Spam filtering bcps [was Re: Open Letter to D-Link about their NTP vandalism]

• Previous message (by thread): Spam filtering bcps [was Re: Open Letter to D-Link about their NTP vandalism]
• Next message (by thread): Spam filtering bcps [was Re: Open Letter to D-Link about their NTP vandalism]
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 12 Apr 2006 20:30:16 +0530
  "Suresh Ramasubramanian" <ops.lists at gmail.com> wrote:
> 
> On 4/12/06, Matthew Black <black at csulb.edu> wrote:
>>
>> I haven't seen any succinct justification for providing a
>> 550 message rejection for positively-identified spam versus
>> silently dropping the message. Lots of how-to instructions
>> but no whys.
>>
> 
>For viruses - fine.  But you are not going to find any spam filter in
> the world that doesnt have false positives.  And in such cases its
> always a good idea to let the sender know his email didnt get through.

Agreed, but we're willing to live with an error rate of less
than one in a million. This isn't a space shuttle. I don't think
the USPS can claim 99.9999% delivery accuracy. Nonetheless, to
allay worries, we are considering spam quarantines to allow
recipients an opportunity to review spam messages themselves, much
like Yahoo! Mail.


Complaints about e-mail not getting through won't be solved
with a 550 versus silently dropping spam because most users aren't
willing to sift through e-mail errors to find the specific cause
for delivery failure. Members of this list are a rare exception.


> Like for example - you see a large webmail provider whose hosts and
> domains keep getting forged into spam, misread the headers and block
> that provider.  In such cases, its your users who arent getting a lot
> of valid email from their friends and relatives who are using that
> provider, and 550'ing instead of trashing email saves the senders, and
> their provider,  quite  lot of time that'd otherwise be spent
> troubleshooting the issue.
> 
> Plus, 5xx smtp rejects tend to save your bandwidth a bit compared to
> accepting the entire email (not that it matters on a small university
> domain where your userbase is going to be fairly small, and bandwidth
> available quite generous ..  but for larger sites, or sites with
> bandwidth issues, that's definitely a concern)

We already reject most connections with a 550 or TCP REFUSE
based on reputation filtering and blacklists, et al.

Where is the bandwidth savings once we've accepted an entire message,
scanned it, determined it was spam, then provided a 550 rejection
versus silently droping?

matthew black
california state university, long beach

• Previous message (by thread): Spam filtering bcps [was Re: Open Letter to D-Link about their NTP vandalism]
• Next message (by thread): Spam filtering bcps [was Re: Open Letter to D-Link about their NTP vandalism]
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]