David F. Skoll wrote: > [EMAIL PROTECTED] wrote: > >> If done during the SMTP conversation the only thing that is going to >> see backscatter is the thing that sent it. > > Which is why I qualified my reply with "if the sending relay is a valid > SMTP client."
Maybe we are just arguing semantics but anything that connects to my mail server and speaks RFC821 is valid. I might not like what it feeds me but that is what ClamAV/SpamAssassin is for. :) > >> I am under the opinion that a message should never >> be silently blackholed. > > I used to share that opinion, but no longer do for viruses. If you > turn off Clam's dubious Phishing options, the odds of a false-positive > from Clam are very low. In that situation, there is no point in rejecting; > it's better to silently discard. Returning a 5xx message is neither hard or resource intensive. Then even in the unlikely event of a false positive the sender knows. Steven _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml