John D. Hardin wrote:
On Tue, 31 Jul 2007, mouss wrote:
running SA at smtp time requires that the client does not timeout.
so you'd better scan fast! you're also more subject to DOS (your
smtp listeners are busy). compare this to queue and filter...
okay, here's a sick idea:
(1) MTA completes the SMTP exchange and responds with a 4xx after DATA
finishes.
(2) MTA passes message off to SA, then stores a hash of
message-ID/score. MTA then discards the message.
(3) When the remote MTA retries (if it retries) then the MTA looks up
the score in the hash and decides whether to 200 or 5xx the message.
All of the benefits of both methods! :)
Sort of like grey listing, which I do run on my personal domain, but I
wouldn't use that method because of the inherent delay caused by the 4xx
retry.
Neat idea though.
Regards,
Rick
