Les Mikesell wrote:
Scott Silva wrote:
That is why you never bounce. Reject, good -- bounce, bad!
Umm, not if you are expecting the mail system to work...
Yes, even if you are expecting the mail system to work.
Accepting a message that your own scanners say contains
spam/virus/bad-content, and then crafting a bounce message for it
instead of delivering it, is a bad practice and should never be done.
It causes backscatter and harms innocent bystanders. Mail servers with
knowingly and intentionally do this really do deserve to be blacklisted.
Similarly, silently deleting a spam/virus/bad-content message is also a
bad practice. It violates RFCs, for starters. And if you have a false
positive, neither the sender nor the recipient know that the message
didn't get through.
The only reasonable things to do with a message your own scanners say is
spam/virus/bad-content is:
1) if you accept a message, you must either:
a) mark and deliver it to the intended recipient(s),
b) clean/neutralize it and deliver it to the intended recipient(s),
c) send a report to the intended recipient(s) saying what you
did with the original message (deleted it, quarantined it, etc.),
and include enough information in that report that they can
determine whether or not it's a false positive.
2) Don't accept it. Reject it. Give an SMTP 4xx or 5xx result, with a
reason for why you didn't accept it. Let the submitting (SMTP client)
host figure out what to do with it from there. Most likely it's a
spam/virus bot, and the problem is resolved.
You'll notice that neither of these is "bounce it".
Mailscanner doesn't bounce spam by default. It hasn't for close to two
years.
But the option is still there, and is discouraged in the docs, in the
comments
of the config file, and is very discouraged on the lists.
It comes down to two things. If you are required by law to archive "all"
communications to or from your company, or like some countries cannot
reject
e-mail without a human being reviewing it, use mailscanner. If you can
reject
anything you please, and your users won't ask you for it later, use
mimedefang. The only bounce messages I generate are for unknown users,
The majority of my inbound mail is to unknown users. When I used a
mailer that
accepted, then bounced it would fill my outbound queue to the point that
normal
outbound mail was often delayed. Does mailscanner on a relay machine
have a
way to check valid users on the destination host before accepting?
That's not mailscanner's job. That's the MTA's job.
1. The MTA says "yes that's a valid recipient" or "no, that's not a
valid recipient", and accepts or doesn't accept the message accordingly.
2. It then drops the message into mqueue.in and forgets about it.
3. Then mailscanner looks to see what new messages are in mqueue.in and
scans them. When it's done, it puts the message into mqueue.
4. Then the MTA periodically looks to see what's in mqueue, and works on it.
So, the check you're talking about is done by the MTA in step one. It
can do this with any number of possibilities (alias file, milter-ahead,
mimedefang's recipient verification, an LDAP lookup, etc.). Mailscanner
doesn't do that job for you.
_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list [email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
