Yizhar Hurwitz wrote:
HI.
John Rudd <[EMAIL PROTECTED]> wrote on 01/17/2007 07:11:51 PM:
Dropping without notifying _anyone_ is "an even worse practice". You
don't have to notify the sender, as long as you notify the recipient
(and visa versa).
Which is just another piece of annoying email in the inbox. Why
bother removing the spam if your just going to deliver a message held
email in its place?
Here is my approach (I guess other implementations are similar):
Known Virus = discard silently.
Bad filename (or unknown virus) = replace the attachment with a warning.
The recipient gets the message without the attachment.
High score spam (score >10) = Reject message.
Probable spam (5 < score < 10) = Quarantine the message in a spamdrop.
However a daily report is sent to the end user, listing all the
quarantined messages with information such as sender+subject.
Other mail = let it through.
Here's what I do:
Greet Pause: 3 seconds (rejects)
Helo (in filter_sender): reject it if it says it's coming from my own
domain, but isn't.
Sender: reject *.local
(I also used to do a Botnet check here, that did rejections, but
I've moved that code into the Botnet spamassassin plugin)
Recipient: reject *.local and non-existent recipients
RBLs: reject
Bad attachments (name or type): reject
ClamAV thinks it's a virus: reject
Spam score >= 10: reject
Spam score >= 5: mark as spam, drop into spam folder, give some form of
notice (options for per-message quarantine notice, per day, or per week).
Spam score < 5: mark as ham, normal delivery
_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list [email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
