Re: [Exim] secondary MX in a world of spammers

Página Principal
Esta mensagem é parte da seguinte discussão:
M----+-++++\a lista completa das discussões ordenadas por data
M++-\M\MMMMMOllie Cook em <-
MMM\MMM..MDavid Woodhouse em ->
Apagar esta mensagem
Responder a esta mensagem
Autor: mb
Data:  
Para: Jeff Lasman
CC: exim-users
Assunto: Re: [Exim] secondary MX in a world of spammers
On Nov 13 Jeff Lasman wrote:

>Our situation is complicated because we're being asked by our clients to
>offer it as a service to them. And they run different mailservers.
>I'm not sure how we could keep track of all their users, and I know if
>we expected them to update a file so they'd keep track of it, it would
>never happen properly.
>
>So the only way we could implement it would be true store and forward.
>So we'd be accepting spam and email to incorrect addresses, and forward
>it later, when their system is again available.

I think Nico's right. Think of the scariest you can be:

- every dnsbl you can think of (even bl.spamcop.net)
- use exiscan with at least clamd and spamd (and dodgy attachment lists..)
- use sender callout verification
- don't accept message with >n RCPTs (for a suitable n)
- whatever else you've got up your sleeve!

BUT BUT BUT..

- dont ever send SMTP 550; send 451 ("defer" in ACL-speak).

This way "policy" is largely shifted to you primary MX(es); spam is
largely thwarted (as most spammers won't try again) and 99% of legitimate
mail is nearer your users' INBOXes than it could have been.

Matt


Esta mensagem foi colocada nas seguintes mailing lists:
Exim-users
Informação da Mailing List | Mensagens Perto		<-[Exim] exim cyrus config.[Exim] Send mail from mailq to another user->
Tahini and Hummus and Cumin Development Archives administrado por cumin AdminsLurker (versão 2.3)