Dnia 15.04.2022 o godz. 19:20:28 Laura Atkins via mailop pisze: > > Would you really hold it against that company, given the data they have, > if they blocked all mail with that tld in it? Given that it’s 90+% > guaranteed that tld is spam? What if 90+% of the mail in the .eu.org > <http://eu.org/> tld is also spam? Does it make more sense to block mail > containing that domain? Or are we just refusing to consider any domain > based blocking at all?
I think *domain* based blocking is OK, if the domain is confirmed to send spam, but this applies to end-user domains, not to TLDs. TLD-based blocking is definitely not. Similarly IP-based blocking is OK, if the IP is confirmed to send spam, netblock-based blocking is not. Even if 95% of mail from some TLD (or netblock) is spam, that remaining 5% could contain something very important to someone. Of course I'm talking about general email providers. If someone runs a private mail server and does not expect that he/she ever receives any legitimate mail - for example - from Brazil, it is understandable that he/she blocks the entire .br domain or Brazillian networks (a LOT of spam coming from there!). But for a general email provider, blocking off Brazil would be wrong, even considering the huge amount of spam coming from there. There was a previous discussion in this thread regarding spam filtering more concentrated on "badput" or "goodput". One can either have a goal to minimize the amount of spam passed through, caring less about some legitimate messages being filtered out, or one can have a goal to minimize false positives, living with the fact that a few spams will end up in the inbox. My opinion is that you cannot have both. Either you minimize the amount of spam - sacrificing some legitimate email in process - or you maximize the amount of legitimate email, allowing some spam to pass through. I obviously prefer the second approach, while it looks that Google is taking the first one. For recipient being an experienced user, the message getting into spam folder is no big deal, because such users will check their spam folders anyway. But majority of Google users have little experience :). They just believe that things in spam folder are actual spam and they have no reason to look there. My recipients for example, even after multiple cases of my messages ending up in their spam folder, seem to still not develop the habit of checking that folder too, nor clicking "this is not spam" on messages that mistakenly landed in the spam folder. Therefore I think a few spams landing in the inbox do less harm to an average user than even one legitimate mail filed to spam folder, because even an inexperienced user is able to note the obvious signs of spam and delete the message manually (at least that's what I believe, maybe I'm wrong?). And if we're talking about targeted, sophisticated phishing, even a very strict spam filter will be usually unable to catch it anyway. Just today at my work email I received a phishing message that no spam filter would catch (unless the URL of the link that I was supposed to click would be known to the spam filter - but for targeted phishing they usually use fresh domains, not used previously). It was just a regular message that an average person would send, only the content was suspicious because it claimed things that were unprobable in relationship to my actual life. But it wasn't any well-known scam like Nigerian fraud, so no filter could know that, only a human can :). -- Regards, Jaroslaw Rafa [email protected] -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." _______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
