mailscanner + exim release from out queue

Alex Neuman alex at vidadigital.com.pa
Tue Apr 30 14:25:05 IST 2013


Also, be sure to implement SPF and MailScanner's message signing in
order to decrease the number of bounces to forged senders...

On Tue, Apr 30, 2013 at 4:18 AM, Martin Hepworth <maxsec at gmail.com> wrote:
> don't bounce emails that are selected as spam, no reason to anyway.
> Check for valid recipients on inbound at the MTA and use that to reject the
> connection, using a decent delay on initial connection and use greylisting
> are all easy reasons to reject at MTA.
>
> But after that it can quite a job to process the email for spam/malware so
> doing post 'acceptance' is still fine IMHO
>
> --
> Martin Hepworth, CISSP
> Oxford, UK
>
>
> On 30 April 2013 08:49, Jonas Akrouh Larsen <jonas at vrt.dk> wrote:
>>
>> Hi Glenn
>>
>>
>>
>> >That MailScanner doesn't operate at SMTP-time is exactly what sets it
>> > apart... It is the fundamental difference that make MailScanner perform so
>> > >much better, and suffer from so much less risk of DoS:ing, than amavisd ...
>>
>> >Sure, you cannot do "on the fly rejections", but ... AV/Anti-UCE scanning
>> > is to expensive at that stage anyway (IMO)... apart from the simple >things
>> > you can do in the MTA, that is (recipient verification, rfc strictness,
>> > graylisting etc). But the benefits of not doing it in one go, as amavisd
>> > >does, far outweigh that drawback.
>>
>> >If one were to somehow wrangle MailScanner into action during SMTP... one
>> > could as well use amavisd instead;-).
>>
>> >
>>
>> >As for choice of MTA, one should always stick with the one one is most
>> > comfortable with ... You're far less likely to foobar things if you know
>> > >what you're doing:-). If one starts from scratch, taking into account what
>> > happens to be the default on the system you use seem like a very sound
>> > >strategy:-).
>>
>>
>>
>> I’ve stuck with exim+MS for 5 years so I guess I must be liking it for the
>> most part J
>>
>>
>>
>> However I do find it annoying not being able to scan at smtp time, it
>> would be much simpler for bounces and such, and rid my outgoing queue of
>> mails I can’t return to sender because it was forged etc.
>>
>>
>>
>> Also it shouldn’t run in parallel, so it’s no more expensive than running
>> it post smtp, since you don’t spam scan a virus, you don’t virusscan
>> something listed on rbl etc.
>>
>>
>>
>> But thanks for the comments J
>>
>>
>>
>>
>>
>> Med venlig hilsen / Best regards
>>
>>
>>
>> Jonas Akrouh Larsen
>>
>>
>>
>> TechBiz ApS
>>
>> Laplandsgade 4, 2. sal
>>
>> 2300 København S
>>
>>
>>
>> Office: 7020 0979
>>
>> Direct: 3336 9974
>>
>> Mobile: 5120 1096
>>
>> Fax:    7020 0978
>>
>> Web: www.techbiz.dk
>>
>>
>>
>>
>>
>>
>> --
>> MailScanner mailing list
>> mailscanner at lists.mailscanner.info
>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>>
>> Before posting, read http://wiki.mailscanner.info/posting
>>
>> Support MailScanner development - buy the book off the website!
>>
>
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>



-- 

--

Alex Neuman van der Hans
Reliant Technologies / Vida Digital
http://vidadigital.com.pa/

+507-6781-9505
+507-832-6725
+1-440-253-9789 (USA)

Follow @AlexNeuman on Twitter
http://facebook.com/vidadigital


More information about the MailScanner mailing list