On Wed, Sep 06, 2006 at 09:44:01PM +0200, [EMAIL PROTECTED] wrote: > I do think that there is too much of a danger of denial of service attacks > or mail failure due to the milter crashing if you scan your mail during > the SMTP phase. I have regularly seen ISPs that can't accept mail because > of this problem. I would (at the risk of being repetitive, as I have
As a counterpoint, I'd like to point out the benefits of using a milter and scanning in-line, while the mail is being delivered: you get a chance of rejecting the mail instead of having to send a bounce later (or junk the mail, or send it to some possibly-infected or possibly-spam folder). And with the proper software, that doesn't have to be a problem either. We're using MIMEDefang to do spamfiltering and virusscanning. If clamd happens to hang, it hits an internal MIMEDefang timeout and another virus scanner is tried. Apart from some additional delay, the delivering mail server doesn't notice. We process around 10 million emails a day using this setup (spread over a cluster of FreeBSD machines), and in over a year I haven't seen MIMEDefang crash causing it to tempfail over a long period of time. It very rarely runs out of resources, causing the mailserver to tempfail incoming emails, but that can happen without a milter too. We reject roughly 20 emails (or actually recipients) per second. That's 20 bounces that we are NOT sending, per second. Most of these because of spam, by the way, viruses are down to a staggering low of around 300milliviruses per second now :) It spiked to around 30 viruses/sec at the beginning of this year. See http://www.xs4all.nl/uk/veiligheid/statistieken.php if you're interested in numbers of viruses detected. -- Jan-Pieter Cornet <[EMAIL PROTECTED]> !! Disclamer: The addressee of this email is not the intended recipient. !! !! This is only a test of the echelon and data retention systems. Please !! !! archive this message indefinitely to allow verification of the logs. !! _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
