Security Basics mailing list archives

Re: spam-filtering policy

From: Devdas Bhagat <devdas () dvb homelinux org>
Date: Sat, 16 Dec 2006 12:09:25 +0530

On 13/12/06 11:49 +0800, cc wrote:

Dear All,

Since there's no 100% effective spam filtering mechanisms
so far, is it 'effective' to block (every/some) domains/IPs
and have the admin of those domains/IPs  send an online
application to whitelist the domains/IPs?

Depending on the volume of mail you handle, it can be. This is
particularly true when you are dealing with NATs, consumer grade
connectivity and dynamic IP addressing issues.

If it is an effective policy, wouldn't this create more
of a hassle for the admins of valid/innocent domains?

Those of us who do block large swathes of IP ranges try and minimise
damage.

If it isn't an effective policy, why does anyone use it?

Because it works better than anything else out there. A spam "tagging"
and filtering policy has the same effect as discarding email. The sender
never gets feedback on delivery. 

About the only time I can justify discarding mail is when it is confirmed
malware and has been accepted in the SMTP transaction (250 in response to
CRLF.CRLF). This is because bouncing that message would do more damage in 
real life than the discard, as the sender address is almost always spoofed.

The reason why I'm asking is that my co-worker has been
trying to send an e-mail to a customer whose ISP seems to
be using such a spam-filtering policy.  This ISP is blocking
my company's domain, for some stupid reason.  My company
certainly doesn't spam.

Are they blocking the IP or the domain? Or the IP range? Can you paste
the actual reject message here?

Devdas Bhagat

---------------------------------------------------------------------------
This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect
---------------------------------------------------------------------------

Current thread:

spam-filtering policy cc (Dec 13)
- Re: spam-filtering policy Frynge Customer Support (Dec 13)
- Re: spam-filtering policy Mike Peppard (Dec 14)
  - Re: spam-filtering policy Micheal Espinola Jr (Dec 15)
  - Re: spam-filtering policy Thomas Choi (Dec 21)
  - Re: spam-filtering policy Micheal Espinola Jr (Dec 25)
- Re: spam-filtering policy Devdas Bhagat (Dec 18)
- Re: spam-filtering policy Thomas Choi (Dec 21)