Hello Paul, >> If you program the MTA to accept-analyze-drop messages, you risk a >> false positive not being noticed; if the MTA rejects a legitimate >> message, the sender will not get a report about the error.
PJS> What risk of false positives wrt virus-scanning? Are PJS> virus-scanner so unreliable as to generate false positives? Can PJS> you back up this assertion? I'd be most interested in hearing PJS> about this. False positives in virus-scanner usually indicate a PJS> bug in the signatures. I was speaking to the generalized case of filtering, which includes spam filtering. If a legit message is tagged as spam by an MTA that then drops it (rather than bouncing), the sender doesn't know about it, until they realize they never got a response. Since you can't trust the envelope sender nowadays, bouncing a message after you've accepted the message and sent a "250 OK" is a bad option. I guess the proper way to do this is to receive the message, process it through all filters, THEN acknowledge the receipt to the sender. I just don't like the idea of allowing all my bandwidth to be used up receiving something I could reject earlier in the process... B-) False virus positives are less prevalant today than they were 5 or more years ago. I remember having to disable Norton AntiVirus for a few weeks in the early 1990's because it insisted that one of the most popular access programs for CompuServe was a virus... -- Jeff Brenton Vice President, Engineered Software Products, Inc http://espi.com Questionable web page: http://dididahdahdidit.com Liberalism grants you the freedom to advocate any idea*. * Please see http://www.dididahdahdidit.com/except.php for a current list of exceptions
