Sender Callout Verification
Add a new test for Sender Callout Verifications. This type of test connects back to the email sender's server and attempts to find out if the sender is valid, by starting an SMTP conversation (no email is actually sent). If the sender's email address is rejected as invalid by the sender's email server, the sender email address is considered forged and the email is blacklisted.
[Note from Vamsoft: The value and side-effects of this anti-spam technique is disputed in the industry.
For instance, simultaneous Sender Callout Verifications from thousands of servers (as a result of a major
spam breakout with forged sender email addresses) can result in a kind of Denial Of Service attack performed
against the forged sender's email servers].
3 comments
24
Log Email Delivery Path IPs
Add a new, optional column to the ORF log which would contain the entire email delivery path (IP addresses), with marking what IP addresses ORF actually checked.
24
Auto Sender Whitelist: Enable Excluding Local Users
Add a list to ORF where the administrator can exclude certain local email addresses from the Auto Sender Whitelist address collection process. This would prevent less trusted users from "poisoning" the Auto Sender Whitelist when their computers get infected and send email viruses, or when they respond spam, etc.
24
Auto Sender Whitelisting Entire Domains
Enabling this option would whitelist emails not only from recipients of outgoing emails recorded in the Auto Sender Whitelist database, but from all addresses in their domains. This might cause problems if the recorded sender uses a free email provider (like Gmail, YahooMail or Hotmail), so to avoid whitelisting such domains, there would be a domain exception list.
24