Question about spamassassin using MySQL
Benjamin Scott
dragonhawk at iname.com
Mon Apr 25 21:56:01 EDT 2005
On Apr 25 at 3:13pm, Bruce Dawson wrote:
> Steven: Thanks for the clarification. I was under the impression that the
> milter is called only after the message had been received.
Obviously, in order to do content analysis or other magic on a message, you
have to receive the content. As I understand it, what these tools do is allow
the SMTP "DATA" verb to be sent, and to receive some or all of the data from
the sender. Then, before the SMTP result code 250 ("Message accepted for
delivery") code is sent, the filter runs and makes a decision. If the message
fails, an SMTP error status code is sent instead.
This is fine as long as your mail volume is reasonably low. As mail volumes
increase, however, it becomes impractical to do this all in "real time" on
your MX.
That's why I have mixed feelings about sites that do unilateral blocking
based on blacklists. Many of these systems find 75% of their mail volume is
bogus (spam, worms, phishing, and backscatter). They get faced with the
proposition of lowering the load on their systems by 90% at the cost of 5% of
their legitimate mail. If you're an ISP trying to get by on paper thin
margins, that might be considered "acceptable losses". Of course, that's cold
comfort to those who (like me) *are* the acceptable losses. :(
Spam sucks.
--
Ben <dragonhawk at iname.com>
More information about the gnhlug-discuss
mailing list