Mailinglist Archive: opensuse-security (88 mails)

< Previous Next >
Re: [suse-security] ezmlm warning
  • From: Adi Pircalabu <adi@xxxxxxxxxxxxx>
  • Date: Mon, 03 Apr 2006 19:23:26 +0300
  • Message-id: <44314BFE.4080301@xxxxxxxxxxxxx>
Michel Messerschmidt wrote:
Carlos E. R. said:
Well, the only way to reject an email because it is considered spam is
after complete reception; the scanning is surely done later. It is simply
a «bad thing» to bounce back spam.

Not always.
Sometimes you want to reject messages as spam based on certain well-known
(at least for a small timeframe) source IPs, FROM or RCPT-TO addresses

All due respect, you're wrong here. Bouncing is evil, it can fill up your bandwidth, and, somtimes, the bounce ends in the wrong place. You can also hit and annoy enough recipients (victims in this case) to get listed in various RBLs all over the net.
Why: because most of the spam / virii use fake MAIL FROM: and FROM: fields.
What you can do, instead of bouncing, is collect and report the spam.

(for example to reduce the load on the mailserver).

Well, how do you reduce the load of a mailserver by bouncing spam?
Here is the scenario: the message hits your mailserver and is analyzed. It is marked as spam and is bounced back, most probably to a forged address.
Where exactly during this process do you save resources?

Adi Pircalabu

< Previous Next >