Mail Server best practices - was: Pandora's Box of new TLDs

Rich Kulawiec rsk at
Sun Jun 29 16:50:36 UTC 2008

On Sun, Jun 29, 2008 at 07:55:07AM -0700, Roger Marquis wrote:
> Quoting <> :
>   The only reliable way to avoid false-positives is by monitoring
>   the email server or gateway logs and allowing end-users to receive
>   a daily report of email sent to their account that was identified
>   as spam and filtered.

Two comments:

First, it is impossible to avoid false positives (unless you turn all
spam filtering off) or false negatives (unless you block everything).
The discussion thus shouldn't focus on 0% FP, 0% FN, but on how to
minimize both simultaneously such that the percentages are acceptable
to the receiving organization.  (Note as well that FP and FN are always
defined on recipient side, never the sender side.)

Second, while in principle this isn't a bad approach, in reality it
tends not to work well.  It requires that users weed through the daily
reports (which they won't) and determine what's spam/not-spam (which
they'll get wrong) and it requires accepting and storing considerable
volumes of mail which are likely spam/phish/virus/etc.  It also can
make FP detection difficult, since senders do not get a reject (mail
was accepted, after all; why should they?) and thus may be unaware that
their message was dropped in a probable-spam folder.  I find it's much
better to reject outright with a very clear error message (that provides
recourse for senders who believe it to be in error) and then address the
resulting issues at the postmaster level (since in most environments
such issues are likely to effect more than one user).


More information about the NANOG mailing list