On Sat, 16 Dec 2006, Codger wrote:
> My name is Ron, and I run a mail server.
{chorus} Hi, Ron!
> At first I suggested that they simply send to their contact lists
> a request that they respond to the email (with the private keyword
> inserted) without changing it. Now I have suggested they just all
> keep it in their signature for all their communications.
As others have said, that depends upon the correspondent not removing
your user's signature block. If most of the correspondents have been
trained by LookOut and its ilk to top-post without pruning the (entire
to-date) message history, that might work fairly well.
> What is then happening is that their contacts are getting a high
> negative score in the autowhitelist sql database. This has
> prevented legitimate email from being snagged by spamassassin
> many, many times
If I may suggest a system that is somewhat more automated and less
dependent on the proper behavior of local users and their
correspondents:
(1) Write a daemon to watch the MTA logs for outbound mail, and
capture sender/recipient email address pairs.
(2) Write some mechanism to build a list of email addresses a given
user has sent mail to recently, and a way for SA to look up the
sender/recipient pair for the message being processed to see if it
looks like a reply (or more generally a message between two regular
correspondents). Add whatever appropriate whitelisting negative
points you see fit for hits.
Anybody for a regular-correspondents-whitelist plugin?
This is not *quite* AWL.
> I personally hate the greylist/whitelist approach where you have
> to click on a link to be authorized to get your email through to a
> person. It is uninviting and intrusive, and even seems rude.
That's not "greylisting", that's "challenge-response", and most agree
it is evil.
Greylisting is where your MTA tells a client "go away for fifteen
minutes" the first time a client connects and attempts to send a
message. This works fairly well against simpler bulk mailers that spew
messages as quickly as possible to an address list and don't attempt
to retry failed deliveries.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
[EMAIL PROTECTED] FALaholic #11174 pgpk -a [EMAIL PROTECTED]
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
"Bother," said Pooh as he struggled with /etc/sendmail.cf, "it never
does quite what I want. I wish Christopher Robin was here."
-- Peter da Silva in a.s.r
-----------------------------------------------------------------------
8 days until Christmas
