[SA-exim] Re: tempreject vs. reject for teergrubing

[Marc MERLIN]

[Added Cc to sa-exim list in case my answer can be useful to others]

On Sat, Dec 07, 2002 at 06:31:24PM -0500, Brian Kendig wrote:
> I think I've caught an inconsistency in sa-exim.c... in the teergrube 
> section, it returns LOCAL_SCAN_TEMPREJECT, but shouldn't it be 
> returning LOCAL_SCAN_REJECT instead, since you've deprecated the 
> settings for temporarily rejecting a message that's been teergrubed?
 
I guess my docs can probably be improved :-)
What I deprecated was the option to just sleep and return
LOCAL_SCAN_TEMPREJECT way later.
This option wasn't very good because it didn't know when the other side
had disconnected and your exim still sat around for the entire time.
 
> If I've teergrubed a message and the sender has stuck around for the 
> entire time, I don't want him to try again later...

If it's a real spammer he will probably not try again, unless he is
really dumb, or you have someone relaying the spam to you.
If you select do to teergrubing, the idea is to passively hurt the
spammer, so if he were to be dumb enough to try again, it makes sense
for sa-exim to try and delay the spammer one more time.
In other words, it works as designed :-)

Now, if you have someone repeatetly trying to resend you a spam, it's
usually either an MX for you or an open relay.
At least in the first case, you want to put that sender in
SAteergrubecond as shown in the example config file
In the second case, you can decide whether tying up the open relay is
worthwhile or not.

Marc
-- 
"A mouse is a device used to point at the xterm you want to type in" - A.S.R.
Microsoft is to operating systems & security ....
                                      .... what McDonalds is to gourmet cooking
Home page: http://marc.merlins.org/   |   Finger marc_f@merlins.org for PGP key