NetBSD-Users archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Any postfix+dspam experts out there?
paul%whooppee.com@localhost said:
> The problem occurs when a "foreign" client uses my backup MX relay machine.
> This machine is part of my own network, so it gets included in the primary
> server's $mynetworks (via 'mynetworks_style = subnet'). Unfortunately this
> seems to cause my
> smtpd_client_restrictions = permit_mynetworks,
> check_client_access ...dspam...
> to permit the message without triggering the dspam filter.
You need to duplicate the anti-spam filtering on any backup MXes.
Another approach is to eliminate backup MXes. If your primary server is
solid, a backup server on your own network doesn't cover any problems with
the link to your ISP.
Note that even if your primary server did filter mail from your backup
server, that just gets you into the bounce vs reject mess. If your primary
server rejects it, your secondary server can either drop it or send a bounce.
If you don't send the bounce, the sender of legitimate mail doesn't know
that it didn't work. If you do send the bounce, and the return address was
forged (which is common on spam), the bounce will go to an innocent victim.
Google for backscatter or outscatter.
There are similar problems with mail forwarding. The forwarder needs to do
good filtering and the catching site needs to white list the forwarding site
and the user needs to tolerate the crap that gets through the forwarder's
filter.
--
These are my opinions. I hate spam.
Home |
Main Index |
Thread Index |
Old Index