Paul R. Ganci wrote:
Alan Premselaar wrote:
Philosophically, it makes more sense for SpamAssassin to focus on
identifying SPAM, and let another application (MTA, procmail, etc)
focus on what it was primarily designed for: processing
(delivery,rejection,etc) of said email. It's certainly no more of a
hassle to add a procmail rule to dump a blacklist hit to /dev/null
than it is to add a procmail rule for other delivery options.
There may be cases where it would be very inappropriate for *any*
mail, blacklisted or not, to be dumped to /dev/null.
I don't disagree with most of what you said. However, I don't
necessarily agree with the above because while I can add a procmail rule
to handle a specific user's blacklist I can't get back the wasted CPU
cycles which spamassassin expended ... perhaps all I am really asking is
if there is a way to allow spamassassin to just stop processing a
message that is in a blacklist to save the cycles? I am not asking for
spamassassin to become an MTA/MDA.
In that case it would be ultimately more efficient to add a rejection
rule to your MTA (i.e. sendmail's access db) than to even rely on SA's
blacklisting (even if it did stop processing after determining the
blacklist hit)
Privately Ed Kasky raised the good point about spoofing. I believe
whitelists have to have the full weight of a spamassassin scan to catch
messages with spoofed addresses. But blacklists ... I don't believe
suffer this problem. Yes I might receive a spam message from somebody
spoofing an arbitrary Email address. If that address happens to have
@ebay.com then I am highly unlikely to blacklist it. If it is from
@anybody.com then unless I have some reason to believe that I should
expect legitimate Email from that address, I argue that blacklisting it
does no harm and that any message found to be on a blacklist could be
processed with the minimal of effort by spamassassin. But then what do I
know? :)
My (not so clear) point is that there may be situations such as
Corporate Policy, for right or for wrong, disallowing the discarding of
*any* mail prior to delivery. We certainly don't have that policy here,
but I've seen it come up in discussion before.
I'm certainly not saying it's a bad Idea, I'm merely expressing some of
the points that have come up in conversation on the list previously. On
the flipside, I handle all my "don't need to waste processing time by
calling SA" type transactions from within MIMEDefang and have been quite
happy with my configuration. I personally wouldn't benefit from this
type of feature, but neither would I suffer.
anyways, just my opinion.
alan