> I have also decided to stop using "deny" at the data ACL and instead
> either redirect to a webmaster alias or the bit bucket. I have reached
> the conclusion that denying spam or malware at data time doesn't
> accomplish anything useful. Using deny with a code at rcpt time has
> the feature of saving both internet bandwidth and server time, but
> after data, that damage is already done.
One theoretical reason I can see to do deny-at-DATA for a small
personal server is that it potentially sends a signal to large origin
sources like GMail that something questionable is up with email from a
particular account. I can imagine GMail looking for signals on outgoing
email like an increased number of rejections.
(For a large population, deny-at-DATA has the advantage that a sender
who is the victim of a false positive at least knows about it, and in
turn this may make adding more aggressive filtering more palatable to
your users.)
- cks
