[Techtalk] re: Postfix reload

Travis Casey efindel at earthlink.net
Tue Sep 16 15:48:44 EST 2003 

Tuesday, September 16, 2003, 1:46:25 PM, Carla Schroder wrote:
> On Monday 15 September 2003 11:47 pm, showercurtain wrote:

>> This is the bit I'm confused about. When postfix is configured to
>> block certain traffic, what exactly happens to that traffic, where
>> does it go? If some email to our organisation is blocked by the RBL,
>> does the sender automatically receive a bounce message? 

> OK, let's make sure of our terminology- Spamassassin is not a RBL, it's a 
> filter. You know that. :) So yes, sending bounce messages from Spamassassin 
> is a waste of time, because it does not have the ability to get past forged 
> return addresses. 

Well... that depends on what you're doing.  We're using Spamassassin
here, and we do wind up blocking some legitimate email -- generally
from folks who have "spammer-like" email addresses like
joe358 at aol.com, like to use ALL CAPS, put exclamation points in their
subject lines, and use services like AOL with mail servers that often
manage to wind up in blacklists.

Now, if it were up to me, I might just ignore these people -- if
you're going to send mail that looks like spam, you ought to expect it
to get ignored.  Unfortunately, we're a government agency, and the
people who write in all caps and use lots of exclamation points are
often also people who like to complain to their representatives.  And with
10,000+ incoming emails/day, we have a hard time getting a zero
false-positive rate.

What we've wound up doing, then, is having a bounce message which
basically says, "Your email has been rejected as possible unsolicited
commercial email.  If you feel this is in error, please contact
postmaster@<our agency>.  If you would include a copy of the message
which you tried to send, that would help us to tune our filters."

We also included postmaster in an "all-spam-to" line, so no one ever
gets blocked from sending to our postmaster.

Now, of course, there will be some forged addresses where folks who
never sent us email are getting bounce messages... but from my logs,
it looks like most spammer-forged addresses just don't exist.  In our
situation, we think it's a necessary evil.  It especially won't do
for, say, someone to send a query about their permit application and
not know that their query never made it to us.

-- 
Travis Casey
efindel at earthlink.net

More information about the Techtalk mailing list