"Herb Martin" <[EMAIL PROTECTED]> said, in message [EMAIL PROTECTED]: > > Which has the disadvantage of exposing you to > spam under several not too unlikely circumstances: > > 1) Someone harvests addressess from a list (e.g., > this one) where you are both members and > sends to some members from another member.
No. This can't work. Unless I e-mail you directly (off list), the fact that we're both on the list can't lead to your address being whitelisted. Even allowing for accidentally Cc'd messages, I suspect any single member of this list has probably mailed only a tiny percentage of the list members directly, so their probability of being hit by a spam with the correct sender address is going to be fairly small. Of course, the list address itself is whitelisted now, so spam arriving on this list would be forwarded, but then anything other than full text body searching of the messages (SpamAssassin, whatever) probably wouldn't flag any content of this mailing list as spam. > 2) You are both in someone else's email address > book who becomes a virus/trojan bot and > shares the lists or sends the spam directly. True. But you *did* mention greylisting, and I *did* mention that we use it. > 3) Your actual correspondent is the victim in #2 Also true. > 4) Your actual correspondent, especially in the case > of a commercian concern, becomes the spammer. Again, any whitelisting system which works on previous reputation to avoid scanning is going to fall down with this one. I should have mentioned that aging is an integral part of the whitelist - in my case, I drop any sender/recipient pair which hasn't swapped mail in the past 3 days (which I'll now increase to 14, I think). A legitimate correspondent would have to go bad very quickly to get spam through the whitelist. If one of my users mails an address which spams them within a short time, is it really "unsolicited"? I'm not really wishing to get into an argument about this. I introduced it quite some time back and it hasn't caused a measurable increase in our accepted spam. Marc was asking what people do, so I described it (even saying that it wasn't as effective at letting ham through as I had hoped!). Cheers, Alun. -- Alun Jones [EMAIL PROTECTED] Systems Support, (01970) 62 2494 Information Services, University of Wales, Aberystwyth -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
