著者: W B Hacker 日付: To: exim users 題目: Re: [exim] we all agree, let's drop that spam
Rick Duval wrote: > When you say you cycled through, did you split the mmulti-recipient
> message into separate messages?
No.
You cannot do that *during* a conventional smtp process.
In effect:
The recipients are 'proposed' by the sender.
The receiver indicates accept / reject.
Both build a 'list' of each.
*IF THEN* there is at least ONE recipient left, the message is handed
over. There is only ONE message.
Sender tells those rejected.
Receiver puts ONE message copy into its queue, separately (usually)
stores the delivery list.
Each recipeint on the list is handed a copy of the message.
Once the last one has been satisfied, the 'master' copy AND the list are
deleted.
> If so, can you tell me how you did
> that. I'm implementing a similar system and want to treat each
> recipients email seperately, each with their own filter values. I'm
> trying to find an easy way to split the message into separates and
> then queue them for MailScanner.
As above - you cannot do that within the present-day smtp 'standard'
because once you have agreed to accept the message (DATA phase) it is no
longer possible to tell the sender 'in real time' that you are now
changing your mind and rejecting for one or more recipients.
EXCEPTIONS:
- Postive: Both sender and receiver are running courier-mta, which DOES
have such a feature the past ten years.
- Not-so-good: Sender is running QMail, which splits the message into
one-at-a-time before sending, then sends 'many' in parallel. Looks like
a zombot, though.
>
> I'm currently doing this but only the first is evaluated, so all of
> the recipients can have that piece of mail accepted or rejected based
> on the first recipients filtering choices.
>
What works NOW is to:
- set a reasonable max threshold, accept below that, then 'quarentine'
by delivering for those with tougher standards into a bespoke folder
(IMAP recommended). Let the user decide how often they bother to look
into that folder. There can be more than one level of 'severity'.
- ELSE limit all incoming to ONE recipient at a time.
But that breaks compatibility with the standard, as one *should* accept
(at least) 100 per each go.
If you have mostly one-recipient at a time *anyway* (as we do) no one
will notice.
If, OTOH, you handle say five to ten - or several hundred - who have
been copied, taking them aboard one-at-a time means the last person
might see the same message minutes, hours - even a day later than the
first recipient. OR NOT (get it at all...).
That doesn't fly well when they are in the same office.
;-)
What you want to do is not new.
It has been done for years with post-smtp milters, where the mail is
accepted by the MTA, THEN LATER a filtering/scannig/'tasting' engine
reviews it and optionally composes and sends a DSN rejecting soem messages.
Doing that runs a risk of backscatter spam abuse.
AND is a bit of a lie - in that the message WAS accepted on-box, (a 250
OK sent) MAY have been retained, yet is LATER said to have been rejected.
Finally - there is another tool in the arsenal.
IF you can place your users into, for example, four separate
<domain>.<tld> THEN you can take advantage of the fact that incoming
will be grouped by <domain>.<tld>, and place the users into groups with
similar spam thresholds.
