On 10/11/2017 06:13 AM, Rupert Gallagher wrote:
The problem I see here is the number of people who really want to push blacklists and whitelists, as if they were a magic thing to add to their served to catch spam and blame for the failures. Why would you trust list B and W knowing that they can be corrupted? Why letting them know about your contacts? Are you aware that the communications between your server and the remote service can be altered to fool you into accepting a cryptolocker? There are privacy and secutity considerations that are completely ignored here. If you are serious about e-mail, stop looking for magic. It is a waste of human resources. I would rather see an open debate and collaboration on closing the loopholes of the RFC standard while making sure the servers implementations are sound and complete. I speak out of experience, as I catch 98% of spam without any magic.
Care to elaborate how you "catch 98% of spam without any magic?" Does it involve SpamAssassin?
-- David Jones
