On 8 Jul 2017, at 15:26, Alex wrote:
[Quoting me]
2. That MIME structure is pathological. It merits a specific hard
rejection with a derisive text part. Anything generating FPs (never
seen one...) needs spanking.
I don't understand?
The message is labeled as multipart/mixed but it only has a single
text/plain part. That's formally valid but it's still WRONG. As far as I
have seen, nothing that isn't designed as spamware will generate that
structure, so moving that check ahead of SA as a hard failure with the
rejection reply having a unique text part (e.g. "554 5.7.1 Your spamware
is too lazy to make me bother with real filtering") so you can identify
incidents in logs.
3. Horrifically bad Received-SPF header, but I guess probably that's
generated by something broken in *your* system, so isn't relevant.
Yes, that SPF header is added by us. How is it broken?
Whatever generated it does not know its own name and created a comment
field that is pointless. It's not formally invalid but it is unlike any
other in my mail corpus and would be highly suspicious on incoming mail
(but since you're generating it on receipt, it's not any sort of risk.)
[...]
Rarely do legitimate emails get sent to the quarantine, and only our
administrators have access to it, but sometimes it's necessary, and
avoids a big explanation and a bigger apology to the customer.
In the places where I've been directed to implement quarantining, it has
proven a worse support problem than outright rejection of actually
legitimate mail could reasonably be. The problem is that it is
effectively a silent ailure: mail arrives and is acepted for delivery
but isn't delivered. Maybe someone notices, but maybe days later or
never. An explicit rejection of a message is quickly noticed by the
sender, allowing for quick fixing of the error.
