On 25.01.23 10:24, Matus UHLAR - fantomas wrote:
I forgot to mention I use amavisd-new because of these reasons.
To be more precise, when receiving mail from internet on port 25,
I prefer amavisd-milter talking to amavisd so we can reject mail
immediately, while clients from port 465/587 talk to amavisd-new
using LMTP and amavisd-new injects mail back via LMTP on
alternative port.
in some networks, even port 25 from LAN goes via LMTP to
amavisd-new, and port 25 from the world is redirected onto other
port with postscreen and milter.
On 26.01.23 07:14, Rob McGee wrote:
I think it's best to wean users off the 20+year deprecated idea of
using port 25 for submitting mail.
It's easier for new installations/configurations, but there are cases you
want to upgrade/migrate server without clients needing to reconfigure their
clients.
On 1/26/2023 1:44 AM, Matus UHLAR - fantomas wrote:
I should also add that if you want to avoid scanning of outgoing
e-mail with spamass-milter, you can simply use its options "-I" that
ignores all authenticated e-mail and "-i" that takes a list of
networks from which mail is not scanned.
Also, I think it's a bad idea to give submitted mail a free pass.
I agree, this is also why I didn't write it in former mail.
Very often this is what gets you listed on CBL / XBL, when MS Outlook
malware is using valid credentials to spew.
But filtering needs differ for submission and MX mail. DNSBL checks on
submission are useless. But URIBL content scanning is very effective.
You must manage handling of outgoing mail deemed spammy (quarantine?
manual confirmation?).
And at least with spamassassin, the rules aren't tuned to be used with
outgoing mail - while you can disable some rules designed for incoming mail
like DNSBL (especially dynamic or generic address detection), resulting
scores may not be satisfying enough to be used automatically.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I just got lost in thought. It was unfamiliar territory.
