Re: [Exim] secondary MX in a world of spammers

Páxina inicial
Esta mensaxe é parte do seguinte fío:
M----+-++++\Árbore completa do fío ordenada por data
M++-\M\MMMMMOllie Cook o <-
MMM\MMM..MDavid Woodhouse o ->
Borrar esta mensaxe
Responder a esta mensaxe
Autor: mb
Data:  
Para: Jeff Lasman
CC: exim-users
Asunto: Re: [Exim] secondary MX in a world of spammers
On Nov 13 Jeff Lasman wrote:

>Our situation is complicated because we're being asked by our clients to
>offer it as a service to them. And they run different mailservers.
>I'm not sure how we could keep track of all their users, and I know if
>we expected them to update a file so they'd keep track of it, it would
>never happen properly.
>
>So the only way we could implement it would be true store and forward.
>So we'd be accepting spam and email to incorrect addresses, and forward
>it later, when their system is again available.

I think Nico's right. Think of the scariest you can be:

- every dnsbl you can think of (even bl.spamcop.net)
- use exiscan with at least clamd and spamd (and dodgy attachment lists..)
- use sender callout verification
- don't accept message with >n RCPTs (for a suitable n)
- whatever else you've got up your sleeve!

BUT BUT BUT..

- dont ever send SMTP 550; send 451 ("defer" in ACL-speak).

This way "policy" is largely shifted to you primary MX(es); spam is
largely thwarted (as most spammers won't try again) and 99% of legitimate
mail is nearer your users' INBOXes than it could have been.

Matt


Esta mensaxe foi enviada ás seguintes listas:
Exim-users
Información da lista | Mensaxes recentes		<-[Exim] exim cyrus config.[Exim] Send mail from mailq to another user->
Tahini and Hummus and Cumin Development Archives administrado por cumin AdminsLurker (versión 2.3)