On 09/05/2012 15:16, Asymmetrics Webmaster wrote:
While is a bad idea to reject mail without SPF records, its a good idea to
reject email if the SPF record is present and incorrectly set or not
authorized for the sender (hardfail).
SA works after the email gets in the queue, but the most efficient way,
whenever possible, is to reject it (not bounce it) before it gets in the
queue, as there is a chance the admin of the sender mail server gets a
notice sooner and take the necessary steps to identify compromised systems,
fix the problems etc.
My SpamAssassin works at the MTA level through a milter. It doesn't
queue the mail and check later - the mail is checked after SMTP DATA and
the decision to reject the email is made there and then.
So, no, SA does not work after the email gets in the queue, as you say.
That is dependent on implementation.
--
Best Regards,
Giles Coochey, CCNA Security, CCNA
NetSecSpec Ltd
giles.coochey@xxxxxxxxxxxxxxxx
Tel: +44 (0) 7983 877 438
Live Messenger: giles@xxxxxxxxxxx
http://www.netsecspec.co.uk
http://www.coochey.net
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
