[ Date Index ][
Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
Adrian Midgley wrote:
On Friday 30 January 2004 00:07, Simon Waters wrote:l)\"?$/ REJECT For security reasons we reject attachments of this typeOn the system I have been using for some years at the surgery I recently commanded it to remove _all_ attachments and file them in a suitable directory - many of them are papers that theoretically inform us of important matters. I'm looking at Postfix and I don't see how one sets it up to do that?
The mime header checks are configured (in version 2) by; mime_header_checks = regexp:/etc/postfix/mime_header_checks.regexp
We get a note of the filename, fully qualified as a URL, to the "_incoming" directory on the mailserver.
If you want to extract files from emails and the like I think you are stuck using one of the many mail filtering tools - I don't think Postfix will do it - it may make it easy to call such a tool. It seems an odd thing to do - but I guess you have our reasons.
Spam - I think whitelisting is the best approach, not seen a filter that comes close - so I'll stick with TMDA.The whitelisting in Spamassassin together with its various other bits seems useful. With a threshold of 3 points, it has not made a false positive for a week, although it lets through a few false negatives each day. My annoyance level has declined significantly.
Afraid Spam Assassin doesn't cut it for me. Virtually all the spam that I see these days comes through Spam Assassin somewhere - this should tell you something about how effective it is. It might work fine at the moment, but be assured I'm just a few month further into your email future. 1000 spams to each genuine email is not so far away :( Although I do think soon the spammers will find the cost of the war on spam hurting - but remember most of the deivry cost is shipped off onto hacked PC's.
I think SPF is worth pushing on one's ISPs,
It's on my list of things to do - but I need to do some other stuff to make this manageable.
and I'd like some sort of access token system so I can give people a selection of access tokens - one might put them on one's business cards for instance.
Urm like TMDA tagged addresses? Some other access token? I've yet to see a spam encrypted with my GNUPG public key!
NHS communications tend to score quite spammy, due to the use of "HTML" in eamils, and the presence of attachments, and entertainingly, the choice of email domains with 5 terminal numbers in the distinguisher for all general practices except mine.
Here is the problem with statistical filters - it assumes all your genuine emails fall into distinctive groups, and all your spam falls into other distinctive groups. I trust your patients having trouble with priaprism (via drug abuse?) won't trip these filters accidently? If you don't mind losing some genuine emails without anyone knowing (sender or recipient) post filtering with statistical filters is fine. I would have thought for most professional uses of email this kind of failure is unacceptable - that was certainly the premise behind the design of SMTP - no unacknowledged delivery failures. Okay nothing is perfect in life, but SMTP compliant email systems get email from sender to recipient or note the failure, far more reliably than say the Royal Mail. That is why methods like SPF, and MTA based content filtering are important, as they allow you to issue a "5xx" error message at transaction time, so genuine correspondents know their email failed to reach you, without creating undesirable bounces (like TMDA does), from the spam.
Attachment:
signature.asc
Description: OpenPGP digital signature