Autor: W B Hacker Data: A: exim users Assumpte: Re: [exim] No Blacklist DNS List
Marc Perkel wrote: >
> Martin A. Brooks wrote:
>> Marc Perkel wrote:
>>>> 1) On what grounds, exactly, is a host added to this list?
>>>>
>>> I have a list of host names - some from my white list, some from my
>>> yellow list (yahoo, hotmail, etc.). I'm adding to the name based
>>> lists all the time. Then when I get email from these domains then I
>>> record the IP in the same color list. For example, wellsfargo.com
>>> never sends spam. It's all good. So they are whitelisted by name.
>> So, what would happen if _I_ sent you an email from
>> mart@???? Let's see:
>>
>>
>
> What's amazing is that few people understand the concept of a white
> list. It doesn't mean that I'm blocking mail that doesn't come from
> wells fargo, it's that I'm allowing wells fargo mail to bypass all other
> spam testing. Is it's wells fargo email from a wellfs fargo server -
> it's good.
>
>
Marc,
But you have missed the 'bigger picture'.
You *at least* must verify that the incoming is indeed *from* your
whitelisted entities - not a forgery.
So doing means you should NOT bypass *all* other spam testing...
Though it seems you have done so...
Given that the potential number of entities that 'deserve' whitelisting
is finite, but extremely large, it makes more sense to me to whitelist,
not those who *never* set a foot wrong, but rather those who:
a) actually have traffic for your clients
b) have some sort of DNS or other configuration problem, hence 'need' a
whitelist pass. Preferably neither unconditional, nor even overly broad.
- Decent pre-content-scanning filtering applied to all comers may take
more machine-cycles than skipping a whole series of acl's, but needs
less 'wetware' effort.
That's why we automate such things... computers may becoem heavily
loaded, but the neither tire, forget, nor behave unpredictably.