Hi, On Sat, Feb 10, 2018 at 12:04 PM, @lbutlr <krem...@kreme.com> wrote: > On 2018-02-10 (00:01 MST), Rupert Gallagher <r...@protonmail.com> wrote: >> >> The RFC should be amended. If not, we still reject on common sense. Our >> mail, our rules. > > My rule is that I do everything I can to reject mail. I look at the IPs, > headers, Subject, and content. I look for suspicious attachments, dangerous > attachment types, and scan for the millions of Windows viruses. I compare the > message to other messages and if at all possible I do not accept the mail. In > fact, my main job is trying to come up with new and innovative and effective > ways to reject even more mail. I'm up to about 97% rejection rate now. > > However, once I accept the mail, it is delivered to the recipient, no matter > what. > > Now, it might be delivered to a "Probably spam" folder, and that folder may > expire mail after a week or so, but it is *delivered* and the recipient has > the opportunity to reclassify that mail as being "ham".
Can we really trust end-users to properly classify email and not infect themselves with something or follow a phish without knowing? Many of our customers have additional services such as those from Wombat to train users on what to do with suspicious emails and yet they *continually* fall for both these fake test phish emails and the real ones, many times resulting in more than one system compromise. At the same time, withholding emails from users results in a lack of confidence that their emails aren't being redirected to the ether...
