Sender Freindly - ORF Forums

Sender Freindly RSS Back to forum

1

Hi, I have a customer that wants a "more Sender Friendly" SPAM filter. She has heard of some that will send a rejection email to the sender allowing them to respond and get white listed (temporarily or permanently?)

Do you have anything like this in the works?

by Mel Monroe 9 years ago
2

@Mel Monroe: These filters are called "Challenge/Response Filters" in the industry (C/R for short) and they are actually quite controversial. We do not currently plan such feature, but it can be voted at http://www.vamsoft.com/features/features_more.asp?fi=70 in our website.

The two most important reason why this particular technique is controversial is that

1) There is often no human on the sender side to respond. Think of mailing lists, newsletters, automatic shipment notifications, booking confirmations, etc. These senders have to be manually whitelisted, or released from the quarantine.

2) Given spam accounts for almost all email on the internet and it is almost always sent from a forged sender address, sending an automatic response will just bomb innocents and increase traffic for little gain. Some consider such automatic responses rude, a phenomenon called "backscattering" - http://en.wikipedia.org/wiki/Backscatter_(e-mail)

We believe high effectiveness with low false positives can be archieved without resorting to such controversial techniques.

Peter

by Peter Karsai (ORF Team) 9 years ago
(in reply to this post)

3

@Peter Karsai (ORF Team): Hi Peter,

If the rejection-message at the smtp-level would contain a special hyperlink, there would be no backscatter and at least human false positives could whitelist themselves. All we need would be a unique-id (we already have one, just strip sce- and .eml) as a variable to place into the smtp-response and some simple webpage that expands that id to the right sender(/recipient(/sever)) combination and validates that he is human.
That could even be extended to give the sender a detailed explanaition WHY his message was rejected in the first place.

Winfried

by Winfried Pohl 9 years ago
(in reply to this post)

4

@Winfried Pohl: That could be done, indeed. However, we still have to make the following assumptions to make it work:

* the sending MTAs will send a bounce report,

* on the receiving end of the bounce report there is an actual human and not an automatic bounce handler, /dev/null or a postmaster account,

* the bounce report will contain entire SMTP response, or at least parts of it,

* the sender will actually read what looks like a standard bounce report,

I would say there are still quite many places where things could go wrong. Effectively, we are still unable to handle Case 1), for which probably no technical workaround exists at the moment.

by Peter Karsai (ORF Team) 9 years ago
(in reply to this post)

5

I'm not saying it could replace a well designed filter, but it could avoid at least some human false positives. Not that I have more that one per year, but there are businesses who could not filter that much without getting to many false positives and what most companies care about are HUMAN false positives.
So there may be MTAs that don't send bounce reports, but most will.

by Winfried Pohl 9 years ago
6

@Winfried Pohl: Winfried: I think I misunderstood your proposal, because I was still thinking within the framework of the original topic about C/R filtering.

Indeed, the quarantine release mechanism you proposed could be useful in reducing false positives. How about turning this into a feature request at http://vamsoft.com/features/ ? This may get implemented if the Web-based Quarantine is implemented (http://www.vamsoft.com/features/features_more.asp?fi=5)?

by Peter Karsai (ORF Team) 9 years ago
(in reply to this post)

7

Peter, thank you. I forwarded your information to my customer. It was a great help in answering their questions. We are having an area wide (Northern California) problem with emails being rejected and/or failing to be delivered. Basically, in this area, Internet email is unreliable at this time. Even though this was a valid question it was prompted when ORF was incorrectly blamed for the failures.
M

by puterman 9 years ago
8

More info on classic C/R: http://www.jcb-sc.com/hostile/cr.html
http://www.jcb-sc.com/hostile/cr.html

by Frank Bernard 9 years ago

New comment

Fill in the form below to add a new comment. All fields are required. If you are a registered user on our site, please sign in first.

It will not be published.
hnp1 | hnp2