> Wietse: >> There is no difference for the remote SMTP client whether you use >> spampd in "pre-accept" mode, or amavisd-new in "pre-accept" mode.
>> Both appraches have the same problem: when it takes too much time >> to inspect a message, the remote SMTP client will time out. > listserv.traf...@sloop.net: >> But, if I understand correctly, that time-out would be before a >> 250 accept occurs and thus no lost mail, right? [i.e. the sending >> MTA will retry the message up to its limits and then return a >> non-delivery to the sender.] > This is a basic requirement for the SMTP client. Similarly, when > the SMTP server takes responsibility for the message (replies 2xx > to end-of-data) it must not "drop" mail. Last pass [I think] So the FAQ for Amavis: --- The Postfix Before-Queue Content Filter setup, also known as smtpd_proxy setup, is not a supported or recommended setup with amavisd-new, which is not a transparent SMTP proxy by design. See caveats in README_FILES/SMTPD_PROXY_README. This setup might work amavisd-new for low-traffic sites which do not use authentication, but is not recommended. --- This warning is essentially saying that since amavis [as well as spampd] are not fail-open proxies - that if either fails, you might not get mail and will either not accept it at all [connection refused] or fail to ack the data [2XX] and this will cause the sending MTA to defer. So, as you said - *if* spampd was an acceptable "solution" for someone, there's no additional risk to using Amavis as described above. Do, I have that right? --- Finally, is this going to impact SASL/SMTP-Auth? (I don't think so, because postfix is actually taking the connection and passing only the data portion of the message through Amavis [same as spampd.]) Thanks again Weitse! -Greg
