Alex wrote:
Hi, we have a user complaining about receiving email from a solar panel company and want us to block it. The problem is that it originates from mailchimp, which is whitelisted.
I don't consider ESPs to be collectively or individually "white" enough to whitelist all mail sent through them. I've seen spam from pretty much all of them once in a while.
I *do* whitelist individual senders, just not the sending organizations.
It's my belief that mailchimp is safe to whitelist (mcsv.net).
And rsgsv.net, and mcdlv.net.
However, what happens when an email is received that needs to be blocked? Do you just report it?
If a customer reports something as spam that is otherwise generally legitimate, I'll first recommend they try unsubscribing.
If they report they continue to receive mail long after unsubscribing, I'll generally report a message or two to the ESP, and recommend the customer add a mail filtering entry to block the message. In our case, that's checked by our glue layer that calls SA; if there's a match there SA never sees the message in the first place.
Should I block the From address in postfix?
Only if you want to block this sender from all of your users.
Is it possible to blacklist the From when the sender is whitelisted?
Not easily. You could tinker with the scores for USER_IN_WHITELIST* and USER_IN_BLACKLIST so that one outweighs the other, but then what do you do when someone wants mail flow to balance the other way?
You could also use def_whitelist_* instead of whitelist_* in your systemwide definitions, but I have been bitten by a couple of odd cases where that was ineffective for some reason. For the systems I work with, simply bypassing SA in the first place is the simpler solution.
-kgd
