Dovecot Sieve and Postfix header_checks Issue

Reindl Harald h.reindl at thelounge.net
Fri Sep 26 16:40:36 UTC 2014 

Am 26.09.2014 um 18:18 schrieb Klaipedaville on Google:
>> it is true and besides the german legal letter below you violate a second law at the same time - that is why you have to run a spamfilter *before queue* and sa-milter exists - in case you reject a message
>> the sending server is responsible for a bounce
>>
>> in case you accept and silently drop it you have a unacceptable configuration - independent of laws - in case of a important and time critical mail i need to know it was rejected and so can call the person by phone or try to >remove something which triggered a false positive
>> ____________________________________________________
>>
>> there are two important rules for mail:
>>
>> a) if you accept it you have to deliver it
>> b) if you can't deliver it you must not accept it
>>
>> if you follow b) you don't become a backscatter
>>
>> http://www.postfix.org/MILTER_README.html
> 
> Yep, that's correct about point b). Plus, I also personally agree that rejecting is better, than having it silently discarded. Good thing is that I do not reside in Germany so I am safe on that 
> 
> In fact, postfix before-queue content filter has limits in the amount of mail that a site can handle: http://www.postfix.org/SMTPD_PROXY_README.html therefore legal part of this in Germany limits all German people on resources as every single person is forced to run before-queue filters which in my opinion has its own disadvantages on top of everything else and despite the laws as well.

that's no problem because with RBL weighting and postscreen you reject 95%
of the crap before it ever touchs smtpd or even the contentfilter

that stats below are about a maillog starting with Sep 18 19:50:39
for some hundrest domains and currently 2000 valid RCPT, if the
contentfilter has to handle most of your incoming flow you made
a mistake by not reject earlier with "cheaper" methods
___________________________________________________

that part never touched the contentfilter

Invalid User:      3074
Disallowed User:   2
Reject Postscreen: 148451
Reject Postfix:    6225
Blacklist:         144880
Pregreet:          5143
Protocol Error:    1607
Helo:              190
Sender Blocked:    200
Sender Invalid:    229
Sender Spoofed:    847
PTR Missing:       1347
PTR Generic:       319
___________________________________________________

Connections:       185848
Delivered:         20293
Invalid User:      3074
Disallowed User:   2
Reject Postscreen: 148451
Reject Postfix:    6225
Reject Temporary:  507
Blacklist:         144880
Pregreet:          5143
Protocol Error:    1607
Spamfilter:        2297
Virus:             115
Helo:              190
Subject:           42
Attachment:        0
Sender Blocked:    200
Sender Invalid:    229
Sender Spoofed:    847
PTR Missing:       1347
PTR Generic:       319

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20140926/201bece9/attachment.sig>

More information about the dovecot mailing list