I've started a new thread to discuss list detectiom just to be search engine
friendly.
There seem to be a variety of methods that lists use including preserving
the original sender as well as sending witht the list's email address. This
particular list sends with the list's email address. For C/R systems, this
often works fine because you often have to send to a list-subscribe in order
to join the list. A C/R will then send a challenge to the list and
subsequently get denied.
For lists that preserve the sender's email address, a C/R system can be a
bit unfriendly. However, we have seen that most list's use a "Sender"
header somewhere inside the message body. for example, this list sends:
Sender: asrg-admin(_at_)ietf(_dot_)org
If we encounter such a header, we will then not challenge the sender but
will require the user to take an action. I'm not trying to have another C/R
discussion but rather am interested in the various list detection methods
available. I've sorted through procmail to see what methods are available
to that source and the above was the best I could come up with.
An extremely important issue for large email companies is that spammers send
email to their users using their own domain. For example, they send to
user(_at_)foo(_dot_)com from sender(_at_)foo(_dot_)com(_dot_) One might say,
"Gee, just don't permit
mail from the outside using your domain". That works everywhere except for
lists that preserve the sender address.
So somehow, we have to prevent someone from spoofing the local domain while
permiting various mailing list types.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg