[Mimedefang] Spam through trusted mx relay

[Kees Theunissen]

On Mon, 29 Jan 2007, John Rudd wrote:

> The choices you have (for both spam and viruses) are:
>
> 0) Do nothing (just let the mail flow and be delivered)
> 1) Mark spam or Clean viruses, and Deliver (let the user deal with it via user
> initiated filters and practices)
> 2) Quarantine
> 3) Discard (RFC violation, and generally an irresponsible practice)
> 4) Bounce (meaning "accept, and then send back) (also irresponsible)
> 5) Reject
>

[ ... explanation why options 0 to 4 are a BadThing(tm) to do ]

>
> That leaves #5.  The cost of #5 is that your detection system has to be fast
> enough to do the detecting during the SMTP session.  Much less impact on
> storage and processes (the drawbacks of #2), isn't an RFC violation (#3), and
> isn't doing all of the things that are wrong with #4.
>
> If you have enough speed to keep up with #5, it is the best of the 5 options.

Yes in general I would agree with this. But David Koski was talking
about a MX host relaying messages for his domain.
By rejecting the message you know for sure that you force your MX host
to discard or bounce the message; options 3 or 4 are the only options
left for the MX host when you reject. So rejecting a message that has
been accepted by your MX host is as bad as bouncing or discarding
directly at ypur server. And yes, it _is_ in a certain way your
problem: that MX host is trying to do you a favor by relaying your
mail. It _not_ just some open relay used by a spammer.

IMHO nobody should use a MX host if he/she is not willing to accept all
messages relayed by that MX host.
If you want or need to use a secundairy MX host you better choose
a host that can do all filtering you need. You're too late te reject
a message if it has been accepted by your MX host.

Regards,

Kees.

-- 
Kees Theunissen
F.O.M.-Institute for Plasma Physics Rijnhuizen, Nieuwegein, Netherlands
E-mail: theuniss at rijnh.nl,  Tel: (+31|0)306096724,  Fax: (+31|0)306031204