Is it Possible to Hold Suspicious Messages for 20 Minutes for Later Rescanning?

(Doc ID 1536577.1)

Last updated on SEPTEMBER 01, 2017

Applies to:

Oracle Communications Messaging Server - Version 7.0.0 and later
Information in this document applies to any platform.

Goal

Is it possible to configure the MTA to hold suspect messages for some time and run them thru malware scanning again later?

In one possible scenario, a spam filter (configured via milter) adds a header to a message indicating it is suspicious.

In another scenario, you might want to rate limit senders and recheck if they have become known as a phishing source.

In this discussion, when we say "hold" the message, we are talking about the message being in an MTA channel queue and its initial delivery attempt scheduled for some time in the future. We are not talking about the MTA's feature which causes a message to become .HELD which then requires administrative action to "release". Although that would be easy to accomplish with $H in a mapping table result, it results in the message remaining in the originally intended destination queue and therefore when it is released, it is simply delivered rather than going thru another scan.

 

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms