On Thursday 19 October 2006 20:34, Jo Rhett took the opportunity to say: > Mark wrote: > >> -----Original Message----- > >> From: Jo Rhett [mailto:[EMAIL PROTECTED] > >> Sent: donderdag 19 oktober 2006 9:56 > >> To: Mark > >> Cc: users@spamassassin.apache.org > >> Subject: Re: ALL_TRUSTED creating a problem > >> > >> > >> Perhaps SA being focused on "post-SMTP" is the problem here. Why is > >> this the focus? In the modern world, you want to reject > >> during SMTP not send backscatter to the poor folks whose e-mail got > >> forged. > >> > >> Frankly, a milter environment is the only possible right way > >> to run SA. So why the constant comments as if this is some one-off > >> weird config? > > > > I reckon the focus of SA on "post-SMTP" is due to the fact that it > > operates, by nature, post DATA phase. > > Huh? It operates when I ask it to. What are you trying to say here? > > > I agree that milters, or any other stuff done during the SMTP dialogue, > > are a preferable first line of defense. But since full SA checks need to > > be done post-DATA anyway, you lose much of the advantage of a milter > > (e.g. pre-DATA phase early-outs). > > Huh? I don't get you. What exactly about SA *requires* that it be done > post-SMTP...?
Not strictly post-SMTP, but after the terminating "\r\n.\r\n".
> And if that's true, why isn't there a major effort to overhaul it?
>
> > As for backscatter to the poor folks whose e-mail got forged, you're not
> > supposed to do that anyway. And LDA using SA should either silently drop
> > a message indicated as spam, or attach it with ***SPAM*** in the subject
> > or some such. But never re-open a connection to who one thought was the
> > sender, to tell them they sent you spam; that very act is spamming
> > itself.
>
> No kidding. But silently dropping FP is a major problem too. You want
> FP to bounce back to the sender as normal. Therefore SMTP-time running
> is the only sensible solution.
I like to run SA at SMTP time too, but rejecting isn't always a good idea,
e.g. when mail is forwarded from some other place, or in some cases when it
comes from a mailing list, which might unsubscribe you if you're unlucky (if
the server has crappy spam protection and the MLM doesn't probe before
unsubscribing).
--
Magnus Holmgren [EMAIL PROTECTED]
(No Cc of list mail needed, thanks)
pgpuOkAgVXood.pgp
Description: PGP signature
