On 2019-05-11 23:25, David Jones wrote:
Is this for a single mailbox? If that is the case, then it's fine to
make a decision like that for a single mailbox. For those of us
running
mail filtering plaforms for customers, this would be a very bad rule.
Not a single mailbox, no. Not nearly the size of operation you have,
though. Family and a few friends. Anything they toss in their spam
folders gets moved to a central spot where I can do a post mortem.
I have an automated system that finds these candidates every week and
adds them automatically to my SA config file. This is a whole category
of email that I don't have to worry about false positives allowing me
to
increase the sensitivity of scores and meta rules to help block
compromised accounts and zero-hour spam.
I don't have anything nearly so elaborate. But then I don't have the
spam volume either.
My SA servers see millions of emails each week and they handle a lot of
non-DKIM signed ham.
I'm small potatoes, almost all my "customers" are an amateur radio club
who's members all email each other more than anyone else. It wasn't
until I personally started having to email a bunch of new gmail accounts
that the problem with my server not having DKIM-signing really crossed
the threshold from annoyance into "must fix". But I honestly don't know
(and I'm curious to find out) how can any major player still get away
with not having DKIM-signing? How does anyone without it manage when
Google spam-boxes all their mail?
My rule is in now. I'll monitor it closely. I attached less of a
penalty to not having DKIM than I originally intended, based on your
feedback. We'll see how it goes.
Thanks,
Kurt