D&C Lug - Home Page
Devon & Cornwall Linux Users' Group

[ Date Index ][ Thread Index ]
[ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] ENSIM



Adrian Midgley wrote:
On Friday 30 January 2004 00:07, Simon Waters wrote:


l)\"?$/ REJECT For security reasons we reject attachments of this type


On the system I have been using for some years at the surgery I recently 
commanded it to remove _all_ attachments and file them in a suitable 
directory - many of them are papers that theoretically inform us of important 
matters.

I'm looking at Postfix and I don't see how one sets it up to do that?

The mime header checks are configured (in version 2) by;
mime_header_checks = regexp:/etc/postfix/mime_header_checks.regexp

We get a note of the filename, fully qualified as a URL, to the "_incoming" 
directory on the mailserver.

If you want to extract files from emails and the like I think you are
stuck using one of the many mail filtering tools - I don't think Postfix
will do it - it may make it easy to call such a tool.

It seems an odd thing to do - but I guess you have our reasons.

Spam - I think whitelisting is the best approach, not seen a filter that
comes close - so I'll stick with TMDA.


The whitelisting in Spamassassin together with its various other bits seems 
useful.

With a threshold of 3 points, it has not made a false positive for a week,  
although it lets through a few false negatives each day.  My annoyance level 
has declined significantly.

Afraid Spam Assassin doesn't cut it for me.

Virtually all the spam that I see these days comes through Spam Assassin
somewhere - this should tell you something about how effective it is.

It might work fine at the moment, but be assured I'm just a few month
further into your email future. 1000 spams to each genuine email is not
so far away :( Although I do think soon the spammers will find the cost
of the war on spam hurting - but remember most of the deivry cost is
shipped off onto hacked PC's.

I think SPF is worth pushing on one's ISPs,

It's on my list of things to do - but I need to do some other stuff to
make this manageable.

and I'd like some sort of access 
token system so I can give people a selection of access tokens - one might 
put them on one's business cards for instance.

Urm like TMDA tagged addresses?
Some other access token?
I've yet to see a spam encrypted with my GNUPG public key!

NHS communications tend to score quite spammy, due to the use of "HTML" in 
eamils, and the presence of attachments, and entertainingly, the choice of 
email domains with 5 terminal numbers in the distinguisher for all general 
practices except mine.

Here is the problem with statistical filters - it assumes all your
genuine emails fall into distinctive groups, and all your spam falls
into other distinctive groups.

I trust your patients having trouble with priaprism (via drug abuse?)
won't trip these filters accidently?

If you don't mind losing some genuine emails without anyone knowing
(sender or recipient) post filtering with statistical filters is fine. I
would have thought for most professional uses of email this kind of
failure is unacceptable - that was certainly the premise behind the
design of SMTP - no unacknowledged delivery failures.

Okay nothing is perfect in life, but SMTP compliant email systems get
email from sender to recipient or note the failure, far more reliably
than say the Royal Mail.

That is why methods like SPF, and MTA based content filtering are
important, as they allow you to issue a "5xx" error message at
transaction time, so genuine correspondents know their email failed to
reach you, without creating undesirable bounces (like TMDA does), from
the spam.

Attachment: signature.asc
Description: OpenPGP digital signature


Lynx friendly