On Tue, 16 Feb 2010, Alexandre Chapellon wrote:
I'd like to re-focused to my initial questions: "does SA on outgoing smtp needs specific tweaks? Is it a good idea and does any body already set it up?"
In answer to 'is it a good idea', please insure that whatever mechanism you put in place operates at SMTP time.
Do NOT (big heavy sledgehammer NOT) 'accept' a mail into your MTA before checknig it. Otherwise you will generate the WORST kind of backscatter when you try to 'reject' the mail. Obviously you cannot silently discard your user's mail, so you *must* 'reject' it, so be sure to do this at the SMTP gateway. Spambots will ignore the reject. The users won't even know anything happened, but any legitimate mail that is blocked will result in their MUA (Outlook) displaying an error message. This is GOOD. :)
If you cannot manage the technical feat of running spamassassin during the SMTP 'data' phase, and have to 'bounce' messages, then NO this is just a terribly bad idea. But not bad because of spamassassin. Bad because of the potential backscatter being sent OUT from your server to the forged senders of all your spam.
- Charles
