> From: david > > In a situation where single point failure tests are being > administered at the corporate level (not at the ISP) then IMGate > and similar solutions may appear to work well because the admin > (presumably) is looking after the concerns of his *customers* > i.e. internal users. They have been empowered to do so by their > employers to act in good faith and with the companies and it's > employees interest at heart.
I think that is where you will see the big difference in useres of single test blocking. Most admins do attempt to serve the interests of their employers. Internal IT departments generally then favor the lowest FP plan - the end recipient of the email is an employee of the same company they work for. Those running large ISP's, however, the end consumer is not an internal employee. The companies interests are to make money for stockholders and that demands a balancing of minimizing captial and ongoing expenses versus lost business due to efforts made to best utilize the resources available (ie, customer that leave due to missing important emails). Of course, with the right marketing spin, you can sell the blocking of "a few" legit emails along with all the "bad" stuff people don't want to get. The problem arises in the inability to tell how much "good" email is lost. For example, blocking all attachments in the name of blocking viruses (there are other solutions possible, some of which would all all attachments to be received). Next, block all html and scripts, again, since a virus could come in that way. Soon, we'll all be back to the same text messaging that we started with. > why just rely on one test rather than a multiple test that provide > better confidence? I agree, except for the attempts to use our domain name or ip in the HELO or confirmed spammers (confirmed by US) that are known problems. > Go one further step back to the ISP level any test system that > rejects is simply crazy because you can never be sure you're not > rejecting FP's. What an ISP can be positive is spam is even less than their end user. For example, just because WE don't want to get mail from @leftbehindprophecy, doesn't mean someone else doesn't. You're in a position to determine what should > happen to a customers email. You have the power to excercise that > control and it's all very clever stuff but do you have the right > to do so? Of course, I'm sure their TOS says they do. Legally. Somehwere, in perhaps a lot of very ambiguous/weasel words. Ethically is another matter. Even those who pay extra for such blocking, however, should have the true effects clearly spelled out to them (for example: we block all class C's from other ISP's that don't help block spam and countries that have spam issues, as well as any company using cable of dsl connections, so your customers at those ISP's won't be able to email you). Again, just because I don't want email from korea doesn't mean other customers of the ISP don't. And when your users start buying tea and trinkets directly from hong kong, you can't be blocking everything from asia. If you are a business, you can do so and tell employees to get a free amil account for personal business -- but if you buy parts from overseas you can't afford for your ISP to do this to you. > By not informing recipients of FP's (you can't because you're not > detecting them) you're lulling yourself and them into a feeling a > false security by being convinced it works. If you don't care > about FP's then fine it will work but in my book rejecting just > one FP rejection is a no-no - it should never be allowed to happen. That should be the goal (even if impossible to attain). --- [This E-mail scanned for viruses by Declude Virus] To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
