Szerző: Alan J. Flavell Dátum: Címzett: Exim users list Tárgy: Re: [Exim] Multiple recipients and whitelist checks
On Fri, 16 Jul 2004, Mike Bacher wrote:
> Tim Jackson wrote:
>
> > Does it screw in deep enough that you are rejecting at SMTP DATA time? If
> > yes, then check out the suggestions already mentioned, particularly with
> > respect to Alan's "scanning profiles" idea of deferring some recipients.
>
> No, all exim does is accept the mail (it does do a SQL lookup to check
> if it is a valid relay domain, and an LDAP lookup to verify it is a
> valid recipient) and drop it into a queue.
OK, then clearly my idea doesn't help in that scenario.
You're aware of course of the consequences of accepting a mail with a
possibly faked envelope-sender, and later deciding to bounce it? I'm
strongly convinced (i.e by the continual stream of collateral spam,
virus backscatter etc. that we get from other MTAs and do our best to
refuse) that the only feasible time to reject mail is during the
initial SMTP dialogue.
Thinking about a different scenario overnight: suppose that some users
have personal white/blacklists which are consulted at RCPT time. Then
the outcome for each user could be
- unqualified accept
- unqualified deny
- proceed to normal spam-rating.
ISTM that the unqualified deny could be implemented immediately,
whereas the other two could be handled in batches as described in
my previous note.
If we look at a more complex possibility, e.g that users could create
their own rejection thresholds, so that the accept/deny outcome would
only become apparent after spam-rating. Nevertheless, if there's a
significant proportion of users who don't have personal spamratings,
then all of *those* users can be processed in a single batch, and only
the ones with individual ratings would need to be handled on a
one-recipient-per-transaction basis.