - Mercury Manual.book
P. 76
71 The MercuryS SMTP Server Module
Compliance options
2: To detect and refuse any connection where the client’s HELO name is not a valid domain
name (i.e, contains no period characters)... This is also a near-infallible way of detecting con-
nections from spam zombies and address harvesters.
H, "*.*" RSN, "554 Format of HELO/EHLO greeting unacceptable."
3: To detect and refuse any attempt to deliver a message where the subject line contains the
word "Viagra":
S, "*viagra*", R, "554 Unacceptable subject - message refused."
Note that in this case, Mercury will accept the entire message but will discard it. This costs
you some bandwidth, but guarantees that "real" hosts that try to deliver such messages will
return a proper error response to the sender.
4: To detect any message where the subject line contains the word "Vicodin" and drop the
connection unceremoniously:
S, "*vicodin*", D, "'Vicodin' in subject - connection dropped."
Note that dropping the connection is extremely abrupt and rude, and may result in some bet-
ter-behaved hosts spending a lot of time retrying the delivery. You should only drop the con-
nection in cases where you know that a virus or zombie system is attempting to send you
information: such systems are usually very poorly-written and will be defeated by this tech-
nique.
Restrictions to apply to message content
These restrictions examine the headers of the message as it is passing through the SMTP
DATA state, and allow you to reject certain types of message that you don't want to receive. If
any of these tests fail, Mercury will accept the remainder of the data (because the SMTP pro-
tocol does not provide any means for the server to cancel a transaction in progress), but will
discard it, so that it never passes through the Mercury mail queue. A suitable error will be
returned to the connected SMTP client so that the sender knows why their message was re-
jected.
Check originator address fields against the killfile Mercury's killfile allows you to specify
particular addresses or domains from which you do not want to receive mail at all. Normally,
the killfile is only checked against the envelope address - the address the remote system offers
as the sender of the mail. If you check this control, MercuryS will burrow into the message
as it receives it and will compare the killfile against the From, Reply-to and Sender fields
in the message as well, ensuring that someone you have blacklisted cannot sneak into your
mail server by forging an envelope address. Checking this option will slow down reception
of mail slightly, but if you use the killfile feature in Mercury, it is almost certainly worth the
slight processing overhead to enable this option.
Refuse messages containing pure HTML data HTML mail can take two forms - alternative Some eCommerce sites
formatting, where the message includes both plain text and HTML variants of the data and generate pure HTML noti-
fications. This is a bad
the user's mail client chooses which one is preferred, or pure HTML, where the only content practice, but you can ac-
in the message is HTML data - there is no plain text variant. HTML is the number one source commodate it using
whitelisting if necessary.
of viruses, trojan horses and other security problems in modern e-mail, and in our experience,
practically all mail that contains only pure HTML data is either viral or spam. Turning this
flag on tells Mercury to refuse messages that only contain HTML data, although it will still
accept messages in the alternative format, because they are at least nominally safe (especially
