Is there a way to have mm3 use SpamAssassin and/or clamav? Marisa
On 3/15/24 17:52, Marisa Giancarla via Mailman-users wrote:
Is there a way to have mm3 use SpamAssassin and/or clamav? Marisa
It would require custom code modification to invoke SpamAssassin and/or ClamAV from mailman. It is much better to integrate these in the MTA.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Ok sounds good...
Marisa
On 3/15/24 18:40, Mark Sapiro wrote:
On 3/15/24 17:52, Marisa Giancarla via Mailman-users wrote:
Is there a way to have mm3 use SpamAssassin and/or clamav? Marisa
It would require custom code modification to invoke SpamAssassin and/or ClamAV from mailman. It is much better to integrate these in the MTA.
On 2024-03-15 18:50:32 -0700 (-0700), Marisa Giancarla via Mailman-users wrote:
On 3/15/24 18:40, Mark Sapiro wrote:
On 3/15/24 17:52, Marisa Giancarla via Mailman-users wrote:
Is there a way to have mm3 use SpamAssassin and/or clamav? Marisa
It would require custom code modification to invoke SpamAssassin and/or ClamAV from mailman. It is much better to integrate these in the MTA.
Ok sounds good...
A big reason this is the preferred approach is that your MTA, if appropriately configured, can scan incoming messages before deciding whether to accept or reject them into its delivery queue. For messages rejected at receipt, this means legitimate senders whose messages were incorrectly misclassified get useful error messages in the NDR generated by their own mail provider, while spoofed spam and malware doesn't generate backscatter to unwilling victims and put your own server at risk of getting listed as a spam source.
If Mailman were in charge of checking for spam or malware, its only options would be to silently drop offending messages (providing no feedback to senders of misclassified messages) or reject them (causing your MTA to generate an NDR which often times ends up either part of a coordinated attack against some victim organization or sitting undeliverable in the queue because that address is at an unreachable domain). These are obviously undesirable, even actively harmful, results.
Jeremy Stanley
participants (3)
-
Jeremy Stanley
-
Marisa Giancarla
-
Mark Sapiro