On 7/27/23 6:25 AM, Matus UHLAR - fantomas wrote:
I use spamass-milter on my system and amavisd-milter on other systems especially to be able to reject spam at SMTP time. Definitely a good thing.

:-)

You just should not use it for "outgoing" mail from your clients, so they don't complain about sending mail taking ages.

Eh ....

I'm an advocate for spam filtering all email coming into the server, even email coming into the MSA on it's way out to another server across the Big Bad Internet.

You may need to limit SA processing to some 270 seconds to avoid 5-minutes timeout (which contradicts RFC5321 section 4.5.3.2.6. which mandates 10-minute timeout on DATA termination, but here we are).

This is one of the reasons that I mentioned configuring the MSA with much longer timeouts in another recent thread (though I don't remember which list).

I have in the past configured an MSA to accept messages (with really long for email timeouts) and relay the messages through the local MTA where I applied the filtering that I'm talking about.

This allowed clients, even on dial up, to send larger email with attachments to not time out /and/ to be able to be filtered to avoid contributing to spam if (when) accounts were compromised.

Seeing as how the MUAs authenticated to the MSA to send, I have a very good idea who I needed to have a chat with in the event that something unsavory was making it through the MSA to the filtering MTA, or worse out to the Big Bad Internet.



Grant. . . .

Reply via email to