Incoming SMTP in the year 2017 and absence of DKIM

Grant Taylor gtaylor at tnetconsulting.net
Thu Nov 30 21:07:33 CST 2017


On 11/30/2017 12:16 PM, Owen DeLong wrote:
> it’s a rather large PITA for a small site with an admin that needs to count on 
> most things running on autopilot most of the time in order to survive.

I have to disagree with that.

I've been running SpamAssassin for > 15 years and have found it to be 
mostly trouble free.  -  I have cron jobs update it's files and rely on 
milters to accept / tag / reject messages.  -  I spend very little time 
caring for / feeding SpamAssassin.  Probably < 5 minutes a month.)

Sure, I occasionally fiddle with things, but that's because I want to, 
not because I need to.

> So, while it might be a higher-quality solution, I’d argue that it’s not completely 
> “better” in that any autopilotable configuration of it involves a high degree of 
> false negatives or an unacceptable level of false positives.

I've had fairly good luck with autopilot.  I also don't see many false 
negatives.  Nor do people report false positives to me.  (Granted, I tag 
at 5 and reject at 15.)

> People who want to be malicious are usually less willing to do so if they know that
> they will be identified, so actually, it does help.

Agreed.



-- 
Grant. . . .
unix || die

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3982 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20171130/a652f992/attachment.bin>


More information about the NANOG mailing list