REJECT-ON-SMTP-DATA (Re: Mail Server best practices - was: Pandora's Box of new TLDs)
justin at justinshore.com
Tue Jul 1 21:17:16 UTC 2008
Chris Owen wrote:
> The lack of a spam folder is one of the problems with such a solution.
> Having a middle ground quarantine is actually quite nice.
> However, the biggest problem is these solutions are global in nature.
> We let individual customers considerable control over the process. They
> can each set their own block and quarantine levels, configure their own
> white and blacklists and even turn the spam controls completely off.
> For various reasons none of that would be possible with this solution
> and all the implementations you link to all run with a single global
I can think of one spam filter that does give both you and your users
individual control over all of these settings while still rejecting mail
during the SMTP dialog including the DATA phase: CanIt-Pro.
CanIt-Pro is a mail filter or 'milter' in Sendmail-speak. It
essentially connects into Sendmail from the side. Sendmail calls on it
during the SMTP dialog with the remote MTA, giving CanIt-Pro the
opportunity to work its magic before the message is accepted for
delivery which allows from rejecting mail right up until the last second
RFC 2821 permits it. I use CanIt-Pro for this very reason. Each user
can have their own individual mail "stream" in CanIt terminology. Each
user can define white/blacklists by senders, domains and hosts. Users
can block or permit by MIME types or perform actions based on attachment
suffixes. They can write their own rules with regexs against the
headers or body as well as checking to see if a sending domain matches
that of the relaying MTA (not always accurate but often is; ebay.com is
a good example). Users can enable or disable individually configured
DNSBLs or change the score. They can even define rules based on SPF
values. Each user gets their own bayesian DB as well.
You as an admin can disable any of the above features on a per-user
basis so you can make it as simple or as complex as you want. You can
also pre-define streams with specific settings that users can subscribe
to if they don't want the more fine-grained control. I created a stream
that only tags suspect spam. I also created 3 streams with varying
levels of aggressiveness.
Have you ever heard the phrase "a pilot's plane"? Well I would liken
CanIt to being the equivalent for mail admins and their spam filters. I
first started using the OSS predecessor to CanIt back in late 2000 or so
called MIMEDefang. MD is still the underpinnings of CanIt. When you
buy CanIt you also get the source code so you have the ability to code
in custom things if you have the need and desire. It's perfect for SPs.
BTW, I'm not a Roaring Penguin employee. I'm just an impressed user of
their products so they've earned my loyalty.
More information about the NANOG