Reject vs. bounce

Ken A ka at pacific.net
Tue Oct 3 16:03:24 IST 2006



Tim Boyer wrote:
> On Mon, 02 Oct 2006 20:57:21 -0700, Ken <ka at pacific.net> wrote:
> 
>> Tim Boyer wrote:
>>> Apologies if this has been discussed ad infinitum before.  I've been running a
>>> mailserver since 1996, but just heard about MailScanner Saturday, thanks to
>>> Steve Swaney's excellent talk at the Ohio LinuxFest.
>>>
>>> I've been using DNSBLs and a private blocklist with SpamAssassin, and ClamAV as
>>> milters, so when I reject an email it's rejected, not bounced back to the
>>> (99.999% bogus) 'From" address.  
>>>
>>> I've heard and read that MailScanner has a 'bounce' option.  Is this what I
>>> think it is - a bounce back to the 'From'?  Or is it a reject before the
>>> connection's been dropped and the email accepted?
>>>
>>>   
>> The 'Feature' is pretty much useless, as has been mentioned here many 
>> times.
>> I'd only add that you can do both what you are doing now AND run 
>> MailScanner to further process your mail using more aggressive 
>> spamassassin rulesets. Because MailScanner queues and scans mail with a 
>> perl process that uses the spamassassin perl api, you can run tons of SA 
>> rules, rbl and uribl tests, plugins and virus scanners as long as you 
>> dedicate sufficient resources to the process. It's much more than you 
>> can do in an smtp transaction. Most users here combine the fast milters 
>> doing some rejections, with MailScanner & SpamAssassin doing the heavy 
>> work.
>> Ken Anderson
>> Pacific.Net
> 
> That's what I'm doing now, in the smtp transaction, using the MIMEDefang milter
> - running all my SpamAssassin tests there.  My fear is that if I move them from
> there to a post-smtp scan, I'll lose the ability to reject.

Is running SA in both places with different rules not possible? I'd try 
that if I had the time to set it up!

> For instance, we once got a legitimate sales request that scored over 19 on SA.
> /dev/null fodder if ever there was one, but because I reject with a 'email
> postmaster if you're real' message, they re-sent and it got through.  If I scan
> afterwards, my only real options are discard it or tag it and do something with
> it, right?

Right.

Ken A
Pacific.Net







More information about the MailScanner mailing list