Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: spam-filtering policy

from [Mike Peppard] Network Security [Permanent Link]
Subject: Re: spam-filtering policy
Date: Thu, 14 Dec 2006 10:47:42 -0800
cc wrote: 
Dear All,

Since there's no 100% effective spam filtering mechanisms
so far, is it 'effective' to block (every/some) domains/IPs
and have the admin of those domains/IPs  send an online
application to whitelist the domains/IPs?

If it is an effective policy, wouldn't this create more
of a hassle for the admins of valid/innocent domains?
Some people or organizations use a white list. I'd suggest not using a white list for Sales or Marketing or Human Resources or any customer facing departments. Operations or Finance or Purchasing are good targets for using a white list because the email sender has a vested interest in getting on the white lists. I'd also recommend the white list be specific to individual email accounts and your employees have an easy way to add or remove entries from their white list.
If it isn't an effective policy, why does anyone use it?The reason why I'm asking is that my co-worker has beentrying to send an e-mail to a customer whose ISP seems to
be using such a spam-filtering policy. This ISP is blocking
my company's domain, for some stupid reason. My company
certainly doesn't spam.
A white list like you seem to describe doesn't sound reasonable, although many companies do "black list" block whole blocks of IPs, such as Comcast and SBC (and sometimes all of Asia including Hong Kong) where email servers either shouldn't exist or huge amounts of Spam are generated from hacked personal computers.

You could be on a black list rather than not on a white list. You need to contact the organization. Instructions for doing so should be in the message bounced back to you. Black list managers and most email administrators are very reasonable about taking you off their lists once you fix the problem that put you on the list initially. It could be an auto reply from your company that triggered the list or it could be that you're an open relay, or perhaps you're not giving an spf per RCF4408 or a combination of problems that triggered an alert. Being from Asia as you are, you might want to let their email administrator know that banning that whole IP range will limit their ability to do business. 
Since I'm ever-learning the ins-and-outs of mail server
administration, I'm curious as to what everyone here
thinks.


---------------------------------------------------------------------------
This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect
---------------------------------------------------------------------------

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Identifying passion for security?, Dagmar d'Surreal
Next by Date:  Re: advice for CEH certification, Adam Hunt
Previous by Thread:  Re: spam-filtering policy, Frynge Customer Support
Next by Thread:  Re: spam-filtering policy, Micheal Espinola Jr
Indexes:  [Date] [Thread] [Top] [All Lists]