On Tue, 31 Jul 2007, mouss wrote: > running SA at smtp time requires that the client does not timeout. > so you'd better scan fast! you're also more subject to DOS (your > smtp listeners are busy). compare this to queue and filter...
okay, here's a sick idea: (1) MTA completes the SMTP exchange and responds with a 4xx after DATA finishes. (2) MTA passes message off to SA, then stores a hash of message-ID/score. MTA then discards the message. (3) When the remote MTA retries (if it retries) then the MTA looks up the score in the hash and decides whether to 200 or 5xx the message. All of the benefits of both methods! :) -- John Hardin KA7OHZ http://www.impsec.org/~jhardin/ [EMAIL PROTECTED] FALaholic #11174 pgpk -a [EMAIL PROTECTED] key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 ----------------------------------------------------------------------- Perfect Security is unattainable; beware those who would try to sell it to you, regardless of the cost, for they are trying to sell you your own slavery. ----------------------------------------------------------------------- 4 days until The 272nd anniversary of John Peter Zenger's acquittal
