2
More on spam
Question asked by Sabatino - 2/1/2022 at 10:14 AM
Unanswered
Sorry but I don't understand.

I have activated SMTP Blocking:

Inbound Weight Threshold 60
But I'm seeing that messages over 60 are still being delivered


Also I don't understand the pattern

I seem to have understood that:

The message is received in smtp server to server

Then the smtp session is closed. Only then is the message processed by the delivery queue and therefore all the antispam checks are carried out on the message

This means that I cannot reply with an smtp message like

421 4.7.1 Spam Detected - contact xxxx@xxxx.xx for more details

I understand that the blocking system simply deletes the message (which then as mentioned above does not seem to work). I have seen that there is the possibility to set a bounce message, but since it is spam it is madness. A smtp message would be much better. A true false positive would be handled by the originating server if needed.

However, I remain firmly convinced that it would be better to implement a function of

Over a certain weight of spam quarantine the message inbound spam

I would have an outbound quarantine and a separate inboud quarantine



Sabatino Traini
      Chief Information Officer
Genial s.r.l.
Martinsicuro - Italy

3 Replies

Reply to Thread
0
Sabatino Replied
Correction

The block works. In fact now in the delivery log I have

[2022.02.01] 18: 11: 22.212 [57739045] This message cannot be delivered as it was marked as spam. Weight: 65
[2022.02.01] 18: 13: 42.870 [57739066] This message cannot be delivered as it was marked as spam. Weight: 60
[2022.02.01] 18: 21: 03.170 [57739151] This message cannot be delivered as it was marked as spam. Weight: 65
[2022.02.01] 18: 23: 14.903 [57739172] This message cannot be delivered as it was marked as spam. Weight: 64

But the fact remains that:

1) I don't trust and would like to see these messages, so it would be much better to have them quarantined

2) it would be much better to be able to send a smtp message and not a bounce message
Sabatino Traini
      Chief Information Officer
Genial s.r.l.
Martinsicuro - Italy

0
Sabatino Replied
Another thing.

If the operation diagram is

smtp server to server, receives and closes connection

Then check the antispam.
I don't understand how the

Greylist Weight Threshold 


Sabatino Traini
      Chief Information Officer
Genial s.r.l.
Martinsicuro - Italy

0
Sabatino Replied
So, some things I answer for myself

Spam checks are on two levels
One on smtp at the moment of the exchange, or inbound smtp and one on the spool level and therefore spool filtering

So the Greylist Weight Threshold makes perfect sense

However, continuing to study I remain firmly convinced of the need to add an add functionality to the quarantine for inbound spam with a weight greater than x and not to the simple calcellation as it happens now. it's a leap of faith otherwise. There is no way to tell if it is doing false positives.

Also after activating

SMTP Blocking:

Inbound Weight Threshold 60


I realized that there is no value in the reports that allows me to understand how many it is blocking.
Sabatino Traini
      Chief Information Officer
Genial s.r.l.
Martinsicuro - Italy

Reply to Thread