On 12/27/2010 12:42 PM, David F. Skoll wrote:
On Mon, 27 Dec 2010 12:37:00 -0800
Ted Mittelstaedt<t...@ipinc.net> wrote:
greylisting, though, is by far the best. But I have noticed an
increasing number of sites out there - and this is large sites - who
apparently are honked-off that people greylist, and they will bounce
delivery of mail that is issued an error 4xx in violation of the
standard. Off the top of my head I seem to remember seeing this from
several airline company mailers that send out the advertisements to
their frequent flyer members, and that send out electronic ticketing
receipts. Jerks!
What you may be seeing is marginal SMTP client software that doesn't
know how to handle a 4xx response to RCPT. There was even some
commercial software that couldn't deal with this properly (Novell
Groupwise, I believe, though it has long since been fixed in that
product.)
BTW, this is another reason we do our greylisting post-DATA. Although
it's slower and uses more bandwidth, it does avoid problems with
marginal SMTP clients and it does let us use the Subject: as part of
the greylisting tuple, which greatly increases greylisting
effectiveness.
We do not find virus-scanning before spam-scanning to be effective. A
tiny percentage of our mail is flagged as containing a virus,
That's subject to interpretation I think. I would guess that your
LEGITIMATE mail is ALSO a tiny percentage of your total received mail. ;-)
The real question is, do you get viruses that would make it past SA? We
do, for the simple reason that we have some users who regularly get mail
that is normally flagged as spam - and they WANT that mail - so we
list them in the exemption (all spam to) list. The virus filtering
makes sure that they don't get hosed down.
Of course, you can do virus scanning post-SA to capture these.
Ted
so it
doesn't really reduce the amount of mail that would need to be
spam-scanned.
Regards,
David.
