Whitelists are great if you can still allow mail to come into those
particular addresses tagged as spam ( [spam] ), and not blocked
completely.
Check out ASSP. Its amazing what you can do with it.
In this case, you would designate sales, marketing, etc, as
"spamlovers" - or possibly just leave Bayesian analysis in "test-mode"
for tagging purposes only, while having other options "on" so full
blocking can be performed when something is an obvious spam: like
image-spam, string matches, DNSBL, URIBL, HELO, etc ,etc...
http://en.wikipedia.org/wiki/Anti-Spam_SMTP_Proxy
On 12/14/06, Mike Peppard <mpeppard@impole.com> wrote:
cc wrote:
> Dear All,
>
> Since there's no 100% effective spam filtering mechanisms
> so far, is it 'effective' to block (every/some) domains/IPs
> and have the admin of those domains/IPs send an online
> application to whitelist the domains/IPs?
>
> If it is an effective policy, wouldn't this create more
> of a hassle for the admins of valid/innocent domains?
Some people or organizations use a white list. I'd suggest not using a
white list for Sales or Marketing or Human Resources or any customer
facing departments. Operations or Finance or Purchasing are good targets
for using a white list because the email sender has a vested interest in
getting on the white lists. I'd also recommend the white list be
specific to individual email accounts and your employees have an easy
way to add or remove entries from their white list.
> If it isn't an effective policy, why does anyone use it?The reason why
> I'm asking is that my co-worker has beentrying to send an e-mail to a
> customer whose ISP seems to
> be using such a spam-filtering policy. This ISP is blocking
> my company's domain, for some stupid reason. My company
> certainly doesn't spam.
A white list like you seem to describe doesn't sound reasonable,
although many companies do "black list" block whole blocks of IPs, such
as Comcast and SBC (and sometimes all of Asia including Hong Kong) where
email servers either shouldn't exist or huge amounts of Spam are
generated from hacked personal computers.
You could be on a black list rather than not on a white list. You need
to contact the organization. Instructions for doing so should be in the
message bounced back to you. Black list managers and most email
administrators are very reasonable about taking you off their lists once
you fix the problem that put you on the list initially. It could be an
auto reply from your company that triggered the list or it could be that
you're an open relay, or perhaps you're not giving an spf per RCF4408 or
a combination of problems that triggered an alert. Being from Asia as
you are, you might want to let their email administrator know that
banning that whole IP range will limit their ability to do business.
> Since I'm ever-learning the ins-and-outs of mail server
> administration, I'm curious as to what everyone here
> thinks.
---------------------------------------------------------------------------
This list is sponsored by: ByteCrusher
Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.
http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect
---------------------------------------------------------------------------
--
ME2
---------------------------------------------------------------------------
This list is sponsored by: ByteCrusher
Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.
http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect
---------------------------------------------------------------------------
