Spam filtering bcps
Matthew Sullivan
matthew at sorbs.net
Wed Apr 12 23:56:12 UTC 2006
Bryan Bradsby wrote:
>>Silently deleting other people's e-mail should never even be considered.
>>
>>
>
>Unless that email is a virus, or a spam with a forged envelope sender.
>
>
Why? - You can scan for viruses inline using a variety of products (eg:
I have patched Postfix to use clamav inline on modest hardware (single
CPU AMD64 will do it, so will a Dual PIII 866) and it will accept
messages at 50 messages per second (sustained load) and scan for viruses
before responding to the end-of-data command, rejecting if a virus is
detected.).
Spam is a different subject altogether - are you that sure you can
detect spam without a false positive? If so then why aren't you doing
it inline? If you can't why are you blindly deleting the messages? - My
BCP comment is if you can't detect inline (eg for performance reasons)
tag it and deliver it (if you have the capabilities, deliver it to a
junk folder) - that way you are following the RFC's and no non spam mail
is deleted by the system.
Regards,
Mat
More information about the NANOG
mailing list