Roger,
> I beg forgiveness for wasting your time and request
> enlightenment on the Proper Way.
Hey, we all appreciate contributions and thoughts. If I understand
correctly ...
<acceptOnlyLocal>true</acceptOnlyLocal>
is an option for the SMTPHandler to disallow e-mail intended for relay at
all, rather than using SMTP AUTH?
<doReverseLookups>true</doReverseLookups>
is an option that is intended to disallow e-mail from servers for which
there is not a valid reverse lookup? The value of this is what? Most of
the spam I see comes from systems that have valid reverse DNS; it just
resolves to a name related to a DHCP pool in Brazil or South Florida. And
there are legitimate servers that don't have a DNS associated name.
My personal view is that the first patch is basically an incoming only
James, and that can be done already by the current configuration. Just send
all e-mail not intended for local users to the Null mailet. I do appreciate
the desire to cut things short earlier, and so I can see adding it to the
short-circuit filter mechanism in the works for James v3. The second one
bothers me because it doesn't appear to be an effective filter from my own
experience. Too many false positives, and too many negatives that aren't
detected.
So I am personally disinclined at the moment to use either of those two
changes as-is, although I'd tweak at least one of them to fit into the
filtering mechanism.
> The patch file is compared to CVS as of yesterday and available at:
Please post the patch to the mailing list. :-)
> I also have a mailet which drives a system command to add a rule to a
firewall
> which blocks sending addresses, I can clean it up and post if there's any
> interest in this.
Please submit that one, too. :-)
I've been doing that by hand in the past, and planned to add something like
it to the list of filters to provide a proper reject notice, rather than
block them at the firewall. Is yours ipchains or iptables based? Do you
handle timeout? The firewall rule should expire, since many spam sources
are in DHCP pools.
I should note, however, an RFC violation. There is a reason why the
solution I would put into the James distribution is in the SMTPHandler
filtering mechanism, and not in the firewall: it is a violation of RFC 2821
sections 3.6 and 4.5.1 to reject e-mail for postmaster except in the most
narrow of circumstances (DoS attack or attempted security breach). By
blocking e-mail at the firewall, you are in violation of the RFC. I don't
mind that you do, but I have questions regarding the degree to which James
should encourage RFC violations.
--- Noel
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
