At 1:51 +0000 2003/01/23, Alan J. Flavell wrote:
>On Wed, 22 Jan 2003, Suresh Ramasubramanian wrote:
>
>> Try spamassasin or something (or maybe open proxy dnsbls) rather than
>> sender verify callouts - I would rather not have further unnecessary
>> connections to our MXs at the moment, thankyouverymuch.
>
>Speaking for ourselves, we try as far as possible to perform low-cost
>checks first, working up to high-cost ones last: that means testing
>local blacklists first, then the DNS-based RBLs, and only if the mail
>gets past those, and then only if the sender domain is in our list of
>domains for which we've concluded that callbacks are a worthwhile
>exercise, do we actually try that.
aren't DNS-based RBLs quite expensive, even more than callbacks?
Also, I just did a test, and the callback that failed on one
connection was not repeated on another connection (the same, I think
for positive responses, but I am now a bit lost in the tcpdump...).
I do not know, however, how long these results will be cached for.
So I think that one should streamline the check for callbacks, even
if this means accepting a few spam emails. (But why do we accept
callbacks when the old VRFY is considered "no go"). Extra check for
callback the turn to be bounce messages can be done at DATA phase
(not that I am too happy about it..).
Giuliano
--
H U M P H
|| |||
software
Java & C++ Server/Client/Human Interface applications on MacOS - MacOS X
http://www.humph.com/
