Re: Dealing with low scoring spam - tighter MTA integration

Wed, 04 Mar 2009 09:47:01 -0800 

On Wed, 4 Mar 2009, Andrzej Adam Filip wrote:


This would be an entirely different application, not SA, wouldn't it?


It can be developed using the same "spam score" logic, based subset of
all tests requiring only the subset of "final data" available during
"classic run".



So in other words something like SMTP-time DNSBL tests that score points 
towards rejection rather than being pass/fail? That sounds like a good 
idea.



I do think that promoting tools that encourage postmaster to care very
much about mail server (IP address) reputation can make real difference
e.g. caring to be above reputation "none" in DNSWL to avoid grey-listing.



Agreed. But, performing major redesign of SA to achieve this pre-RCPT is 
going to be a tough sell.



Well, this probably could be done in SA using a multi-level protocol
capable of returning values at different stages. However, this seems
perfectly suited for a lightweight tool, rather than a hog that is
designed to scan and process entire messages. :)


During initial tests/deployment *much* simpler implementation can be
used with recommended action based on spam score:

It would require redesign of 50_scores.cf structure.
 e.g. instead of
   score RCVD_IN_DNSWL_HI 0 -8 0 -8
 something like that
   # N - Network, B - Bayes, nX - no X, R - "RCPT TO:"
   score RCVD_IN_DNSWL_HI nNnB=0 NnB=-8 nNB=0 NB=-8 R=-8
 or shorter
   score RCVD_IN_DNSWL_HI N=-8 R=-8



Why would SA be served by _major_ modifications like this, rather than 
writing a new milter that focuses on determining the reputation of an IP? 
Are you really willing to break _all_ existing SA installations for this?



Please don't try to make SA a "do everything" tool, you'll likely weaken 
what it does an outstanding job of today.


--
 John Hardin KA7OHZ                    http://www.impsec.org/~jhardin/
 jhar...@impsec.org    FALaholic #11174     pgpk -a jhar...@impsec.org
 key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
  Failure to plan ahead on someone else's part does not constitute
  an emergency on my part.                 -- David W. Barts in a.s.r
-----------------------------------------------------------------------
 4 days until Daylight Saving Time begins in U.S. - Spring Forward























					Reply via email to