On Wed, Feb 07, 2007 at 02:22:26AM +0100, Marcin Krol wrote: >> The other think is that I think it is 10 mails that put people on >> the whitelist, which is not that much. > > Not an option. > > In hosting (my context) you plain CAN NOT afford false > positives. That's just out of question. A small amount of > spam is tolerable, but false positives aren't. > > At volumes of mail we handle, even low probability that > legitimate mail sent by partners of our customers will be > dropped into quarantine/deleted before they send 10 mails > altogether to our customer turns into statistical certainty > in way too many cases. > > More extensive whitelist management is one thing I sorely > miss in DSPAM.
Well, you could always build a script which sends ten (or however many) emails from the address to be whitelisted, with special magic text in them which a) ensures it's not marked as spam and b) can be detected and removed after processing by dspam (rather than sent to their mailbox). On a more serious note, it's probably worth looking into exactly how dspam whitelists senders. I have a feeling it goes by the entire "From:" line rather than just the email address, which might explain why there's currently no tools to simply add an email address to the whitelist. This makes sense from a spam point of view; subscribers to this list might well have "From: Michael Alger <[EMAIL PROTECTED]>" whitelisted by now, but an email with "From: [EMAIL PROTECTED]" is still a candidate for classification as spam. Anyone you're frequently corresponding with probably has a pretty static From: line, which makes it useful for identifying innocent mail. I don't actually _know_ if the whitelist works like this or not, but it sounds feasible and is even desirable for most users. If it is the case, then you might need to implement an additional sender whitelist outside of dspam, or hack dspam to support this notion of whitelisting based on an email address. Having the whitelist outside of dspam might also be a useful way to reduce load on your dspam server(s); which might be worth considering unless you have very beefy servers.
