From: mouss (usebsdfree.fr)
Date: Thu Feb 02 2006 - 16:32:59 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Tom Lee a écrit :
>>
>> A before queue (proxy) content filter doesn't require the mail to pass
>> through Postfix twice, so it should be more efficient. More importantly,
>> it allows you to reject messages based on their content, which isn't
>> possible with after queue content filters.
>
>
> before queue filter has the above advantages.
> I just checked more documents and find SMTPD_PROXY_README mentioned two
> disadvantage for using "before queue filter".
>
> clamsmtp author also mentioned:
> "Before-queue filters make a poor choice for anti-virus scanners."
> from the link:
> http://memberwebs.com/nielsen/software/clamsmtp/postfix.html
>

well, why use a before-queue for virus filtering?

- you already received the whole message, so rejecting at smtp level has
less benefits than in the smtpd_recipient_restrictions case. sure, you
"give back the responsibility", but is that worth?

- if you reject, the client MTA will bounce. given how bad are many
MTAs, this will certainly bounce a virus to poor guy who never asked
for. sure, that's the "other" side's problem, but why shoot people who
are already dead? This is just my opinion, but I think viruses have
nothing to do inside the email system. so quarantine if you're a purist,
discard otherwise.

- if scanning takes too much time (think not only of the latency of
single scan, but also of the case when you get too many mails to scan),
the client may timeout, and the message may be delivered multiple times.

>
>> However, the proxy filter
>> needs to function as a truly transparent proxy, and I doubt clamsmtp
>> qualifies.
>
>

There's no need for a "transparent" proxy in smtp, unless you have very
specific needs, but that seems unlikely. many people use clamsmtp,
amavis, dspam, ... etc.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]