[OT] Handling Returned Virus Mail

Timothy Miller gandalf at doctorTimothyMiller.com
Mon Nov 28 01:16:36 EST 2005 

>Timothy Miller wrote:
>
>>
>>My ISP has installed a spam filter called "Vanquish" that works, 
>>well... perfectly.
>>
>--snip--


Alex Tweedly replied:

>I've never tried any of these schemes, so I may be misunderstanding 
>the details, but ...

>if you send a message which can't be delivered (e.g. you mistyped 
>the address, or your friend's email box is full, or their ISP is 
>going out of business, or .....) then you would normally get a 
>message sent to you to inform you of the non-delivery. These often 
>come from some automated address which won't accept incoming email. 
>It looks to me as though Vanquish will block them (ok, it will 
>challenge them - but the automated sender address won't deliver mail 
>to a real person), and so you'll not be informed.


I hadn't thought of that. It is possible to view all blocked mail on 
a web page. Wanted emails are easily released or added to the allow 
list. But that's laborious. The whole point of this scheme is to 
avoid viewing blocked mail. It's possible that Vanquish would 
recognize a bounced email I have sent. I really don't know. It's not 
a big concern for me, on the address Vanquish filters.

>
>Similar issues should happen with problems on some mail lists, such 
>as emzlm, which warn you of delivery problems (e.g. including 
>attachments if not allowed, including html if not allowed, etc.) by 
>sending an automated email which won't get through.


The user can allow an entire domain name, and it has special features 
for handling email lists. It's possible that some such mail would be 
blocked. This would concern some users more than others.

>
>Do you happen to know how it handles mail list (such as this one) 
>which show the individual senders in the "from" list (but I know I 
>haven't been challenged to get a message to you); does that mean it 
>allows you to whiltelist by "Reply-to" rather by "From" address ? 
>And if so, isn't that a way for spam to get in, since a spammer can 
>spoof reply-to addresses easily (assuming they have harvested email 
>addresses from specific mail lists) ?

This topic is a bit too technical for me. I allow a few common domain 
names, and a few email lists are on the allow list. A few spams leak 
through, occasionally, because spammers have spoofed return 
addresses. The number is very small.

>
>Even worse, if you are on an emzlm mail list, and for some reason 
>you're ISP is bouncing messages temporarily, then you'll get a 
>warning message - but it comes from the mail list administrator, not 
>the mail list itself, and therefore may not get through.


I don't know what emzlm is.

When I began using it, I checked out the withheld mail, to identify 
addresses and domains I might want to add to the allow list. I spot 
check it occasionally. That seems to identify most problems.

Bonded senders get through, too. They guarantee payment of a cent or 
two per unwanted email. Spammers won't make that kind of commitment 
of course. I don't know if this arrangement is catching on. I'd bond 
my own email, but never quite figured out how.

>
>(Or, in summary, I'm a bit skeptical about this overall approach :-)


Yeah, I see what you mean. I can live with the downside.

Come to think of it, I only use Vanquish with one email address. 
Vanquish solved a dire problem for me. I've had the address for 
years, but can't abandon it for another year or so, for reasons I 
won't bother you with. It gets up to 500 spams per day. But 
approximately zero spams per day sent to that address get past 
Vanquish. The important messages, including those from unknown 
senders I want to hear from get thru just fine.

I use other, newer email addresses for important business, all with 
my own domain name. I reserve one address for all but a few email 
lists. I don't filter those with Vanquish, though I have that option. 
I try to reserve different addresses for specialized purposes, so 
they can be abandoned more conveniently, if needed, and can be 
filtered with Vanquish conveniently, if needed. I get very little 
spam on the newer addresses, even though they are a couple of years 
old now. I've learned not to be annoyed by a few spams per day. That 
used to bug the heck out of me, before the number climbed into triple 
digits.

Now that I've given it more thought, thanks to your thoughtful 
comments, Vanquish seems one of several promising-but-imperfect 
anti-spam strategies; it will suit some users better than others.

I hope this is of general interest, even though OT.

Cheers,


Tim

More information about the use-livecode mailing list