[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: smtp time spam filtering

On Sat 2007-02-24 23:24:15 +0100 Matus UHLAR - fantomas wrote:
> > > 	On Fri, Feb 23, 2007 at 03:33:00PM +0000, David Hart wrote:
> > > > I must be missing something here.  In order to scan an email you must
> > > > receive the email (I don't mean accept).  How can rejecting/accepting
> > > > emails at this stage make any significant difference in bandwith used
> > > > (let alone a quadrupling of bandwidth)?
> 
> > On Fri 2007-02-23 08:16:48 -0800 Andrew Sackville-West wrote:
> > > isn't it just using RBL's at smtp time and rejecting before recieving
> > > the mail? 
> 
> On 23.02.07 19:15, David Hart wrote:
> > AFAIU no, but that's the way I do it with postfix.  Both my primary
> > and secondary MXs do RBL checks and stuff like recipient validation
> > and then make the accept/reject decision after the RCPT TO: but before
> > the DATA.
> > 
> > Greg Folkert said that he uses SA-Exim (which calls spamassassin)
> > to do scans at smtp time but without any online checks.  I don't see
> > how you can do this without receiving the bulk of the email.
> 
> the advantage of smtp time rejection is, you will just reject the data with
> error and you don't have to do anything with it - the rest is up to sender.

Re-read the three paragraphs of mine that you quoted above (the first
of which you copied and pasted from an earlier email).

I am NOT asking about the advantages of smtp time rejection.
The second of my paragraphs above make it quite clear that I do that
myself on my own MXs but that I do it BEFORE receiving the message DATA.

I AM asking how you can scan an email through spamassassin without
receiving the bulk of the email and how, when the scanning is turned
off, it leads to a quadrupling of bandwidth used.

> Especially if you would bounce the e-mail, you'll win this way...

You should not bounce SPAM once you have accepted it for delivery.
SPAMMERS USE BOGUS RETURN ADDRESSES.  If you do, YOU become part of
the problem and the likely outcome is that either some innocent third
party finds it in her inbox (which may well have been flooded with
bounces from elsewhere) or your mail queue fills up with MAILER-DAEMON
messages that keep retrying until they time out several days later.
You may even end up bouncing the spam to yourself, but then, that IS
entirely your own problem.

-- 
David Hart <debian@tonix.org>
Reply to: