On 2021-08-17 18:53, Greg Troxel wrote:
Alan <> writes:
I manage email for a couple of hundred domains, so a fair bit of stuff
that arrives to my inbox are spam complaints (they're supposed to open
tickets or use the support mailbox but... users). I flag anything over
5.0 as spam, but it still comes to my inbox. Anything over 8.0 goes to
the bit bucket. Our support inbox deletes anything over 10.0. Stuff
that scores over 20 arrives on a regular basis but 10 seems to be a
decent threshold for "absolute crap".
When you talk about 8/10 and bitbucket/delete, are you accepting this
email at the MTA level and then sending it to /dev/null? If so, I
wonder what your thoughts are on the wisdom of that vs rejecting at the
MTA level? In my view MTA, rejection is much better because if there is
a legit sender they get a 550 back, rather than silent discard.
It's sent to the bit bucket, not done in the MTA. In this case, each
account can set individual thresholds and has an individual set of local
rules, so that might be why. I'd prefer to 550 them as well, although I
suspect the majority of sources just don't care. Lately the most
insidious stuff has been coming from VPS providers with insufficient
vetting. Every few months I get something like this:
We are looking to get set up with a Dedicated Server or VPS today with
a /24. It is to mail, but it's all compliant.
Can we get set up with you guys?
Invariably they're red flagged multiple times on ROSKO. I'm sure failing
to take 2 minutes to do that check has done significant damage to
website builders who figured they could make some easy money in hosting.
--
For SpamAsassin Users List
