On Thursday 19 October 2006 20:34, Jo Rhett took the opportunity to say:
> Mark wrote:
> >> -----Original Message-----
> >> From: Jo Rhett [mailto:[EMAIL PROTECTED]
> >> Sent: donderdag 19 oktober 2006 9:56
> >> To: Mark
> >> Cc: users@spamassassin.apache.org
> >> Subject: Re: ALL_TRUSTED creating a problem
> >>
> >>
> >> Perhaps SA being focused on "post-SMTP" is the problem here. Why is
> >> this the focus? In the modern world, you want to reject
> >> during SMTP not send backscatter to the poor folks whose e-mail got
> >> forged.
> >>
> >> Frankly, a milter environment is the only possible right way
> >> to run SA. So why the constant comments as if this is some one-off
> >> weird config?
> >
> > I reckon the focus of SA on "post-SMTP" is due to the fact that it
> > operates, by nature, post DATA phase.
>
> Huh?  It operates when I ask it to.  What are you trying to say here?
>
> > I agree that milters, or any other stuff done during the SMTP dialogue,
> > are a preferable first line of defense. But since full SA checks need to
> > be done post-DATA anyway, you lose much of the advantage of a milter
> > (e.g. pre-DATA phase early-outs).
>
> Huh?  I don't get you.  What exactly about SA *requires* that it be done
> post-SMTP...?

Not strictly post-SMTP, but after the terminating "\r\n.\r\n".

> And if that's true, why isn't there a major effort to overhaul it?
>
> > As for backscatter to the poor folks whose e-mail got forged, you're not
> > supposed to do that anyway. And LDA using SA should either silently drop
> > a message indicated as spam, or attach it with ***SPAM*** in the subject
> > or some such. But never re-open a connection to who one thought was the
> > sender, to tell them they sent you spam; that very act is spamming
> > itself.
>
> No kidding.  But silently dropping FP is a major problem too.  You want
> FP to bounce back to the sender as normal.  Therefore SMTP-time running
> is the only sensible solution.

I like to run SA at SMTP time too, but rejecting isn't always a good idea, 
e.g. when mail is forwarded from some other place, or in some cases when it 
comes from a mailing list, which might unsubscribe you if you're unlucky (if 
the server has crappy spam protection and the MLM doesn't probe before 
unsubscribing).

-- 
Magnus Holmgren        [EMAIL PROTECTED]
                       (No Cc of list mail needed, thanks)

Attachment: pgpuOkAgVXood.pgp
Description: PGP signature

Reply via email to