<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=ISO-8859-1">
<META content="MSHTML 5.50.4916.2300" name=GENERATOR></HEAD>
<BODY>
<DIV><SPAN class=791310819-25062002><FONT face=Arial color=#0000ff size=2>nice
signature man,</FONT></SPAN></DIV>
<DIV><SPAN
class=791310819-25062002>""iQA/AwUBPRg0Ea2fOiTs5+WvEQLibwCeKwQY8ufxPTJc4yHAi2wwg4GHjToAoNYP
<BR>rBipxN3ahQJmwXHHlKmPvRxY <BR>=KV8w ""</SPAN></DIV>
<BLOCKQUOTE>
<DIV class=OutlookMessageHeader dir=ltr align=left><FONT face=Tahoma
size=2>-----Original Message-----<BR><B>From:</B> Patterson S.R.
[mailto:S.R.Patterson@SOTON.AC.UK]<BR><B>Sent:</B> Tuesday, June 25, 2002 6:15
AM<BR><B>To:</B> MAILSCANNER@JISCMAIL.AC.UK<BR><B>Subject:</B> Why I think RBL
should be done with the MTA rather than
Mailscanner<BR><BR></FONT></DIV>-----BEGIN PGP SIGNED MESSAGE----- <BR>Hash:
SHA1 <BR><BR>I'm just working through in my head the options for spam blocking
and <BR>come up with the following advantages to using RBL lists on the MTA
<BR>(i.e. sendmail) at point of acceptance rather than using them on
<BR>Mailscanner: <BR><BR>- - Reduced server load - you don't have to bother
accepting a mail <BR>for delivery (i.e. spooling it all up) when you already
know you're <BR>going to reject it anyway <BR><BR>- - The remote user/server
gets a sensible rejection message at the <BR>point of "MAIL FROM:" or "RCPT
TO:" along the lines of "Your domain is <BR>black listed, please see <A
target=NewWin href="http://useful.url" ?>http://useful.url"</A> <BR><BR>- -
Perhaps of maximum importance to me, you have complete control of <BR>your
mail relaying policies through sendmail itself - for example, I <BR>want to
use the MAPS Dial up list to block direct mailing to my <BR>servers from diaul
up users. However, I don't want to stop valid <BR>University users at home on
their dialup connections from sending mail <BR>through my servers. The answer
- implement SMTP Authentication <BR>(already done!) and only reject IP
addresses in the MAPS Dial Up list <BR>if the user hasn't first authenticated
themselves with a valid <BR>username and password. How would you do this in
Mailscanner? <BR><BR>Can anybody see any advantages to using the RBL lists on
Mailscanner <BR>instead of on the MTA directly? I'd like to hear the flip side
of the <BR>debate! <BR><BR>This is by no means a dig at the product or at
Julian who works very <BR>hard to implement all of the features which his
userbase demands <BR>(though I somethimes think the userbase demands
inappropriate <BR>features... Don't even get me started on SA...;P)
<BR><BR>Here's a feature for you Jules... How about making "plug in" module
<BR>support for each MTA, spam features, Spam Assassin, Virus scanner, etc
<BR>- by which I mean you only load the code which you need for the
<BR>features and software that you are using. No, don't ask me how you'd
<BR>do that :) <BR><BR>Yours ramblingly, Steve <BR>- -- <BR>Steven Patterson,
MSci. Tel: +44 (0)2380 595810 <BR>Electronic Information Systems Support and
Development <BR>Computing Services, University of Southampton, UK. <BR>Public
PGP Key: <A target=NewWin
href="http://www.soton.ac.uk/~srp/pubkey.asc">http://www.soton.ac.uk/~srp/pubkey.asc</A>
<BR><BR>-----BEGIN PGP SIGNATURE----- <BR>Version: PGP 7.0.4
<BR><BR>iQA/AwUBPRg0Ea2fOiTs5+WvEQLibwCeKwQY8ufxPTJc4yHAi2wwg4GHjToAoNYP
<BR>rBipxN3ahQJmwXHHlKmPvRxY <BR>=KV8w <BR>-----END PGP SIGNATURE-----
<BR><BR></BLOCKQUOTE></BODY></HTML>