8.04 MTA?

Scott Sharkey ssharkey at linuxunlimited.com
Wed Jul 30 14:14:17 UTC 2008 

Steve C. Lamb wrote:
> On Tue, Jul 29, 2008 at 01:37:01PM -0400, Rashkae wrote:
>> Can you clarify what you consider the 'right thing?'.. Chances are I'll
>> disagree, but I'd still like to know wtf your talking about.
> 
>     Content filtering and rejection at SMTP time.  IE, check for viruses/spam
> at the end of the data block and issue a 550 if either are found as a response
> to the data block.
> 
>     In spite of Derek's response Postfix is qmail-esque in that it has
> multiple programs to do multiple things.  Because of this the daemon which
> sits on 25 and accepts mail doesn't do the content filtering.  It passes it to
> something else.  However, last I checked, both postfix and qmail were
> incapable of doing content filtering until it passed the message to the next
> program in the chain.  However to pass to the next program in the chain they
> have to accept the message.
> 
>     Once the message is accepted they are obligated to either deliver it or
> issue a bounce.  Issuing a bounce on forged headers leads to extremely clogged
> queues.  By issuning a 550 after the data block the onus on issuing, and
> delivering, the bounce is on the remote side.  If the remote side is a virus
> engine then there's no worry.  If it isn't then their clogged queue is a big
> hint they might want to shut down the spammer/virus vector that is using them
> as a relay.

Your information about postfix is woefully out of date.  I've been using 
it for at least 5 years, and it has always had the ability to reject 
mail based on content during the initial smtp connect (admittedly, it 
does hand off the checking to various other programs like amavis, 
spamassassin, dspam, et al).

So, yes, postfix can do that, and quite elegantly.  It has a plugin-like
policy filter interface which allows you do do almost any kind of 
filtering you like during the initial smtp transaction (though some 
kinds of work are quite slow, and can cause problems).

Take a look at the newest documentation at www.postfix.org.

-Scott

PS: I completely agree about qmail.  But, postfix's multiple program
architecture is one reason why there has never been a major security
breach in the program, unlike, say sendmail.

More information about the ubuntu-users mailing list