Hi, I have reluctantly come to the conclusion that in some cases, it is necessary to silently drop spam rather than reject it. This is the situation:
An email comes in for two recipients in one SMTP trasaction (ie, a MAIL, two RCPTs and then DATA). One recipient's rules say to accept. The other recipient's says to reject. You can't reject post-DATA because then it looks like both recipients received the mail. You can accept and create a failure message for one recipient, but then you risk generating backscatter. You can tempfail all but the first RCPT to force the message to be split up into individual messages per recipient, allowing you to accept or reject individually. But this will delay mail and possibly cause it not to be delivered if there are many recipients and the sending relay is impatient. So I reluctantly conclude that in all but the smallest of installations, dropping the mail for the recipient whose rules say to do so is the best thing to do. There have been SMTP extensions proposed to combat this. I recall an extension that had you issue RCPTs until one of the RCPTs was accepted, then DATA, then additional RCPTs with a "also send the foregoing to this one" keyword so you could have per-recipient data filtering, but of course spammers could not be obliged to use the extension. :( Regards, Dianne.
