<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content="text/html; charset=iso-8859-1" http-equiv=Content-Type>
<META name=GENERATOR content="MSHTML 8.00.7601.18106">
<STYLE><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;
font-family:"Calibri","sans-serif";
mso-fareast-language:EN-US;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:3.0cm 2.0cm 3.0cm 2.0cm;}
div.WordSection1
{page:WordSection1;}
--></STYLE>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></HEAD>
<BODY lang=DA link=blue vLink=purple>
<DIV dir=ltr align=left><SPAN class=749022812-30042013><FONT color=#0000ff
size=2 face=Arial>Sorry for top posting but this html is horrible to
quote</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=749022812-30042013><FONT color=#0000ff
size=2 face=Arial></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=749022812-30042013><FONT color=#0000ff
size=2 face=Arial>I NEVER bounce anything , ever. Once it is accepted it's my
problem. Below is a partial (fairly complete) list of checks I do before we even
get to the data phase or any scanning and the first thing done during data is
domainkey/dkim checks</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=749022812-30042013><FONT color=#0000ff
size=2 face=Arial></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=749022812-30042013><FONT color=#0000ff
size=2 face=Arial>Helo:</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=749022812-30042013> <FONT
color=#0000ff size=2 face=Arial>1. Attempting to helo as part of one of my
domains and is not</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=749022812-30042013> <FONT
color=#0000ff size=2 face=Arial>2. Non fqdn or ip literals properly
formatted in brackets ([192.168.2.2])</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=749022812-30042013> <FONT
face=Arial><FONT color=#0000ff size=2>3. specific domains that should not be
used such as local/internal/localdomain</FONT></FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=749022812-30042013> <FONT
color=#0000ff size=2 face=Arial>4. invalid hostnames such as
localhost</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=749022812-30042013> <FONT
color=#0000ff size=2 face=Arial>5. blank (e)helo</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=749022812-30042013> <FONT
color=#0000ff size=2 face=Arial>6. my own server name</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=749022812-30042013> <FONT
color=#0000ff size=2 face=Arial>7. couple more special cases</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=749022812-30042013><FONT color=#0000ff
size=2 face=Arial></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=749022812-30042013><FONT color=#0000ff
size=2 face=Arial>Rcpt :</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=749022812-30042013> <FONT
color=#0000ff size=2 face=Arial>1. black listed hosts or
domains</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=749022812-30042013> <FONT
face=Arial><FONT color=#0000ff size=2>2. missing both A and MX records (
not due to dns failure)</FONT></FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=749022812-30042013> <FONT
face=Arial><FONT color=#0000ff size=2>3. spf hard
fail</FONT></FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=749022812-30042013></SPAN><SPAN
class=749022812-30042013> <FONT face=Arial><FONT color=#0000ff
size=2>4. Not authenticated from a local user (unless from a valid,
internal relay)</FONT></FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN
class=749022812-30042013> <FONT color=#0000ff size=2
face=Arial>5. from or to user that is never used from or to external host (root,
ftp, wheel, etc) that is coming from external source</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN
class=749022812-30042013> <FONT color=#0000ff size=2
face=Arial>6. specific countries we never do business with but stats
show very high percentage of spam (to our servers)</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN
class=749022812-30042013> <FONT color=#0000ff size=2
face=Arial>7. invalid domain parts</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=749022812-30042013> <FONT
face=Arial><FONT color=#0000ff size=2>8. above a certain threshold of invalid
