Fedora Core 2 wishlists

[Chuck Mead]

Chris Adams wrote:
> Once upon a time, Chuck Mead <csm at redhat.com> said:
> 
>>Why not just block this garbage at the smtp port and stop all this silly 
>>post-receipt processing? Postfix can do this!
> 
> 
> Because that is not acceptable.  First of all, anyone that blocks email
> to postmaster and abuse email is violating RFCs.

I don't think I have ever recommended that in a corporate environment 
(nor was I here) and that is one of the things that is problematic with 
access checks themselves as they (if implemented that way) may block 
mail based upon it's point of origin regardless of sender or content. I 
much prefer to attack the offending content as opposed to the offending 
ip address, host, or domain.


> Second, not all of our
> users want the same spam filtering; some opt out of Brightmail (which is
> what I'm talking to with a milter) for example.  Brightmail works by
> sidelining spam, so that if there is a false positive, the user can
> fetch the message via a web interface.  Content based checks cannot be
> done at the "smtp port"; you have to accept the message and then process
> it.

Content based checks *ARE* done with postfix at the SMTP port and that 
was my point... using postfix I can certainly block via host, email 
address, network ip or range the same as I can with sendmail but I can 
also block content at the SMTP port using mime_checks, header_checks, or 
body_checks using regexp or pcre. I have a suspicion that the fact you 
are unaware of that capability is *why* you prefer sendmail. :-)

> Telling someone that what they are doing is "silly" is not exactly a way
> to sway their opinion.

Sorry... I wasn't denigrating you (just the action which, to me appears 
artifically self limiting) so no offense intended.

-- 
Chuck Mead <csm at redhat.com>
Instructor II, GLS
Disclaimer: "It's Thursday and my name is Locutus of B0rk!"
Addendum: "Bwahahaha! Fire up the orbital mind-control lasers!"