On Thu, Apr 25, 2002 at 11:27:10PM -0500, Scott Lamb wrote: > Scott M Likens wrote: > > If you have some idea how I could accomplish my stated goals on the MTA > side, please share. I've given my reasons for this approach. Why do you > feel so strongly that this belongs in the MTA?
Because it should belong in the MTA for many reasons. The basic reason is i know personally from getting spam daily, i dont want the X-RBL-Warning, i want it JUST GONE! Realistically once you start getting on 'spam' lists your not gonna get a trickle. Your going to get alot. Unfortunatly there is no foolproof way to root out spam, you can leave yourself in the blue unsecured allowing any and all email coming in, or you can take the responsibility of securing your server by enabling the options you feel needed, Personally I use this in postfix smtpd_recipient_restrictions = reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, permit_mynetworks, reject_unauth_destination reject_invalid_hostname, reject_non_fqdn_hostname, reject_unknown_client, reject_maps_rbl, permit Nice thing about it is i drop 95% of the spam that i used to get. Now i only get spam from a few servers that try hard enough. But usually those arnt open relays that try hard enough. Usually those are end-users who are trying hard to make sure the spam gets there. > Here's one I haven't mentioned yet - some people want to do 'fileinto > "INBOX.spam"' instead of outright blocking spams. With something purely > on the MTA side, this isn't possible at all - Cyrus is what decides > where the mail gets filed. This is possible with the X-RBL-Warning, but > I've pretty thoroughly stated why I think that's inadequate. I won't > repeat myself. > Pretty much i have a strong feeling about it, i know you loose emails from using rbl_check's and from bodychecks and headerchecks. But honestly i have learned along time ago, if you arnt willing to make the choices and take the matters into your own hands. You will never be rid of the problem. If everyone tomorrow setup their mail servers _PROPERLY_ without any /relaying/ of any kind. The spam would drop dramatically. But as you can tell it's not that way. There are dare i say clubies who setup open relay mailservers because they feel they 'need an open relay'. There are those who dont care about what they setup. Unfortunatly walking into a OS that is primarily Internet Related like Redhat Linux that's badly configured, you run into open relays. Now adays your looking at old sendmail versions that relay left and right. and personally i feel if you dont take it out at the MTA level, your going to make it use extra cpu power to add it to INBOX.spam and whatever other Sieve rulesets you might use. I say bounce it immediatly and leave it alone. I'd rather send a message to the postmaster at those 'sites' telling them to get a clue. But that would be too harsh. sincerely, Scott
