besides that a off-list reply is rude and "I mean really 100 % Mails
containing certain words" is laughable - if it would be *that* easy spam
won't exist
> The disadvantage of REJECT is that you tell the spammer "hey there
> is a spam filter there" and the spammer will make their ways
> around it.
is *complete bullshit* and if you would have any clue about spam you
would know that - with your ACCEPT and discard you make an invitation
for spammers - see attached mailgraph sortly after replace a barracuda
device silently discard spam with a sane solution reject it
fact is that spammers don't read repsonse messages and many treat the
address as invalid after repeated reejcts for hwatever reason as well as
dictionary attacks continue after success because reject of the
contentfilter - that's reality proven by logs and years of expierience
__________________________
if you can reject a mail than *do it*
if you can't reject a amil deliver it
period
Am 19.02.2015 um 21:21 schrieb Sebastian Nielsen:
I dont agree. I would say that DISCARD is okay - only when a mail is
guranteed 100% to be spam, malformed or in other way disadmissible.
With 100%, I mean really 100 %. Mails containing certain words about
illegal copies of certain very expensive clock brands, is one example,
and in this case I mean that you use a "AND" logic between the words.
Legit mail do NEVER EVER contain words about illegal copies of certain
very expensive clocks to take a example.
I have a couple of hand-written rules that DISCARD mail, but these are
clear cuts, they either only look on the subject line for certain spammy
words that I know that legit mail never will contain, or it will contain
a very strict body rule that would guranteed to only hit on spam.
The disadvantage of REJECT is that you tell the spammer "hey there is a
spam filter there" and the spammer will make their ways around it. If
you instead silently discard it, spammer will think the mail got through
and not bother with that mail server anymore.
So a multilayered tier is better, for example:
1: DISCARD all mails that are blatant spam or malformed in a such
non-RFC way that its basically not mail, or mails that have a DMARC
policy of "discard" when SPF and DKIM auth fails.
2: REJECT any mail that are any less than 100% sure its spam, or mails
that just arent 100% strict about RFCs, but they can still be parsed
without problems, or contain other authentication errors.
3: Then you do some final checks on mail, possible deliver it to inbox
with a [Possibly Spam] subject tag or you consider the mail ham and pass
it unmodified to receiver.
-----Ursprungligt meddelande----- From: li...@rhsoft.net
Sent: Thursday, February 19, 2015 9:00 PM
To: postfix-users@postfix.org
Subject: Re: non delivery notificaitons
Am 19.02.2015 um 20:32 schrieb Vernon Fort:
I have a barracuda spam firewall that my postfix setup simply relays
emails to for scanning, via the transport file
complete wrong setup - the barracuda crap (we used it for nearly a
decade and it became unacceptable for so much reaosns) is deigned to run
as MX and deliver clean messages to your postfix
anything else is pore nonsense *because* it makes you to a backscatter
and there is nothing you can fix that
DISCARD is a complete stupid action - unconditionally
you have to REJECT the mail and even for that Barracuda Networks is way
too stupid for many cases, but if you accept any message you have to
deliver it - not because of the junk - beause of false positives
*always* happening and without the sender and/or the RCPT know about the
spam-hit because you silent discard you do much more harm than spam ever
could do
don't accept messages you won't deliver
if you can't do that your setup is just wrong
