what do people think of the concept of a graylist?
i am managing the spam filtering for a sizeable enterprise of
knowledge workers many of whom bill by the hour. for such workers
there's a good time-management argument for email filtering.
i'm trying to avoid supporting individual preferences at the sa or
amavisd level, and put all of the user choice in the MUA filtering
rules.
having gone through the exercise of turning away a lot of spam at the
front door, what's left is (like art and pornography) to a large
extent a matter of interpretation. so far (thanks to y'all) i've
*reduced* the accepted mail volume by rejecting ~20K spam smtp
connects per day! that's 1/3 less mail graded as spam,
enterprise-wide.
so i'm thinking it would be useful to have a graylist of sources which
the site could customize to contain
- possibly desirable advertising
in my clients' context, these include travel, IT technology,
office equipment, domain-specific technology.
- some content that could be useful
- some customized content
- recognized ecommerce merchants and vendors
- opt-in lists which are not particularly work or business-related,
e.g. health, recreation, music/movies, local events and sales, religion,
astrology, genealogy.
- lists which claim to be opt-in but i just can't decide. (there are
whole new genres out there...)
most of these are things which typically look like spam, syntactically.
i'd like to be able to tag them as "ads/of some possible interest" using a
unique X- header and filter them into a separate mailbox (not the spam
mailbox) by way of a default local MUA rule.
in my view, membership of a source on the graylist wouldn't adjust the
spam grading, just how the header reporting takes place after grading.
the reasons not to whitelist them is
- they are a lot less trustworthy than, say, a major newspaper,
or a financial institution, so i don't want to give them a free ride.
(i still want to measure their spamminess.)
- i can sometimes distinguish between junk and content from the same
general source. (think of it "skipping the commercials"). i want
to whitelist one, graylist the other.
- they are often intrusive, so the tagging/filtering enables people
to manage their time better. an example is x10.com, which *is* opt-in,
but is one of a long list of really annoying merchants due to their daily
carpet-bombing.
- they are not particularly business-related but they'll end up in
people's normal business mailboxes. we'd like to understand how much
of this we're actually receiving (since it seems to be only growing
as companies replace paper).
- i can't decide quite what to whitelist when a site acts as a
service bureau and delivers a mix of junk and useful (e.g. topica,
sparklist, rsc01).
the reasons to not let them be graded as spam (as they are now)
- they really are a different sort of animal, as evidenced by user complaints
that they are not (their definition of) spam.
- the users don't want to grub through their spam folder to find such things.
- the users shouldn't have to individually filter these things by site.
- they clutter up the reports of spam, and i now have to remember
which of them fall in which category (spam/gray).
these are enough problems that simply fixing the reporting scripts
seems like the wrong solution.
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
