[linux-elitists] Swen

Martin Pool mbp@sourcefrog.net
Mon Sep 22 16:01:24 PDT 2003


On 22 Sep 2003, Tilghman Lesher <zgp-org@the-tilghman.com> wrote:
> On Monday 22 September 2003 12:40 pm, Ari Jort wrote:
> > On Sun, Sep 21, 2003 at 11:39:13PM -0800, tek wrote:
> > > > An elitist receives their mail through a shell box where they
> > > > can run server-side procmail or spamassassin filtering.
> > >
> > > i would tend to disagree.
> > > A elitist blocks them at smtp. why let them on the box at all?
> >
> > If you block at smtp-time how do you guard against false positives?
> > You'd never know because you'd never see the mail.
> 
> On the contrary; if you block the message at the SMTP level, the
> sender gets an error.  The blocking error message should include
> something intelligible on why the message was rejected, and the
> sender can fix that problem with their message and resend.

Consider the possibilities:

1- The message is from a spammer.  The error message costs them
nothing if they ignore.  By studying the bounce messages they see how
they can adjust their garbage to get past them in the future, e.g. by
putting less exclamations in the subject.

2- The message is a mail worm with a forged from address.  The bounce
is likely to get back to the forged sender, who can do nothing about
it.

3- The message is a real message from a person you want to correspond
with: your customer, your mum, or someone helping you with software.
They get a bounce message, probably with some text that only a Perl
programmer would consider 'intelligible'.  (Explain to your
grandmother how to fix the error BAYES_70.)  Possibly they can't fix
it.  Possibly they are offended that having spent time e.g. explaining
how SMTP works, you now rudely refuse their mail because of your
misconfigured software.  (The social dynamic is similar to TMDA.)
Possibly they are unable to resend their message.

All of these possibilities are bad.  Putting probably-unwanted
messages aside where they can be scanned by a human and delivered
later is the only reasonable solution.

Ideally there should be no false positives, but if there are false
positives then they should be handled without embarrassing the
filter's user in front of their correspondents.

-- 
Martin 



More information about the linux-elitists mailing list