Re: [OT] Sendmail vs. Exim, and SMTP Advice

To: Mutt Users <mutt-users@xxxxxxxx>
Subject: Re: [OT] Sendmail vs. Exim, and SMTP Advice
From: Spiro Trikaliotis <trik-news@xxxxxx>
Date: Fri, 11 Jun 2004 15:58:46 +0200
In-reply-to: <20040611095540.GD22398@xxxxxxx>
List-unsubscribe: <mailto:mutt-users-request@mutt.org?body=unsubscribe>
Mail-followup-to: Mutt Users <mutt-users@xxxxxxxx>
References: <20040609230142.GA31807%alexy.khrabrov@xxxxxxxxx> <20040610070212.GB19999@mail> <20040611080802.GB22398@xxxxxxx> <20040611083842.GB12993@mail> <20040611095540.GD22398@xxxxxxx>
Sender: owner-mutt-users@xxxxxxxx
User-agent: Mutt/1.5.6i

Hello David,

* On Fri, Jun 11, 2004 at 05:55:42AM -0400 David Yitzchak Cohen wrote:

> Many of the "security" problems found in sendmail are actually
> configuration bugs (sometimes in the stock configs shipped in the
> package), though, which just goes to illustrate what I noted above.

A program which is so hard to config is a security problem.

> If somebody silently discards emails, he's setting himself up for
> potential problems, now that email is legally recognized as the
> primary (and sometimes sole) communication medium in many contracts.

Well, but if a SPAM tool like spamassassin drops a mail, this is not
allowed? Do I have to look through all my SPAM? (BTW: Something I do at
the moment.) I doubt that.

Using most spam tools, normally, you do not reject the mail at the MTA,
do you? Or, do you send negative acknowledgements that your spam tool
has dropped a mail? I hope not, because I get enough confirmations from
anti-virus tools.

> However, silently discarding anything that you're not 100% sure is
> SPAM is a stupid idea, since not only are you losing real mail 

Most spam tools look at more than one characteristic to decide of
something is spam or not. Looking at spamassassin, I know enough people
who discard anything above 5.0 completely. I do not, but look at them on
a daily basis. There have been some false positives so far, and I'm glad
I did not discard them. But others do.

> (which you've legally received - it's like getting a piece of
> registered mail, and just throwing it out after signing on the dotted
> line),

No. At least here in germany, you have to prove that the mail reached
the recipient. If you don't get a negative acknowledge, you cannot
assume that the mail reached the recipient [1]. You have to proof that
the mail has reached the right recipient.

> but you're not even letting the real mailer know that you just threw
> his mail on the floor.  I _never_ claim to receive something and then
> throw it on the floor; the most I do is temporarily block the sending
> IP.

It's not me who is doing that. But my mail was dropped more than once
this way, especially on mailing lists, so I only use smarthosts now.

Regards,
   Spiro.

[1] Kai Mielke: "Tanz auf dünnem Eis. E-Mail-Korrespondenz taugt vor
    Gericht als Beweis wenig." c't Magazin für Computertechnik 10/2004,
    pp. 170 (German only).

    Translation of the title: "Skating on thin ice. E-Mail
    correspondance is not much good on court.  

-- 
Spiro R. Trikaliotis
http://www.trikaliotis.net/
http://www.viceteam.org/

Follow-Ups:
- Re: [OT] Sendmail vs. Exim, and SMTP Advice
  - From: David Yitzchak Cohen

References:
- selective smart host/sendmail choice
  - From: Alexy Khrabrov
- Re: selective smart host/sendmail choice
  - From: Spiro Trikaliotis
- Re: selective smart host/sendmail choice
  - From: David Yitzchak Cohen
- Re: selective smart host/sendmail choice
  - From: Spiro Trikaliotis
- [OT] Sendmail vs. Exim, and SMTP Advice (was: Re: selective smart host/sendmail choice)
  - From: David Yitzchak Cohen

Prev by Date: Re: Clamav or F-prot
Next by Date: Faster working with messages
Previous by thread: [OT] Sendmail vs. Exim, and SMTP Advice (was: Re: selective smart host/sendmail choice)
Next by thread: Re: [OT] Sendmail vs. Exim, and SMTP Advice
Index(es):
- Date
- Thread