My opinion:
The support side will say "the more detail to better" to assist users
or operators allowing them to be self-reliant to resolve issues (this
helps reduce support cost).
The security side will say "Don't give clues to bad guys." In this
specific case, you would be allowing them to learn by trial and error
to see how to get better scores. For example, ESMTP AUTH, IMV it is
bad idea to issue an specific error that says
530 BAD USERNAME or
530 BAD PASSWORD
as oppose to just saying
530 Authentication required
In my view, in your scoring case, too much information.
You can probably decide this based on who you expect to read this. My
suggestion is to log it to a file.
--
Sincerely
Hector Santos
http://www.santronics.com
Дилян Палаузов wrote:
Hello,
When an email is evaluated as spam and in turn is rejected during the
SMTP dialog, is it reasonable to show in the SMTP response the result of
the spam evaluation or not?
E.g. Using SpamAssassin to filter the messages, what response is better
and why?
550 5.7.1 Your mail was evaluated as spam.
or
550-5.7.1 Your mail was evaluated as spam (see below for details).
550-5.7.1
550-5.7.1 -0.0 SPF_PASS SPF: sender matches SPF record
550-5.7.1 -2.6 BAYES_00 BODY: Bayesian spam probability is 0 to 1%
550-5.7.1 [score: 0.0000]
550 5.7.1 1.0 DKIM_VALID DKIM_VALID
Thanks in advance for your opinion,
Дилян