how to bock mailservers that have only an ip address

[Kai Schaetzl]

John Rudd wrote on Mon, 1 May 2006 11:37:11 -0700:

> Actually, like MailScanner, MIMEDefang uses persistent perl processes 
> not per-scan nor per-message perl processes.  The difference isn't in 
> spawning processes, the difference is in the bulk nature of the actual 
> processing being done (MailScanner bulk scans messages during virus 
> scanning, and MIMEDefang scans messages one at a time for all aspects 
> of scanning). 

Ok. But this also means you have to run enough instances to cater for the 
usual incoming connections and spawn new instances if that count gets higher 
than what you have in waiting children.

> Again, that's not the actual trade-off.  You can do quarantine with 
> MIMEDefang, too.

But in that case it seems to me you lose some of the extra functionality of 
MIMEDefang. If you quarantine anyway, there's no much use in using 
MimeDefang in addition to MailScanner.

> That's not too different from what I'm doing or proposing.  I'm just 
> saying that MIMEDefang lets you add more technical reasons to do the 
> blocking at the MTA level. 

I surely believe that, but I think I'd prefer to add one or two specialized 
C-based milters for that instead of running a "full-blown" MailScanner-like 
application in addition to MailScanner.

> The rest is pretty much all the same.

That's what I mean, they are rather alternatives than complimentary. And 
apart from a very few things the one or the other is missing it's a matter 
of style and maybe the throughput you need which one you use.

Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com