[milters] Archive

Lists Index Date Thread Search

Article: 637
From: Anthony Howe
Date: 2005-07-02 04:53:36 -0400
Subject: Re: more private Re: New milter-spiff : A SPF-Classic

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

Michael Elliott wrote:
> One more thing.  A heavy vote against fail-discard, and even more
> so against softfail-reject and softfail-discard.  
> 
> *-Discard means that the sending ISP tech sees a "status ok, message sent"
> and the message never gets to the destination.  I get about 2 service
> calls a week on stuff like that, and it makes it a bitch to trace.
> The milter is during the smtp session.  So, either accept conclusively, 
> or reject conclusively, don't leave a limbo case.

Sendmail supports a DISCARD in the access.db and as a milter action. I 
personally never use that prefering rejection or tagging. Yes. People 
can shoot themselve in the foot with any discard option, but there will 
always be someone who wants that flexibity to decide and experiment.

> Per the spec, softfail should be accepted and subjected to more
> filtering scrutiny.  It should not be rejected.  Specific examples

Thats a local policy choice.

RFC 2821 states the DSN null address must be accepted and there are 
clear reasons why, but people still choose to block MAIL FROM:<> for 
local policy reasons, which I'm very very much against. I however had to 
finally conceed that there will be sites that think blocking <> is 
clever and so implemented MxCallBackDsnBlocked in milter-sender as a 
means to fall-back on the grey-listing.

> are hotmail.com and aol.com.  Both are easily processed by milter-sender
> to verify that the users exist.  But, if milter-spiff rejects the mail,
> you are dumping legit mail.  My logs show 20% of the softfails from those
> two domains are killed by sendercallback.  Therefore, 80% is legit.
> Don't give the sysadmin that much rope to hang himself with.  If you do,
> at least give red warning signs saying that it goes beyond the spec and 
> domain publisher's wishes.  

Rope, matches, projectile weapons, and discard. Its a choice. The gene 
pool will tend to itself.

-- 
Anthony C Howe                                 +33 6 11 89 73 78
http://www.snert.com/       ICQ:
7116561         AIM: Sir Wumpus

Sendmail Anti-Spam Solutions           http://www.snertsoft.com/
                                             We Serve Your Server

Lists Index Date Thread Search