OT: Sendmail REJECT or DISCARD preference
Peter Farrow
peter at farrows.org
Fri Mar 28 16:45:13 GMT 2008
Steve Freegard wrote:
> Steve Campbell wrote:
>> Since we're hitting the access file pretty hard today, I thought I'd
>> ask a question about what most might put in there.
>>
>> I typically use the DISCARD parameter instead of the REJECT, with the
>> reason being I don't want to add to the trash on the web. What do
>> most use here and am I correct in thinking that DISCARD is less
>> bandwidth and CPU intensive?
>
> Nope - 100% wrong in my opinion.
>
> If you use DISCARD, then you take the message all the way to the end,
> pretend to accept it and then /dev/null it.
>
> There are two really important disadvantages:
>
> 1) Throwing messages into the bit-bucket is really dangerous as if
> you get an FP here (say through a mistake in the LHS of the
> access-map) then you'll never know and neither will the server without
> some debugging.
>
> 2) You'll use extra bandwidth as DISCARD will take all of the message
> data, then throw it away.
>
> REJECT is better because:
>
> 1) It is done pre-DATA, so therefore potentially saves a lot of
> bandwidth.
>
> 2) As per the RFC - the sending MTA has to deal with the rejection,
> this means for a FP the sending MTA that receives the rejection must
> generate a DSN to the originating user.
>
> Hope this helps.
>
> Kind regards,
> Steve.
If you reject, and its spoofed you'll get it back anyway, so you end up
receiving and then storing it in the postmaster address, it is always
best to discard in this scenario...or even worse bouncing it again
Remember we are dealing with spammers here, since when is the RFC about
what is supposed to happen at the sending end/mta from the spammer going
to be adhered to....
DISCARD is the way to go...
P.
More information about the MailScanner
mailing list