[89914] in North American Network Operators' Group
Re: Spam filtering bcps [was Re: Open Letter to D-Link about their NTP vandalism]
daemon@ATHENA.MIT.EDU (Suresh Ramasubramanian)
Wed Apr 12 11:00:51 2006
Date: Wed, 12 Apr 2006 20:30:16 +0530
From: "Suresh Ramasubramanian" <ops.lists@gmail.com>
To: "Matthew Black" <black@csulb.edu>
Cc: nanog@merit.edu, "Matthew Sullivan" <matthew@sorbs.net>
In-Reply-To: <web-8472144@remus.csulb.edu>
Errors-To: owner-nanog@merit.edu
On 4/12/06, Matthew Black <black@csulb.edu> wrote:
>
> I haven't seen any succinct justification for providing a
> 550 message rejection for positively-identified spam versus
> silently dropping the message. Lots of how-to instructions
> but no whys.
>
For viruses - fine. But you are not going to find any spam filter in
the world that doesnt have false positives. And in such cases its
always a good idea to let the sender know his email didnt get through.
Like for example - you see a large webmail provider whose hosts and
domains keep getting forged into spam, misread the headers and block
that provider. In such cases, its your users who arent getting a lot
of valid email from their friends and relatives who are using that
provider, and 550'ing instead of trashing email saves the senders, and
their provider, quite lot of time that'd otherwise be spent
troubleshooting the issue.
Plus, 5xx smtp rejects tend to save your bandwidth a bit compared to
accepting the entire email (not that it matters on a small university
domain where your userbase is going to be fairly small, and bandwidth
available quite generous .. but for larger sites, or sites with
bandwidth issues, that's definitely a concern)
--srs
--
Suresh Ramasubramanian (ops.lists@gmail.com)
