Paul Hutchings a écrit : > I appreciate that it's hard to make up for the failings of other peoples > email/internet infrastructure, but I'm looking for options/suggestions > on how to deal with that old problem of "Blocking unwanted mail when the > occasional wanted mail has all the characteristics of unwanted mail". > > We use RBL's and basic checks such as rejecting mail with no rdns at > all, and it stops thousands of spam, but of course as a business, in an > ideal world I want to accept all legitimate mail regardless of > characteristics. > > Sure I can manually create whitelists but that requires me to know there > was a problem with a certain domain/host/address. > > I think I'm asking the impossible, but I'm curious how other people go > about handling this problem both technically and politically? >
The first thing (simplest and most effective) is to see if you can adjust your checks, so that you decrease your FP rate without increasing your FN rate too much. when designing access checks, keep in mind that: - if you use checks that are rarely used, the other side will consider that "the problem is on your side, because everybody else accepts our mail" ;-p - if you reject based on checks that are widely used, you shouldn't have a problem, because the other side has incentives to fix the problem (getting whitelisted at your site doesn't fix their delivery problem). if you still have a problem with the designed checks (that is, you block legitimate mail that users want _and_ your policy is not sufficient as an answer to these users), then consider disabling the "offending" checks and leave it to your spam filter to handle the missed junk (the junk missed at smtp time). one thing I've done in a company I worked for is to create 3 classes and allow each user to chose his class: - "low": aka spam lover. only few checks are done - "medium": default setup. checks that I believe are safe or "natural" - "high" you can mitigate the problem by checking outbound mail and deriving rules to whitelist "paypals" from some checks (this is discussed below). if your server sends mail to j...@somewhere.example, then - whitelist client if rDNS is *.somewhere.example - resolve A, MX and SPF, and whitelist the corresponding IPs When I say "whitelist", I mean whitelist from some checks. this can be implemented with a log parser (a policy service is not required).