[OT] Handling Returned Virus Mail

Alex Tweedly alex at tweedly.net
Sun Nov 27 19:25:02 EST 2005 

Timothy Miller wrote:

>
> My ISP has installed a spam filter called "Vanquish" that works, 
> well... perfectly.
>
> Vanquish doesn't attempt to filter by content, subject line or IP. 
> Instead,legitimate senders not on my "allow" list get directed to a 
> website where they have to type some graphic characters into a field. 
> They only have to do it once. After that, they go on the allow list, 
> unless I remove them. At first, I worried that legitimate senders 
> would be put off. I've not heard a single complaint. The only comment 
> has been, "Hey, where can I get this?"
>
> My outgoing email gets added to my allow list. Bonded senders are also 
> allowed, unless I exclude them.

I've never tried any of these schemes, so I may be misunderstanding the 
details, but ...

if you send a message which can't be delivered (e.g. you mistyped the 
address, or your friend's email box is full, or their ISP is going out 
of business, or .....) then you would normally get a message sent to you 
to inform you of the non-delivery. These often come from some automated 
address which won't accept incoming email. It looks to me as though 
Vanquish will block them (ok, it will challenge them - but the automated 
sender address won't deliver mail to a real person), and so you'll not 
be informed.

Similar issues should happen with problems on some mail lists, such as 
emzlm, which warn you of delivery problems (e.g. including attachments 
if not allowed, including html if not allowed, etc.) by sending an 
automated email which won't get through.

Do you happen to know how it handles mail list (such as this one) which 
show the individual senders in the "from" list (but I know I haven't 
been challenged to get a message to you); does that mean it allows you 
to whiltelist by "Reply-to" rather by "From" address ?   And if so, 
isn't that a way for spam to get in, since a spammer can spoof reply-to 
addresses easily (assuming they have harvested email addresses from 
specific mail lists) ?

Even worse, if you are on an emzlm mail list, and for some reason you're 
ISP is bouncing messages temporarily, then you'll get a warning message 
- but it comes from the mail list administrator, not the mail list 
itself, and therefore may not get through.

(Or, in summary, I'm a bit skeptical about this overall approach :-)

-- 
Alex Tweedly       http://www.tweedly.net



-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.362 / Virus Database: 267.13.8/183 - Release Date: 25/11/2005

More information about the use-livecode mailing list