Recipient whitelist rule processing
|
Logged in as: Guest
|
|
Users viewing this topic:
none
|
|
Login  | |
|
Recipient whitelist rule processing - 16.Apr.2009 1:04:17 AM
|
|
|
jpennell
Posts: 1
Joined: 16.Apr.2009
Status: offline
|
Can someone confirm my suspicions? And apologies if mentioned elsewhere - I couldn't find an answer.
I am trialling MailEssentials 14 - a lot of spam is getting through and it appears that when an email is addressed to multiple recipients, only one of whom appears in the whitelist, the e-mail is delivered to all recipients. This makes sense, since the e-mail is being checked on arrival.
The problem is that we have a couple of e-mail addresses which appear on websites and are frequently spammed - however, we have a "human" who goes through the incoming mails sorting the "wheat from the chaff". There is an inbound recipient whitelist rule for each of these SMTP addresses to ensure that the spam filters don't delete any wanted e-mails in error - for example, the "new sender" feature is highly likely to trip over the legitimate e-mails.
The problem is that I am seeing inbound e-mails addressed to multiple recipients, some of the recipients are harvested and fake, some are legitimate (and need protection from ME14), and the publically-known email address appears too - thus, the e-mail meets the whitelist criteria and is not subjected to further scrutiny (although for some users it would have been nice to have had the mail checked).
public@domain (appears) in whitelist
madeupaddress@domain (doesn't exist in AD)
realuser@domain (might be me!)
An email is addressed to public@domain, madeupaddress@domain, realuser@domain and is Spam. If the public@domain were not present - I'd never see the e-mail - it would be forwarded to a public folder instead. However, because public@domain IS in the whitelist and recipient list - I get the damn email!
I guess it's not possible to improve this functionality - doing so would mean iteratively processing an incoming mail for every recipient on the list - probably not feasible. For now, I have moved my module priority so that at least keyword checking is performed prior to whitelist validity.
Great product though - may well continue in use after the trial period.
Thanks,
J
|
|
|
|
|
RE: Recipient whitelist rule processing - 16.Apr.2009 5:11:41 AM
|
|
|
RSP
Posts: 1441
Joined: 31.Oct.2006
From: The East Riding of Yorkshire, UK
Status: offline
|
If you had Directory Harvesting above the whitelist, this would trap these emails if it's set for 1 or more invalid recipients.
The NEWSENDERS can be configured to simply tag emails, and I suggest you do this for most modules while evaluating to see which ones trap false positives.
One way to help your cause would be to use a web-form for the emailing, with a human-verification picture to stop the bots using it, and whitelist the IP of the web server. Then you can remove the whitelist for your public@.
Hope this helps.
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
|
Printable Version
