John Rudd wrote:
Accepting a message that your own scanners say contains
spam/virus/bad-content, and then crafting a bounce message for it
instead of delivering it, is a bad practice and should never be done.
Dropping valid messages without notifying the sender is an even worse
practice.
"Bad content" is a fairly arbitrary concept. Can you honestly claim
that you are
anywhere near 100% correct in your determination of that? As an
approximation
I bump up the spamassassin scores on certain content to extremely high
values
and have MimeDefang reject with a message like "message screened for
content,
please rephrase". In at least some cases, that has found its way back
to the sender
as intended.
2) Don't accept it. Reject it. Give an SMTP 4xx or 5xx result, with
a reason for why you didn't accept it. Let the submitting (SMTP
client) host figure out what to do with it from there. Most likely
it's a spam/virus bot, and the problem is resolved.
MimeDefang can do this; I don't think Mailscanner can.
You'll notice that neither of these is "bounce it".
In a practical sense, it is. If the other end of the SMTP conversation
is an
RFC-conforming server, your 5xx rejection forces it to construct a bounce.
If it is a virus, it will probably drop on the floor.
The majority of my inbound mail is to unknown users. When I used a
mailer that
accepted, then bounced it would fill my outbound queue to the point
that normal
outbound mail was often delayed. Does mailscanner on a relay
machine have a
way to check valid users on the destination host before accepting?
That's not mailscanner's job. That's the MTA's job.
Which is why the scanner should run as a milter so it can inform the MTA
what to do at the appropriate time.
1. The MTA says "yes that's a valid recipient" or "no, that's not a
valid recipient", and accepts or doesn't accept the message accordingly.
I run MimeDefang on a relay machine that has no concept of 'valid
recipients'.
So, the check you're talking about is done by the MTA in step one. It
can do this with any number of possibilities (alias file,
milter-ahead, mimedefang's recipient verification, an LDAP lookup,
etc.). Mailscanner doesn't do that job for you.
So, in my situation, MimeDefang is a win with it's
md_check_against_smtp_server()
function, along with its ability to reject with a reason in a way that
at least sometimes
does the right thing.
--
Les Mikesell
[EMAIL PROTECTED]
_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list [email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
