Folks,
I've been observing what seems to be a lack of clear and concise
documentation about anti-spam/security options for the novice and/or
average qmail user.
In my particular situation, I've recently moved to the tcpserver/rblsmtpd
way of doing things, and now I'm interested in blocking mail based on
invalid/bad-DNS hosts in envelopes/From: headers.
Only after scouring the mailing list archive was I able to determine that
that "DENYMAIL" patch is the apparently recommended way of doing this, and
of course everyone says "get it from the qmail website". There's no
mention of "DENYMAIL" on the main qmail page, and the only link to "an
anti-spam patch" (in the "Yet More Qmail Addons" section) is broken. I
was finally able to find this link
http://www.geocities.com/SiliconValley/Peaks/5799/qmail-uce.html
which appears to be the DENYMAIL patch, but I had to use lots of third
party search engines to find it, and I'm still not sure of what I've got.
Whether or not this particular example is valid, it definitely seems like
one has to do a lot of work to figure out the best way to set up a secure
(but not draconian) and spam-unfriendly (but not malicious) qmail system.
I realize that mail system administrators are supposed to be knowledgable
about their software and resourceful in finding new features, but it also
seems that offering a concise guide to the available options and how to
use them would benefit many folks.
I've been using and refining qmail for several years now, and while I can
usually find what I want in one doc or another, it always takes a long
time to figure out what conventionally works and what is conventionally
recommended. I just wonder if one should have to spend so much time
searching the mailing list archives.
I know this is a sensitive subject, and that in many cases it depends on
your "philosophy of mail delivery" (to use ORBS or not, to block at system
level or user level, etc), but I wonder if anyone else has thoughts on
what is probably a frustrating situation for many? Spam and privacy are
big issues nowadays, and it seems to the qmail project's advantage to
address them adequately.
And, of course, I would love it if anyone had a bold and decisive document
about how to patch qmail with DENYMAIL.
Thanks for your time,
Chris
-- Chris Hardie -----------------------------
----- mailto:[EMAIL PROTECTED] ----------
-------- http://www.summersault.com/chris/ --
