Bryan Rawlins wrote:
>>> I fail to see any connection between a mail server sending over TLS, and
>>> the experience of the admin of the server. I also fail to see the
>>> usefulness of making that connection. It's not something you could ever
>>> filter on.
>>>
>> Because it indicates the admin of that mail server probably didn't
>> intentionally enable TLS for remote connections and just used the
>> server defaults. There are quite a number of servers out there
>> that inexplicibably insist on using TLS if advertised for MX
>> deliveries.
>>
>> True, you wouldn't filter on it. I agree. My reply was simply stating
>> that one also shouldn't *whitelist* based upon it either.
>
> This has me curious, I'm going to try and compute a probability that a
> messages is/is not spam based on if the sending server uses TLS.
> Probablities will be calculated based on results of our existing filters
> and will not be influenced by the data collected.
>
> I'll post results to the list after approximately 24 hours.
I'd be very interested to see those results. But just to restate my
original position, the only assumption I'm making is:
If the SMTP connection uses TLS, the connecting host is *very*
probably, not an exploited machine with a pump and dump program
running on it.
I still use spamassassin and clamav and rbls etc, regardless of the
presence of TLS. There's just no point applying greylisting if it's present.
Mike