One anti-spam thing I like is per-person (or per-address) blocklists

January 3, 2016

I've come to feel that one of the powerful anti-spam things that you can do in any environment with a shared mail system is to support some form of individual filtering and blocklists at the SMTP level. Given the SMTP DATA error problem, the conceptually easy options to support here are blocklists based on the sending host and on the MAIL FROM envelope address, since those are easily done at RCPT TO time on a per-recipient basis.

The general case for supporting individual filtering is pretty straightforward. One size does not fit all, since both people's email patterns and their level of caution (and tolerance for spam) vary. Individual blocking empowers people to block things for themselves that you could never get permission or agreement to block on a global basis. In turn this is likely to make them happier with your email system, partly because they will be getting less spam and partly because they'll probably feel more in control of the whole process.

Blocking at SMTP time is harder than the alternatives, especially on a per-user basis, but it's doable. I advocate for doing it despite the difficulty partly because SMTP-time rejection has various technical advantages, partly because I plain like it, and partly because I feel that people in general are likely to be more comfortable with filtering that returns error messages to the sender in cases of false positives, which today requires rejecting at SMTP time.

(Perhaps the last is projecting my feelings on to other people, as we certainly have a fair number of people who automatically discard incoming spam without appearing to ever worry about it.)

A per-address blocklist feature is convenient even on a mail server that's only used by you, because it provides a nice way to start closing down single-purpose addresses when they start getting spammed or abused.

(If you run your own mail server, you really should set up some sort way of having controllable single-purpose addresses.)

Written on 03 January 2016.
« I've realized I need to change how I read Twitter
How I do per-address blocklists with Exim »

Page tools: View Source, Add Comment.
Search:
Login: Password:
Atom Syndication: Recent Comments.

Last modified: Sun Jan 3 03:03:47 2016
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.