-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In message <[EMAIL PROTECTED]>, Magnus Holmgren <[EMAIL PROTECTED]> writes
>It is a good idea to reject likely to certain spam ITYM "fail to accept" >, because in the rare cases >of false positives the legitimate sender will be notified. It is also a good >idea to have at least as good spam protection at the (forwarding) secondary >MXes as at the primary. But what is the best way(s) to handle .forward-ed >mail coming from friendly but slightly stupid (in the sense that they lack >adequate spam protection) hosts, It is best to ensure that you do not use any scheme that is traffic based (viz: "the last <n> from here were spam, hence I will make an assumption about the next <n>") but only content-based (viz: "I will look at each message and form an opinion about it"). It is also essential to ensure that email to your abuse team isn't filtered -- because that just makes you look as if you don't care >and how do you implement it with Exim? It's more about not implementing all the off-the-wall ideas that people come up with, rather than adding yet more cookbook recipes. >c) Monitor mail logs to identify forwardings automatically or manually. Monitoring incoming email logs can allow you to identify remote sites that are sending you junk. However, if it is their smarthost (main outgoing MTA) then you're unlikely to get enough of a pattern to be able to provide them with any useful information. Note that the world is full of people who are forwarding email from one site to another, one ISP to another -- and schemes (readers are familiar with several) which assume that you can read something into the relationship between the source of an email, where it says it comes from, and how legitimate it is, are doomed to fail in today's conditions. >d) User-managed ~/.backward (or a database or whatever) containing addresses >and/or hosts forwarded from. If you have 3 users, go for it. If you have 30, 300 or 3 million then get yourself a more interesting (and less privacy invading) hobby! You will merely end up rejecting a lot of legitimate email and dealing with extremely annoyed users :( - -- richard Richard Clayton Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755 -----BEGIN PGP SIGNATURE----- Version: PGPsdk version 1.7.1 iQA/AwUBRD0EKZoAxkTY1oPiEQIjWQCfaMVmDyaYIxohLyxzF1PvikjNI3EAoJj0 ebjGTSL8sPejXEUn+aj8ypVk =Wu5e -----END PGP SIGNATURE----- -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
