>I am wondering whether anyone has written any scripts (awk, perl, sh,
>etc.) for auto-whitelisting known good senders. If one of my users has
>sent mail to someone, it is likely they would also like to receive mail
>from that someone.
>
>So for example, a script could be created (or possibly has already been)
>that searches the outgoing messages sent by the local users (Imail user
>base) and harvests the [EMAIL PROTECTED] as likely legit recipients
>we would want to allow messages back from.
>Understanding that there might have to be some fine-tuning, but it would
>certainly reduce customer support with false positives from known legit
>"mail froms."
>
>Any ideas or experiences?
whitelisting [EMAIL PROTECTED] carries the danger of a spammer forging
it and spamming all your accounts.
how many msgs does your sender send to a recipient before your whitelist
the recipient as a sender? just 1? 10? if more than one, over how much
time? today? days? this week?
And if you have 10K accounts, each might have 10's of senders whitelisted,
meaning you whitelist of 100K items, or more.
Sometimes ideas such as your are simple enough to understand and to
program, but in production, it's very often not so simple, and the problems
the script creates offsets the problems you intended to avoid.
Looking at reports of what's rejected and accepted, I've written a lot of
scripts on such ideas, got the script working great, but in production it
either wasn't very effective (insufficient benefits vs expectations),
and/or it created new problems to solve, which complicated the script (if
solvable), and the script itself a maintenance chore.
eg: send users reports of what is rejected by IMGate so they can identify
rejected legits. easy to script. Complication: the users would certainly
want to see the rejected msg they don't quite recognize ("hmm, what's that
reject? could be interesting."), but you don't have the msg, only the
envelope info. And scaleability past a few users would be
impossible. Say you had 10K users, that's 10K reports, and say 300
users/day wanted you to whitelist their potentially legit senders. What
mail admin can handle 300 such requests/day?
So you try, but the maybe-legit sender is [EMAIL PROTECTED], so are you
going to whitelist flowgo because one user wants it? or whitelist only
[EMAIL PROTECTED] but that allows it to go to ALL of your users? and
after all, the requesting user sees he really doesn't want it, so now
you're faced with the un-whitelist task (coupled with complaints from other
users who now get whitelisted jokelist but consider it repulsive).
Len
