On Tue, Oct 01, 2002 at 01:41:20PM -0500, Michael Jarvis wrote:
>
> On Tue, Oct 01, 2002 at 08:35:51AM -1000, Clifton Royston wrote:
> > > Currently the body_checks (and header_checks) are an all-or-nothing
> > > affair. Either you execute ALL of the rules on every line of the
> > > message, or you don't use the feature.
> >
> > Exactly. As I understand the feature, they are meant as an avenue for
> > admins to put in quick ad-hoc tests, not to replace a general-purpose
> > content filter.
>
> It's certainly useful for quick ad-hoc filters, such as stopping an inbound
> flood of spam until it gets picked up by the RBL services.
>
> I think there's a definite need for more sophisticated filtering. From
> looking at other non-official Postfix websites (such as
> http://www.hispalinux.es/~data/postfix/) I think other people agree.

  I agree there is a need for it, but I am not sure that building it
directly into the heart of Postfix is the right place for it. (On the
contrary, I believe what might be best in the long term is to provide
hooks to allow Postfix to interface to an separate content-filtering
system at the phase where header and body checks are now performed.)
Adding complexity in the wrong place can hurt, especially in a system
whose primary goals are reliability and security. In any case I am
happy to leave that design decision to Wietse.

  For now the SMTP-proxy interface to an external content filter is
probably the best bet for doing more elaborate tests.

  -- Clifton

-- 
    Clifton Royston  --  LavaNet Systems Architect --  cliftonrlava.net
"What do we need to make our world come alive?  
   What does it take to make us sing?
 While we're waiting for the next one to arrive..." - Sisters of Mercy
-
To unsubscribe, send mail to majordomopostfix.org with content
(not subject): unsubscribe postfix-users

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]