Oliver Egginger пишет:
>> Use of this "intelligent" behavior of MTA we can handle mail
>> transactions more accuracy. This is very simple and efficient way.
>
> We use a similar approach. I wouldn't call it "simple". I wouldn't call
> it "\"intelligent\"". It's simply hard work. We combine asn, hostname,
> rbl and helo tests, dns adress verifikation and several other sanity
> checks in the pre data phase. Nevertheless, a lot of spam and malware
> pass through. Only a (full featured) spamassassin in conjunction with
> clamAV is able to clean it up.
Yor just not understand the basic terms of my post. Or, maybe, my English so bad, that it is hard to understand what I
write. :-)
I never say "Do not use bayesian filters!".
I never say "Do not use antivirus!"
As about "intelligence":
Three of four check is not "intelligence behavior", but ~20 tests + greylisting + challengelisting + blacklisting +
whitelisting and using the MTA logic to manipulate of all of this is really intelligence.
> Nevertheless, a lot of spam and malware
> pass through.
Try to use a well-known construction, just above virus checking in Exim configuration:
acl_check_mime:
warn decode = default
drop message = Blacklisted file extension detected.
condition = ${if match{${lc:$mime_filename}}{\N(\.cpl|\.pif|\.bat|\.scr|\.lnk|\.com|\.hta)$\N}{1}{0}}
accept
You would be surprised, the volume of viruses will decrease about a half.
