On Sat, Aug 10, 2002 at 09:35:50PM -0400, Matt Zimmerman wrote: > On Wed, Aug 07, 2002 at 08:19:11PM -0700, Nicolas Lopez wrote: > > > The major one I remember is the better error handling. Most MTAs arn't as > > careful or watchful of stuff thrown to a pipe. Where using SMTP allows for > > well-tested error handling, on top of rejecting messages with reason. > > "550 Spam, bugger off" looks better in a log than just having it disapear > > into the scanner. Or "550 Virus: Klez.H, shoo" > > Most of the junk that I'm rejecting doesn't seem to have a valid origin > anyway, so at best, the bounce messages are likely to end up in some > postmaster's mailbox anyway. Spam is marked, and viruses are quarantined > with a note sent to the recipient. That way, each user is responsible for > their own garbage.
I think it isn't so much the bounce message that Nicolas is talking about (in fact I disabled all bounce messages; my users seem to have found every mailing list on earth that generates mail that looks like SPAM :-(, so I don't want them to get automatically kicked off; Also, my outbound queue was rapidly filling up with bounce messages that could not be sent). However, the real benifit is the extra information in the log file: eg: Instead of just: Aug 12 15:38:14 snoopy amavis[3200]: infected (Worm/Klez.H), from=<[EMAIL PROTECTED]>, to=<[EMAIL PROTECTED]>, quarantine virus-20020812-153814-03200 You also get this: Aug 12 15:38:15 snoopy postfix/smtp[4184]: C3A7B28B06: to=<[EMAIL PROTECTED]>, relay=127.0.0.1[127.0.0.1], delay=58, status=sent (250 Ok, discarded, id=03200-09 - VIRUS: Worm/Klez.H) Which logs C3A7B28B06 and allows you to track back to when the mail was first received, and who it was received from, etc: Aug 12 15:37:17 snoopy postfix/smtpd[4178]: C3A7B28B06: client=hydmail.tatanova.com[203.124.250.73] Aug 12 15:37:38 snoopy postfix/cleanup[4179]: C3A7B28B06: message-id=<[EMAIL PROTECTED]> Aug 12 15:38:13 snoopy postfix/qmgr[1141]: C3A7B28B06: from=<[EMAIL PROTECTED]>, size=135908, nrcpt=1 (queue active) Maybe this won't be used in practice (and you probably can look at the Received header of the quarintined SPAM), but still, I like the fact that this information is logged. -- Brian May <[EMAIL PROTECTED]>
