Les Mikesell wrote:
> Scott Silva wrote:
>> That is why you never bounce. Reject, good --
bounce, bad!
>>
> Umm, not if you are expecting the mail system to
work...
Yes, even if you are expecting the mail system to work.
Accepting a message that your own scanners say contains
spam/virus/bad-content, and then crafting a bounce message
for it
instead of delivering it, is a bad practice and should never
be done.
It causes backscatter and harms innocent bystanders. Mail
servers with
knowingly and intentionally do this really do deserve to be
blacklisted.
Similarly, silently deleting a spam/virus/bad-content
message is also a
bad practice. It violates RFCs, for starters. And if you
have a false
positive, neither the sender nor the recipient know that the
message
didn't get through.
The only reasonable things to do with a message your own
scanners say is
spam/virus/bad-content is:
1) if you accept a message, you must either:
a) mark and deliver it to the intended recipient(s),
b) clean/neutralize it and deliver it to the intended
recipient(s),
c) send a report to the intended recipient(s) saying
what you
did with the original message (deleted it,
quarantined it, etc.),
and include enough information in that report that
they can
determine whether or not it's a false positive.
2) Don't accept it. Reject it. Give an SMTP 4xx or 5xx
result, with a
reason for why you didn't accept it. Let the submitting
(SMTP client)
host figure out what to do with it from there. Most likely
it's a
spam/virus bot, and the problem is resolved.
You'll notice that neither of these is "bounce
it".
>
>> Mailscanner doesn't bounce spam by default. It
hasn't for close to two
>> years.
>> But the option is still there, and is discouraged
in the docs, in the
>> comments
>> of the config file, and is very discouraged on the
lists.
>> It comes down to two things. If you are required by
law to archive "all"
>> communications to or from your company, or like
some countries cannot
>> reject
>> e-mail without a human being reviewing it, use
mailscanner. If you can
>> reject
>> anything you please, and your users won't ask you
for it later, use
>> mimedefang. The only bounce messages I generate are
for unknown users,
> The majority of my inbound mail is to unknown users.
When I used a
> mailer that
> accepted, then bounced it would fill my outbound queue
to the point that
> normal
> outbound mail was often delayed. Does mailscanner on
a relay machine
> have a
> way to check valid users on the destination host before
accepting?
>
That's not mailscanner's job. That's the MTA's job.
1. The MTA says "yes that's a valid recipient" or
"no, that's not a
valid recipient", and accepts or doesn't accept the
message accordingly.
2. It then drops the message into mqueue.in and forgets
about it.
3. Then mailscanner looks to see what new messages are in
mqueue.in and
scans them. When it's done, it puts the message into
mqueue.
4. Then the MTA periodically looks to see what's in mqueue,
and works on it.
So, the check you're talking about is done by the MTA in
step one. It
can do this with any number of possibilities (alias file,
milter-ahead,
mimedefang's recipient verification, an LDAP lookup, etc.).
Mailscanner
doesn't do that job for you.
_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in
the above
message, it is NULL AND VOID. You may ignore it.
Visit http://www.mimedefang.org and http://www.roaringpengu
in.com
MIMEDefang mailing list MIMEDefang lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mime
defang
|
