Hi, Am Freitag, den 24.08.2018, 10:50 -0400 schrieb Dianne Skoll: > On Fri, 24 Aug 2018 12:10:41 +0200 > Marcus Schopen <[email protected]> wrote: > > > That's why I want to reject it, but inform the recipient - > > not the sender - about the rejection. > > I think this is a terrible idea for two reasons: > > 1) What is the recipient supposed to do with the notification? Most > recipients are not technically savvy and are more likely to panic > than > do anything else.
That might me right in most of the cases. But if you do a "silent" reject, this has to be communicated very clearly to the recipient, as well as rejecting at a spamassassin score of >= 5. This is nothing you can decide on your own as postmaster, just because it makes sense. > 2) Unless you do some sort of rate-limiting, a poor recipient may > find > herself swamped with emails to the effect "You almost received a > virus, but we cleverly stopped it!" > > IMO, REJECT is the way to go. In the 99.99% of cases where it was a > virus, > nobody will see the failure notification... but nobody needs to. In > the > rare case of a false-positive, the sender will see the failure > notification > and can pursue further action. I agree that most detected virus mails (I use clamav) are virus mails. But I myself got some valid emails from Amazon, which were marked as "Heuristics.Phishing.Email.SpoofedDomain" and therefore those emails were rejected. My mimedefang-milter configuration was set to bounce, so I didn't know I got these false-positives. It was just luck that I found those emails when checking "/var/spool/MD-Quarantine/". Cheers, m _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
