Re: spam-filtering policy

[Mike Peppard <mpeppard () impole com>]

cc wrote:
> Dear All,
>
> Since there's no 100% effective spam filtering mechanisms
> so far, is it 'effective' to block (every/some) domains/IPs
> and have the admin of those domains/IPs  send an online
> application to whitelist the domains/IPs?
>
> If it is an effective policy, wouldn't this create more
> of a hassle for the admins of valid/innocent domains?
Some people or organizations use a white list. I'd suggest not using a 
white list for Sales or Marketing or Human Resources or any customer 
facing departments. Operations or Finance or Purchasing are good targets 
for using a white list because the email sender has a vested interest in 
getting on the white lists. I'd also recommend the white list be 
specific to individual email accounts and your employees have an easy 
way to add or remove entries from their white list.
> If it isn't an effective policy, why does anyone use it?The reason why 
> I'm asking is that my co-worker has beentrying to send an e-mail to a 
> customer whose ISP seems to
> be using such a spam-filtering policy.  This ISP is blocking
> my company's domain, for some stupid reason.  My company
> certainly doesn't spam.
A white list like you seem to describe doesn't sound reasonable, 
although many companies do "black list" block whole blocks of IPs, such 
as Comcast and SBC (and sometimes all of Asia including Hong Kong) where 
email servers either shouldn't exist or huge amounts of Spam are 
generated from hacked personal computers.

You could be on a black list rather than not on a white list. You need 
to contact the organization. Instructions for doing so should be in the 
message bounced back to you. Black list managers and most email 
administrators are very reasonable about taking you off their lists once 
you fix the problem that put you on the list initially. It could be an 
auto reply from your company that triggered the list or it could be that 
you're an open relay, or perhaps you're not giving an spf per RCF4408 or 
a combination of problems that triggered an alert. Being from Asia as 
you are, you might want to let their email administrator know that 
banning that whole IP range will limit their ability to do business.
> Since I'm ever-learning the ins-and-outs of mail server
> administration, I'm curious as to what everyone here
> thinks.

---------------------------------------------------------------------------
This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect
---------------------------------------------------------------------------