recipients</FONT></FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=749022812-30042013><FONT color=#0000ff
size=2 face=Arial> 9. Too many recipients if not an
authenticated user</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=749022812-30042013> <FONT
face=Arial><FONT color=#0000ff size=2>10. Several
rbls</FONT></FONT> </SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=749022812-30042013><SPAN
class=749022812-30042013> <FONT face=Arial><FONT color=#0000ff
size=2>11. invalid local part (invalid user)</FONT></FONT></SPAN></SPAN></DIV>
<DIV> </DIV>
<DIV><SPAN class=749022812-30042013></SPAN><FONT face=Arial><FONT
color=#0000ff><FONT size=2>d<SPAN class=749022812-30042013>oing the checks
before data stops the most part before we have to waste time spooling, and many
of these rules result in being added (for various periods of time) to the
firewall so there is no second chance for
hours/days/weeks.</SPAN></FONT></FONT></FONT></DIV>
<DIV><FONT face=Arial><FONT color=#0000ff><FONT size=2><SPAN
class=749022812-30042013></SPAN></FONT></FONT></FONT> </DIV>
<DIV><FONT face=Arial><FONT color=#0000ff><FONT size=2><SPAN
class=749022812-30042013>Rick</SPAN></FONT></FONT></FONT></DIV>
<DIV><BR></DIV>
<DIV dir=ltr lang=en-us class=OutlookMessageHeader align=left>
<HR tabIndex=-1>
<FONT size=2 face=Tahoma><B>From:</B> mailscanner-bounces@lists.mailscanner.info
[mailto:mailscanner-bounces@lists.mailscanner.info] <B>On Behalf Of </B>Jonas
Akrouh Larsen<BR><B>Sent:</B> Tuesday, April 30, 2013 3:50 AM<BR><B>To:</B>
MailScanner discussion<BR><B>Subject:</B> SV: mailscanner + exim release from
out queue<BR></FONT><BR></DIV>
<DIV></DIV>
<DIV class=WordSection1>
<P class=MsoNormal><SPAN style="COLOR: black" lang=EN-US>Hi
Glenn<O:P></O:P></SPAN></P>
<DIV>
<P class=MsoNormal><SPAN style="COLOR: black" lang=EN-US><FONT color=#0000ff
size=2 face=Arial></FONT><O:P></O:P></SPAN></P></DIV>
<DIV>
<P class=MsoNormal><SPAN style="COLOR: black" lang=EN-US>>That MailScanner
doesn't operate at SMTP-time is exactly what sets it apart... It is the
fundamental difference that make MailScanner perform so >much better, and
suffer from so much less risk of DoS:ing, than amavisd
...<O:P></O:P></SPAN></P></DIV>
<DIV>
<P class=MsoNormal><SPAN style="COLOR: black" lang=EN-US>>Sure, you cannot do
"on the fly rejections", but ... AV/Anti-UCE scanning is to expensive at that
stage anyway (IMO)... apart from the simple >things you can do in the MTA,
that is (recipient verification, rfc strictness, graylisting etc). But the
benefits of not doing it in one go, as amavisd >does, far outweigh that
drawback.<O:P></O:P></SPAN></P></DIV>
<DIV>
<P class=MsoNormal><SPAN style="COLOR: black" lang=EN-US>>If one were to
somehow wrangle MailScanner into action during SMTP... one could as well use
amavisd instead;-).<O:P></O:P></SPAN></P></DIV>
<DIV>
<P class=MsoNormal><SPAN style="COLOR: black"
lang=EN-US>><O:P> </O:P></SPAN></P></DIV>
<DIV>
<P class=MsoNormal><SPAN style="COLOR: black" lang=EN-US>>As for choice of
MTA, one should always stick with the one one is most comfortable with ...
You're far less likely to foobar things if you know >what you're doing:-). If
one starts from scratch, taking into account what happens to be the default on
the system you use seem like a very sound
>strategy:-).<O:P></O:P></SPAN></P></DIV>
<DIV>
<P class=MsoNormal><SPAN style="COLOR: black" lang=EN-US><O:P></O:P></SPAN></P>
<P class=MsoNormal><SPAN
style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: black; FONT-SIZE: 11pt"
lang=EN-US>I’ve stuck with exim+MS for 5 years so I guess I must be liking it
for the most part </SPAN><SPAN
style="FONT-FAMILY: Wingdings; COLOR: black; FONT-SIZE: 11pt">J</SPAN><SPAN
style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: black; FONT-SIZE: 11pt"
lang=EN-US><O:P></O:P></SPAN></P>
<P class=MsoNormal><SPAN
style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: black; FONT-SIZE: 11pt"
lang=EN-US><O:P></O:P></SPAN></P>
<P class=MsoNormal><SPAN
style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: black; FONT-SIZE: 11pt"
lang=EN-US>However I do find it annoying not being able to scan at smtp time, it
would be much simpler for bounces and such, and rid my outgoing queue of mails I
can’t return to sender because it was forged etc.<O:P></O:P></SPAN></P>
