[linux-elitists] Current client-side anti-spam best practices

Ben Finney ben@benfinney.id.au
Tue Sep 26 14:52:09 PDT 2006


On 26-Sep-2006, glen martin wrote:
> Jeff Waugh wrote:
> > I receive most of it via mail aliases on foreign machines, so my
> > MTA can't smack most of it down on the way in (I rarely get spam
> > through it).
> I'm not sure I understand this: after going through the remote
> alias, does the adulterated message not come in through your own
> MTA?

If one wants to reject an incoming message because it appears to be
spam (or other malicious mail), the correct time to do it is while one
is engaged in the SMTP conversation with the party sending it.

The problem with a remote alias is that the host who sent the message
has their SMTP conversation with the remote machine; if one doesn't
reject it at that point, but *does* reject it at the end-point MTA,
the remote alias MTA will have to send a bounce message. That message
will go to the almost-certainly-forged sender address, instead of
directly to the host that tried to send the message in the first
place.

So the only other option is dropping it on the floor, which is a poor
substitute.

-- 
 \     "[W]e are still the first generation of users, and for all that |
  `\     we may have invented the net, we still don't really get it."  |
_o__)                                                 -- Douglas Adams |
Ben Finney <ben@benfinney.id.au>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
Url : http://allium.zgp.org/pipermail/linux-elitists/attachments/20060927/0d92ddba/attachment.pgp 


More information about the linux-elitists mailing list