[89940] in North American Network Operators' Group
Re: Spam filtering bcps
daemon@ATHENA.MIT.EDU (Matthew Sullivan)
Wed Apr 12 19:57:12 2006
Date: Thu, 13 Apr 2006 09:56:12 +1000
From: Matthew Sullivan <matthew@sorbs.net>
In-reply-to: <20060412142641.C92311@lark.capnet.state.tx.us>
To: Bryan Bradsby <Bryan.Bradsby@capnet.state.tx.us>
Cc: nanog <nanog@merit.edu>
Errors-To: owner-nanog@merit.edu
Bryan Bradsby wrote:
>>Silently deleting other people's e-mail should never even be considered.
>>
>>
>
>Unless that email is a virus, or a spam with a forged envelope sender.
>
>
Why? - You can scan for viruses inline using a variety of products (eg:
I have patched Postfix to use clamav inline on modest hardware (single
CPU AMD64 will do it, so will a Dual PIII 866) and it will accept
messages at 50 messages per second (sustained load) and scan for viruses
before responding to the end-of-data command, rejecting if a virus is
detected.).
Spam is a different subject altogether - are you that sure you can
detect spam without a false positive? If so then why aren't you doing
it inline? If you can't why are you blindly deleting the messages? - My
BCP comment is if you can't detect inline (eg for performance reasons)
tag it and deliver it (if you have the capabilities, deliver it to a
junk folder) - that way you are following the RFC's and no non spam mail
is deleted by the system.
Regards,
Mat