<P class=MsoNormal><SPAN
style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: black; FONT-SIZE: 11pt"
lang=EN-US><O:P></O:P></SPAN></P>
<P class=MsoNormal><SPAN
style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: black; FONT-SIZE: 11pt"
lang=EN-US>Also it shouldn’t run in parallel, so it’s no more expensive than
running it post smtp, since you don’t spam scan a virus, you don’t virusscan
something listed on rbl etc.<O:P></O:P></SPAN></P>
<P class=MsoNormal><SPAN
style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: black; FONT-SIZE: 11pt"
lang=EN-US><O:P></O:P></SPAN></P>
<P class=MsoNormal><SPAN
style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: black; FONT-SIZE: 11pt"
lang=EN-US>But thanks for the comments </SPAN><SPAN
style="FONT-FAMILY: Wingdings; COLOR: black; FONT-SIZE: 11pt"
lang=EN-US>J</SPAN><SPAN
style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: black; FONT-SIZE: 11pt"
lang=EN-US><O:P></O:P></SPAN></P>
<P class=MsoNormal><SPAN
style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: black; FONT-SIZE: 11pt"
lang=EN-US><O:P></O:P></SPAN></P>
<P class=MsoNormal><SPAN
style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: black; FONT-SIZE: 11pt"><O:P></O:P></SPAN></P>
<P class=MsoNormal><SPAN
style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: black; FONT-SIZE: 11pt; mso-fareast-language: EN-US"
lang=EN-US>Med venlig hilsen / Best regards<O:P></O:P></SPAN></P>
<P class=MsoNormal><SPAN
style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: black; FONT-SIZE: 11pt; mso-fareast-language: EN-US"
lang=EN-US><O:P></O:P></SPAN></P>
<P class=MsoNormal><SPAN
style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: black; FONT-SIZE: 11pt; mso-fareast-language: EN-US"
lang=EN-US>Jonas Akrouh Larsen<O:P></O:P></SPAN></P>
<P class=MsoNormal><SPAN
style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: black; FONT-SIZE: 11pt; mso-fareast-language: EN-US"
lang=EN-US><O:P></O:P></SPAN></P>
<P class=MsoNormal><SPAN
style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: black; FONT-SIZE: 11pt; mso-fareast-language: EN-US"
lang=EN-US>TechBiz ApS<O:P></O:P></SPAN></P>
<P class=MsoNormal><SPAN
style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: black; FONT-SIZE: 11pt; mso-fareast-language: EN-US">Laplandsgade
4, 2. sal<O:P></O:P></SPAN></P>
<P class=MsoNormal><SPAN
style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: black; FONT-SIZE: 11pt; mso-fareast-language: EN-US">2300
København S<O:P></O:P></SPAN></P>
<P class=MsoNormal><SPAN
style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: black; FONT-SIZE: 11pt; mso-fareast-language: EN-US"><O:P></O:P></SPAN></P>
<P class=MsoNormal><SPAN
style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: black; FONT-SIZE: 11pt; mso-fareast-language: EN-US">Office:
7020 0979<O:P></O:P></SPAN></P>
<P class=MsoNormal><SPAN
style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: black; FONT-SIZE: 11pt; mso-fareast-language: EN-US"
lang=EN-US>Direct: 3336 9974<O:P></O:P></SPAN></P>
<P class=MsoNormal><SPAN
style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: black; FONT-SIZE: 11pt; mso-fareast-language: EN-US"
lang=EN-US>Mobile: 5120 1096<O:P></O:P></SPAN></P>
<P class=MsoNormal><SPAN
style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: black; FONT-SIZE: 11pt; mso-fareast-language: EN-US"
lang=EN-US>Fax: 7020 0978<O:P></O:P></SPAN></P>
<P class=MsoNormal><SPAN
style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: black; FONT-SIZE: 11pt; mso-fareast-language: EN-US"
lang=EN-US>Web: </SPAN><SPAN
style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: black; FONT-SIZE: 11pt; mso-fareast-language: EN-US"><A
href="http://www.techbiz.dk"><SPAN style="COLOR: black"
lang=EN-US>www.techbiz.dk</SPAN></A></SPAN><SPAN
style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: black; FONT-SIZE: 11pt; mso-fareast-language: EN-US"
lang=EN-US><O:P></O:P></SPAN></P></DIV>
<P class=MsoNormal><SPAN
style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: black; FONT-SIZE: 11pt"
lang=EN-US><O:P></O:P></SPAN></P>
<P class=MsoNormal><SPAN
style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: black; FONT-SIZE: 11pt"
lang=EN-US><O:P></O:P></SPAN></P></DIV></BODY></HTML>