Re: [Exim] Avoiding frozen spam

Pàgina inicial
Delete this message
Reply to this message
Autor: Giuliano Gavazzi
Data:  
A: Mark Edwards, exim-users
Assumpte: Re: [Exim] Avoiding frozen spam
I was trying to shut up, but then since nobody explicitly warned you
about what you are attempting to do, here it is:

At 19:06 -0700 2003/10/06, Mark Edwards wrote:
>I'm moving a spamassassin-based anti-spam system from having messages
>tagged as spam and sent to a mailbox for human review, to rejecting
>messages tagged as spam with an explanatory message directing real
>humans to add a nospam- prefix to the To address to have the message
>accepted.


bad idea. I am surprised you haven't been flooded with messages
telling you "Never generate bounce messages".


[...]
>The only remaining issue is that, of course, the 200+ spams that come in
>each day each generate a frozen message because non of the return
>addresses work. My stopgap measure is to implement a daily crontab to
>delete frozen messages. However, ideally I want to know about frozen
>messages that are not tagged as spam.


Look, that is not the only remaining issue, and I give you a solution
for both. Forget about generating bounces (did I say that?)

Besides, your figure of 99.999% of spam with invalid return addresses
is misguided, and (which is another thing and even more true) most
addresses would not generate a frozen message if you bounced them. If
what you say was true, a simple sender callout would just stop the
spam from coming in.


>What is a good way to tell exim to send a notification such as the
>above, but ignore it if that notification bounces? Or better yet, test
>the return address for validity first and give up immediately if (like
>99.999% of spam) the return adddress goes nowhere? I don't see any way

[...]


>Can someone suggest an elegant way of achieving this? Thanks!


If you do a sender callout (and forget about generating bounces) and
reject on that basis (that is when it fails), you will have little
false positives (and a lot of false negatives).

On one thing (the subject line) you are right: spam is better fresh
than frozen.

Giuliano