Hi Russell,
I wrote in the README.spamcontrol:
>"Since QMAIL by contruction is an OPEN RELAY, some vulnerability may be
>experienced not in particular to the QMAIL system itself (which can
>stand a heavy load), but for other MTAs which are flooded by
>SPAM E-Mail. "
>
>You're kidding, right?
==> Am I?
qmail is by construction an open relay??
==> See RFC 2505.
And the reason not to be an open relay is because you'll be blocked
because of the spam that (eventually) comes through your site.
==> Sorry, dont get the point.
Spam is itself not a serious load on anybody's MTA -- not even sendmail.
==> Looking in the Log-files tells me something different.
Pls. have a look into my improved README. I tried to be as specific as
possible. If I am mistaken, pls. correct me.
We have a lot of discussion about that subject in the QMAIL mailinglist
without bringing it to the point.
SPAM and the abuse of SMTP MTAs is a severe problem, because the QMAIL FAQ
is not specific enough at that item. From SYSADMINs who use QMAIL (I am
responsible for an environment with 5000 local users) I know, that making
QMAIL SPAM-proof is not that easy.
I dont know, whether employing TCPSERVER and calling ORBs or others is the
perfect solution. I am always suspicious about other people's "thats the
right way to do".
For the next version of QMAIL it would be a preferred solution to include
the canonical SPAM filters nativeley into QMAIL-SMTPD. The information can
be grepped via the TCPSERVER environment at run-time.
Sincerly,
eh.
+-----------------------------------------------------------------------+
| fff hh Dr. Erwin Hoffmann |
| ff hh |
| ff eee hhhh ccc ooo mm mm mm Wiener Weg 8 |
| fff ee ee hh hh cc oo oo mmm mm mm 50858 Koeln |
| ff ee eee hh hh cc oo oo mm mm mm |
| ff eee hh hh cc oo oo mm mm mm Tel 0221 484 4923 |
| ff eeee hh hh ccc ooo mm mm mm Fax 0221 484 4924 |
+-----------------------------------------------------------------------+