Again, thank you all for your patience. I respect the probability that my
approach is not the best, and I certainly don't want to do anything to
antagonize the anti-spam community (i.e., humans).
In my experience, though, bouncebacks give the false-positive sender the
opportunity to inform the postmaster (myself) that he/she was falsely
accused. I use an "all_spam_to" address mentioned in my bounceback messages
for the sender to forward their complaint to. Ideally, I'd like to be able
to use the information in the complaint to tweak my rule scores accordingly.
Often, all I am able to do is whitelist the address (due to lack of
information).
So it would seem clear that my entire approach is outdated and
counter-productive. I certainly apologize for my ignorance, but what would
the alternative be?
- Jon
on 8/7/04 10:44 AM, jdow at [EMAIL PROTECTED] wrote:
> Jon, you and people like you are responsible for incredible amounts of
> fury from me when some virus or joejobber selects MY email address as
> the supposed from address. Bounce it to a special place, scan it yourself,
> then toss it. The rest of your family will never have to see it. (Of
> course, you DO know who SHOULD be sending email to your children and
> can see if that got marked as spam.
>
> Aside from the joejob cr*p this sends out ask yourself what the heck
> good is an email bounce? Can the victim of the false positive do
> anything about it? There's a fibblewart on the DirectX mailing list
> who sent me an email complaining about something. I tried to reply
> and it bounced. Now what do I do? I either spend a lot of effort to
> send it from an alternative address or I simply mark him down as a
> twit and ignore him. My address was blocked by a VERY old black hole
> list. He elects to use it so he loses. I'm not about to burden the
> list with it. That's simply an example. I've been known to use procmail
> to drop email from such people into the /dev/null hole in the world.
>
> So at least in my case it may be lucky you've not email bounced me.
> You get an explanation rather than simply get perpetually ignored. I
> do not like people who inconvenience a couple hundred people a day so
> that one person a day or even one a week who was unjustly tagged as
> spam gets an alert about which he or she can probably do nothing.
>
> Think boy. Think.
>
> {+_+}
> ----- Original Message -----
> From: "Jon Fullmer" <[EMAIL PROTECTED]>
>
>
>> Okay. I can appreciate this argument (having worked in large companies
>> myself). But I don't know that this method would be as well applied in my
>> environment. In a big company (or in any company), you're far safer
>> inconveniencing your users (i.e., tagging and releasing) because of the
>> danger of bouncing back false positives.
>>
>> This is a home environment. My users never want to be bothered with spam.
>> They don't want to have to set up filters on their clients. They never
> want
>> to see it. Here, I've found that it's far easier to address the
> occasional
>> false positive with the sender.
>>
>> As far as saving the environment, I'm well familiar with the fact that a
>> HUGE percentage of spam has a spoofed e-mail address in its envelope and
>> header, thus making bouncebacks pointless. However, for the sake of the
>> sender, a bounceback seems the most logical way to let a false positive
> know
>> that their message has not been received. This is why I would bounce back
>> rather than, say, just drop the message.
>>
>> I'm open to arguments either way. I certainly want to focus on what's most
>> productive for the anti-spam community. But I'm really more interested in
>> an answer to my original question. Does anyone know how I might do this?
>>
>> - Jon
>>
>> on 8/7/04 9:35 AM, Gary Smith at [EMAIL PROTECTED] wrote:
>>
>>> Tag and release... Tag and release... It'll save the environment.
>>>
>>> We had a big problem with emails from company X (x being a financial
>>> institution) being tagged as spam for a while. These emails contained
>>> daily valuation reports critical information to some of the clients that
>>> we hosted email for. Though the got tag they still received them. If
>>> they wouldn't have it could have cost them lots of money.
>>>
>>>
>>> -----Original Message-----
>>> From: Jon Fullmer [mailto:[EMAIL PROTECTED]
>>> Sent: Saturday, August 07, 2004 8:26 AM
>>> To: Michele: Blacknight Solutions;
>>> [EMAIL PROTECTED]
>>> Subject: Re: Log, but don't tell
>>>
>>> (Timidly, Jon answers): uh,... yes?
>>>
>>> on 8/7/04 8:54 AM, Michele: Blacknight Solutions at
>>> [EMAIL PROTECTED] wrote:
>>>
>>>> On Sat 07 Aug 2004 15:41, Jon Fullmer wrote:
>>>>
>>>>> Right now, I have my action_bounce message including only the total
>>> score
>>>>> [$hits]. This is the way I would like to keep it, as I would rather
>>> not
>>>>> give actual spammers more information to circumvent my system.
>>>> Are you actually bouncing spam?? Please tell me I misread that
>>>>
>>>
>>>
>>>
>
