On 12:06 PM 11/30/2001 -0500, John R Levine wrote: >Nonetheless, I think that putting the individual recipient's address in >the To: line is a pretty bad idea. Many PC mail programs have weak >filtering features and can't filter on arbitrary headers, so without the >list name in the To: header, they can't put mailing list mail in separate >folders. I agree that looking for your own address in the To: and Cc: >line isn't a bad spam heuristic, but if you're going to do that, you can >put "whitelist" rules for your mailing list mail first.
Not all filtering is end-user filtering. It's easy for an individual recipient to whitelist mailing lists, then apply anti-spam filters, but much harder for a small ISP or business that's trying to reduce the amount of spam they receive and have to process into user mailboxes. You can't require every user to contact the mail server admin to whitelist yet another mailing list so that the list email can get thru the global domain filters. Thus the problem with list email not containing the domain name within the list headers. I admin a technical mailing list where people occasionally discuss viruses and you would be amazed at the number of subscribers who have brain-dead filtering (filters on the *body* of the message, filters that claim a message is a virus if it contains the name of the virus in the body of the email, etc.) of their list subscription address, filtering happening at the incoming MTA level. When I explain that this type of filtering is unacceptable for this technical list, they talk about how they can't get the mail server admin to change the rules. The only solution is for them to go get a freebie email account and use it to subscribe to the list! jc
