NIKHEF mail server filters
All incoming and outgoing email is checked by the mail server for the presence of viruses and -in the case of incoming email- the IP address, the hostname (Full Qualified Domain Name) and SPAM.
This check consists of a.o. the following:
IP address and Hostname
The sending mail server has to have a valid A-record, otherwise email from this mail server will not be accepted and an error message is sent back, saying why the email was rejected:
error 5.7.1 550 Fix reverse DNS for xxxxx, or use your ISP Server.
This means that there is not a valid reverse IP configuration (PTR record) in the zone file for that server.
error 4.1.8 451 Client IP Address xxx.xxx.xxx.xxx does not resolve.
This means that the regular forward IP address (A-record) of the mail server does not resolve at all.
error 4.1.8 451 Possibly forged hostname for xxx.xxx.xxx.xxx.
This means that it was able to resolve the IP address, but it doesn't resolve to a hostname that matches both forward and reverse lookups.
External mail clients who receive these kind of error messages, should contact their ISP or local system administrator and ask them to correct their DNS records.
Size
The size of all incoming and outgoing emails is checked. The maximal message size is 10 MB. All emails larger than 10 MB will not be accepted and an error message is sent back to the user's email client.
Viruses
All incoming and outgoing mails are scanned for viruses and if a virus is found, the email will be 'quarantained'. Both sender and receiver are not notified. Quarantained mails older than seven days will be removed without notice.
Attachments
All incoming and outgoing mails are checked whether it contains an attachment. If this is true,
the attachment is checked. The mail will be quarantained if it contains attachments of the types
application/x-msdownload, application/x-msdos-program, application/hta, exe|vbs|pif|scr|bat|cmd|com|cpl.
Password protected archive/attachment files (such as zip -e, arj -g, rar -p) are also quarantained. Only the sender is notified.
If an exe file needs to be send by email it must be encoded without a password.
SPAM
Incoming mails are also checked to see if it can be qualified as SPAM/UCE (Unsollicited Commercial Email). If this is the case, the string ***SPAM*** is added to the 'subject' and X-Spam-Flag: Yes is added to the 'header'. More information can be found in the anti-SPAM article.
Delivery not possible
Senders of emails which -for whatever reason- can't be delivered will get an error message after two hours. The emails will be bounced to the sender in the folllowing way
- 'highest priority' after 1 day
- 'normal priority' after 2 days
- 'low priority' after 3 days