spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Jones <djo...@ena.com>
Subject Re: List of legit mass mailers
Date Tue, 07 Mar 2017 22:59:44 GMT
>From: Miles Fidelman <mfidelman@meetinghouse.net>
>Sent: Tuesday, March 7, 2017 3:36 PM
>To: users@spamassassin.apache.org
>Subject: Re: List of legit mass mailers
  
>One might opine that there can be no such thing.  Mass mailings are almost always
>spam - except when distributed by an organization to its own customers or members. 

I don't want to start a huge debate over the definition of spam but there is a distinct
difference between spam and UCE primarily due to how it should be handled.  If your
SA environment is only filtering a single or a few mailboxes, you can get away with
treating spam and UCE the same so I am not talking about small SA instances.  In a
large SA instance of more than a few hundred mailboxes spam and UCE should be
handled differently.
Spam = malicious email intended to trick the recipient into do something bad.  This
includes viruses, malware, phishing, Nigerian scams, British lotteries, etc.
UCE = unsolicited commercial email.   This can be something the recipient did
(possibly accidentally) or didn't sign up for.  UCE can come from trustworthy senders
which can be safelisted with whitelist_auth.

I think what we are trying to target is the trustworthy commercial senders like
paypal.com, ebay.com which are in the def_whitelist_from_dkim and
def_whitelist_spf and work well in SA with shortcircuiting enabled.

I have extended my list of SA whitelist_* entries to about 4,000 and it is working
very well.  I let trusted senders with valid opt-out processing through to the end
user so they can decide for themselves to unsubscribe or continue receiving it.
The trick is finding the pattern of trusted sender characteristics which I think I
have.

Dave
Mime
View raw message