Scott Lamb schrieb am Fri, Apr 26, 2002 at 01:24:54AM -0500: > On Fri, Apr 26, 2002 at 07:32:25AM +0200, Birger Toedtmann wrote: > > Mmmhhh. Isn't this a very dangerous thing to do to the cyrus system? > > Not the idea as such but their implcations: I imagine a slow/broken DNS > > and 100+ incoming mails/min. I imagine a system with thousands of half- > > hanging cyrus processes that try to do some name/ip/rbl lookups. > > Not sure. Is this fundamentally different from the LMTP client being > sluggish? Does Cyrus deal with that well?
However, you increase that problem by adding DNS lookups or <whatever> to lmtpd that depends on other network resources behaving correct/fast. External information referencing add complexity and dependencies. [...] > > > Seems to me it would be better to have the MTA mark the mails with some > > additional header on conditions described above by you. You publicise > > these headers to your users and they may filter on the header content, > > not sieve-DNS-lookups..... > > To summarize my objections: > > - it's not possible to automatically determine what's available for this, > for like a wizard to set up UCE stuff. the Sieve extension should make that > possible. > > - users don't have as much control. I.e., they can't say "I want to use > some.random.rbl.domain" unless the admin has configured for it. Right. So I think it's a "somewhere in between". Users have to get some information out to the admin what problems they experience with spam and which RBLs or <whatever pattern recognition> they may need to be able to filter it themselves. But this talk between users and admins has always been the play of the game - you may never grasp a problem unless a user informs you about it. But if user A complains about mails that he does not want to see it may not at the same time apply to user B. So if the admin adds a mark only, the can continue to do what they like. > > > Alright the slow-DNS-problem applies to MTAs as well - but they are _built_ > > for this purpose, cyrus is not, is it? > > Hmm. What's different about them to make that true? What I wanted to say is: Cyrus (AFAIK) takes a mail and stuffs it into some mailbox *only according to internal information*. That's its design as a closed mailstore system. No external referencing, no DNS lookup etc. This makes it less complex (anyway complex enough for a lot of people) and very fast and reliable. So adding DNS lookups to it would break this sealed concept. On the other hand MTAs have since they existed dealed with DNS and the like as sources of external information. Its their business and as ever been it. I'm not to say that this should remain forever even if good reason exist to do otherwise. But does it? Just my .02c, Birger
