Re: spam-filtering policy

["Micheal Espinola Jr" <michealespinola () gmail com>]

Whitelists are great if you can still allow mail to come into those
particular addresses tagged as spam ( [spam] ), and not blocked
completely.

Check out ASSP.  Its amazing what you can do with it.

In this case, you would designate sales, marketing, etc, as
"spamlovers" - or possibly just leave Bayesian analysis in "test-mode"
for tagging purposes only, while having other options "on" so full
blocking can be performed when something is an obvious spam:  like
image-spam, string matches, DNSBL, URIBL, HELO, etc ,etc...

http://en.wikipedia.org/wiki/Anti-Spam_SMTP_Proxy

On 12/14/06, Mike Peppard <mpeppard () impole com> wrote:
> cc wrote:
> > Dear All,
> >
> > Since there's no 100% effective spam filtering mechanisms
> > so far, is it 'effective' to block (every/some) domains/IPs
> > and have the admin of those domains/IPs  send an online
> > application to whitelist the domains/IPs?
> >
> > If it is an effective policy, wouldn't this create more
> > of a hassle for the admins of valid/innocent domains?
> Some people or organizations use a white list. I'd suggest not using a
> white list for Sales or Marketing or Human Resources or any customer
> facing departments. Operations or Finance or Purchasing are good targets
> for using a white list because the email sender has a vested interest in
> getting on the white lists. I'd also recommend the white list be
> specific to individual email accounts and your employees have an easy
> way to add or remove entries from their white list.
> > If it isn't an effective policy, why does anyone use it?The reason why
> > I'm asking is that my co-worker has beentrying to send an e-mail to a
> > customer whose ISP seems to
> > be using such a spam-filtering policy.  This ISP is blocking
> > my company's domain, for some stupid reason.  My company
> > certainly doesn't spam.
> A white list like you seem to describe doesn't sound reasonable,
> although many companies do "black list" block whole blocks of IPs, such
> as Comcast and SBC (and sometimes all of Asia including Hong Kong) where
> email servers either shouldn't exist or huge amounts of Spam are
> generated from hacked personal computers.
>
> You could be on a black list rather than not on a white list. You need
> to contact the organization. Instructions for doing so should be in the
> message bounced back to you. Black list managers and most email
> administrators are very reasonable about taking you off their lists once
> you fix the problem that put you on the list initially. It could be an
> auto reply from your company that triggered the list or it could be that
> you're an open relay, or perhaps you're not giving an spf per RCF4408 or
> a combination of problems that triggered an alert. Being from Asia as
> you are, you might want to let their email administrator know that
> banning that whole IP range will limit their ability to do business.
> > Since I'm ever-learning the ins-and-outs of mail server
> > administration, I'm curious as to what everyone here
> > thinks.
>
> ---------------------------------------------------------------------------
> This list is sponsored by: ByteCrusher
>
> Detect Malicious Web Content and Exploits in Real-Time.
> Anti-Virus engines can't detect unknown or new threats.
> LinkScanner can. Web surfing just became a whole lot safer.
>
> http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect
> ---------------------------------------------------------------------------


--
ME2

---------------------------------------------------------------------------
This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect
---------------------------------------------------------------------------