Security Basics mailing list archives
Re: spam-filtering policy
From: Mike Peppard <mpeppard () impole com>
Date: Thu, 14 Dec 2006 10:47:42 -0800
cc wrote:
Some people or organizations use a white list. I'd suggest not using a white list for Sales or Marketing or Human Resources or any customer facing departments. Operations or Finance or Purchasing are good targets for using a white list because the email sender has a vested interest in getting on the white lists. I'd also recommend the white list be specific to individual email accounts and your employees have an easy way to add or remove entries from their white list.Dear All, Since there's no 100% effective spam filtering mechanisms so far, is it 'effective' to block (every/some) domains/IPs and have the admin of those domains/IPs send an online application to whitelist the domains/IPs? If it is an effective policy, wouldn't this create more of a hassle for the admins of valid/innocent domains?
If it isn't an effective policy, why does anyone use it?The reason why I'm asking is that my co-worker has beentrying to send an e-mail to a customer whose ISP seems toA white list like you seem to describe doesn't sound reasonable, although many companies do "black list" block whole blocks of IPs, such as Comcast and SBC (and sometimes all of Asia including Hong Kong) where email servers either shouldn't exist or huge amounts of Spam are generated from hacked personal computers.be using such a spam-filtering policy. This ISP is blocking my company's domain, for some stupid reason. My company certainly doesn't spam.
You could be on a black list rather than not on a white list. You need to contact the organization. Instructions for doing so should be in the message bounced back to you. Black list managers and most email administrators are very reasonable about taking you off their lists once you fix the problem that put you on the list initially. It could be an auto reply from your company that triggered the list or it could be that you're an open relay, or perhaps you're not giving an spf per RCF4408 or a combination of problems that triggered an alert. Being from Asia as you are, you might want to let their email administrator know that banning that whole IP range will limit their ability to do business.
Since I'm ever-learning the ins-and-outs of mail server administration, I'm curious as to what everyone here thinks.
--------------------------------------------------------------------------- This list is sponsored by: ByteCrusher Detect Malicious Web Content and Exploits in Real-Time. Anti-Virus engines can't detect unknown or new threats. LinkScanner can. Web surfing just became a whole lot safer. http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect ---------------------------------------------------------------------------
Current thread:
- spam-filtering policy cc (Dec 13)
- Re: spam-filtering policy Frynge Customer Support (Dec 13)
- Re: spam-filtering policy Mike Peppard (Dec 14)
- Re: spam-filtering policy Micheal Espinola Jr (Dec 15)
- Re: spam-filtering policy Thomas Choi (Dec 21)
- Re: spam-filtering policy Micheal Espinola Jr (Dec 25)
- Re: spam-filtering policy Devdas Bhagat (Dec 18)
- Re: spam-filtering policy Thomas Choi (Dec 21)