Spam Action Reject
Black holes are a problem.
There MUST be the option to REJECT an e-mail when detected as spam.
Consider the following situation:
Somebody sends a genuine e-mail to your organization. Your Spam protection considers it as spam and DROP it (false positive) and the intended recipient, don't receive it.
The sender will never know that the e-mail was not received. In fact, for the sender, the email was delivered because if you check the sender's smtp log, you will find a "250 message queued"
And the recipient will never know he has not received a valid e-mail.
If instead of droping the message the Sophos XG REJECTs the message the sender will receive a NDR from his own SMTP server
I really wonder how is it that this situation is not all over the forums.
Stuart Hatto, XG Product Manager commented
Hi, the RFCs do allow for the sending of a reject message, but only before the connection is dropped. So after the DATA transfer is ended, we could scan the content, determine it was spam and send a 550 (reject for policy reasons) to the sender, then close the connection. I see a couple of issues I need to think through. Firstly, scanning of an attachment, especially using Sandstorm could take a considerable period of time - I have a concern on resource exhaustion. Second, if the mail is delivered via an intermediate relay it will be the relay that gets the reject, not the originating sender.
I have asked our XG MTA engineering team to have a look at this for possible inclusion. The usual caveats apply, this is not a commitment, and I have no timescales.
It has legal consequences to accept emails instead of rejecting them.
The Higher Regional Court of Austria has decided that mails that are recognized as SPAM can be part of the contract.
ohg 3 Ob 224/18i
similar in Germany, District Court Bonn, 15 O 189/13
if the mail gateway signals to the other side that the mail has been accepted, it is accepted. What the email processing in the system behind it does is understandably completely irrelevant to the legitimate sender.
In the end, the mail administrator must be able to decide for himself whether the email is rejected or dropped!
AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory) commented
If you REJECT a message from an actual spammer you are (a) confirming the existence of the address they were trying to spam, and (b) confirming that the message has not been sent so they should try again, perhaps from a different server.