John D. Hardin wrote:
On Tue, 31 Jul 2007, mouss wrote:
running SA at smtp time requires that the client does not timeout.
so you'd better scan fast! you're also more subject to DOS (your
smtp listeners are busy). compare this to queue and filter...
okay, here's a sick idea:
(1) MTA completes the SMTP exchange and responds with a 4xx after DATA
finishes.
(2) MTA passes message off to SA, then stores a hash of
message-ID/score. MTA then discards the message.
(3) When the remote MTA retries (if it retries) then the MTA looks up
the score in the hash and decides whether to 200 or 5xx the message.
All of the benefits of both methods! :)
This can be improved at the cost of code complexity: run SA, and if it
does not return in "due time", then return 4xx. So if you scan fast, you
reject or accept. otherwise, you tempfail.
Either way, this requires "some work". and in general, this is not worth
the pain. mostly when users "want their mail now" (and don't say "this
is not instant messaging", they just don't understand what you're
talking about!). This is why I favour: filter, tag and deliver: if user
wants, "spam" goes to Junk folder or elsewhere (special address,
quarantine, ..;etc). It's his mail, he will know what to do with!