BP> [email protected] skrev den 2019-08-13 12:42:
>>> Do the sender domains use DKIM? If they do, amavis can route messages >>> from >>> specific sender domains to dedicated policy banks. >> No they do not. BP> good or bad ? BP> to make it clear, do not whitelist untrusted senders, not even if sender BP> domains is local Because spammers spend SO much effort trying to figure out what my "easily spoofed" sender white-list is? <snark> I mean really - I'd be completely shocked if ANY spammer, EVER, spent ANY time at all making even the slightest effort trying to get around a sender whitelist. Really, it seems like a ludicrous idea. Yes senders can be forged. Yes, it's *possible* you might get another piece or two of spam. Highly unlikely, but possible. And if you start seeing an unusual uptick in spam, you can simply remove that single white-list entry. But no, lets run away screaming in terror at the *possibility* that someone might get around your sender white-list and deliver a few messages that shouldn't be delivered. [All while the deluge of messages [spam] we don't want that don't use sender white-listing swamp us.] I know I'm probably just responding uselessly - but this keeps popping back up as a reason not to white-list and, IMO, it's a *completely theoretical* problem with not a single real case of an actual dilemma faced by a real user in a real world. Sender white-listing can be quite useful [at least it is for me] and shouldn't be dismissed as a terrible solution, out of hand.
