On Wed, 2020-11-11 at 09:52 +0100, Tobi wrote: > > If I only had a ready-made list of those important domains. > > If you filter for customer domains then maybe (depending the customer > domain) adding the customer domain to spf checks is worth a look too. > That's easy: keep a database of addresses you've sent mail to and treat that as a whitelist. Should work at almost any scale and about the only essential maintenance it needs is the ability to remove addresses you no longer want to whitelist.
I suppose some may find it useful to datestamp entries with the last time mail was sent to them and remove any addresses that haven't been sent mail for 'x' days/weeks/months/years but I've never needed that ability. Martin