Resource Limits

In this section you can define settings for detecting mail bombs. Mail bombs are compressed email attachments, such as a zip file, which expands to a very large size when decompressed. The mail scanner opens compressed archives before scanning them, so trying to scan a mail bomb may use system resources indefinitely, choking the mail filtering system. Below, you can define the settings for detecting mail bombs and their destiny. If any of the three limits described below is exceeded while opening an archive attachment, the filter will not try to open the archive further and detect the mail as a mail bomb.

Mail Bomb Destiny

Here you can set the destiny of emails that contains mail bombs.

• Bounce Do not deliver messages containing mail bombs. Notify the sender.
• Discard Do not deliver messages containing mail bombs. Do not notify the sender.
• Pass Messages containing mail bombs should be delivered to the recipient.

Maximum Number of Files

Mail bombs usually contain very large number of files. Here you can define the maximum number of files permitted in an attached archive file. If the number of files in the archive is greater than this number, the mail is detected as a mail bomb.

Maximum Expansion Quota

Maximum size of an archive file after expanding, in kilobytes. If an attachment exceeds this size limit when uncompressed, it is detected as a mail bomb. If 0 is entered, the limit is not enforced.

Maximum Expansion Factor

Expansion factor is the ratio of the size of the decompressed archive to the original uncompressed archive file. This limit is exceeded when the decompressed archive gets larger than the original attachment by this factor. Default value is 30, which means if the size of the extracted file is 30 times the original file, the Mail Bomb Destiny will be performed for this file.