Re: Another open source anti spam framework
- Hello Blake
>Yes, i plan to implement reject (and a quarantine handler) as well. For my use case (for which Decency was originally implemented;)) i did not use pre queue content filters, and simply forgot about it. Should be fairly simple and it will be definitely part of the 0.2.0 release. Thanks for pointing it out.
>>> Ok, that was not lucid, i agree. I clarified this on the about page, respectively left it the reject-part out to prevent misunderstandings. However, the Detective server actually can bounce the mail, if he is configured to do so in the spam.handle directive. There are four different handlers:
>>> 1) tag: Default handle. Mail will be tagged (with a X-Decency-header and possibly a Subject-header prefix, if configured).
>>> 2) ignore: Nothing happens to the mail. For testing (and log analysis).
>>> 3) delete: Mail will be silently deleted. I clarify that this is not a good idea in the docu. However, there is the possibility to send a mail to the recipient ("You received SPAM, we deleted it").
>>> 4) bounce: The recognized SPAM mail is bounced back to the sender. The valid scenario for this is an outbreak-prevention mailserver in which the sender wants to know whether the mail he send himself would be recognized as SPAM.
>> but none of the cases REJECTS spam-mails
>> the spamfilter has to answer with 5xx to the sending server
>> 1) and 2) does finally nothing
>> 3) MUST NOT happen
>> 4) SHOULD NOT happen
> 1 (Tag): would ideally allow a downstream module such as a "quarantine
> module" or "move to junk folder module" to take action. As you
> mentioned, the tagging itself does not impact mail flow.
> 2 (Ignore): As you mentioned, does nothing to affect mail flow
> 3 (Delete): Isn't DISCARD one of the options in amavis? I think it
> should be strongly discouraged, but I also think it should be
> implemented... or could be implemented by a downstream module.
> 4 (Bounce): This seems OK in the case of an outbound server where sender
> addresses are verified, perhaps via SMTP auth. Definitely bad for
> incoming mail where senders can be spoofed (or any other setup where
> sender addresses are not 100% verified) and backscatter would likely result.
> It might be nice to also have an option to REJECT, so that this tool
> could be used as a pre-queue content filter - aka proxy_filter.
Don't like SPAM? Check out: