From: Meng Weng Wong
Sent: Friday, August 20, 2004 9:26 PM
On Thu, Aug 19, 2004 at 12:45:06PM -0700, Mark C. Langston wrote:
| Only if you relied on GOSSiP as your sole determiner of
| mail acceptance
| or rejection. That'd be foolhardy, as would relying on any
| single check
| on incoming mail for such determination. There is no one single
| mechanism that can definitely say "accept this" or "reject
| this" for all
| incoming mail, with zero false positives and zero false negatives.
|
| Spam prevention, much like security, requires multiple layers (the
| "onion" analogy) to be effective. Anyone ignoring that
| does so at their peril.
I want to echo Mark's point; folks who hope for silver
bullets are, perhaps, committing the fallacy of the excluded middle.
Defense in depth says:
if authenticated & reputable: accept
if blacklisted or forgery: reject
else: content filter / greylist /
file to spamfolder
I expect door #3 to remain heavily trafficked for the
foreseeable future.
While you need multiple clues for the ones in the middle, I suggest that
it is _not_ a good idea to go back to the "bad old days" of accepting
anything we're not sure of and filtering. Huge spam folders with an
occasional false positive hiding in there frequently meant a lost
important message, which doesn't make for a good outcome. I've yet to
have a negative outcome due to a mail rejection. It generally generates
a quick phone call and an quick resolution.
This is not the case for the "accept when unsure" paradigm. The object
is to never _miss_ an important business email as opposed to never
reject one. They are _not_ the same. It sounds counterintuitive at
first, but you will have less trouble with business contacts for an
occasional bounce. The absolute worst thing you can do is to miss an
important message in a spam pile. If you tell your customer that, it is
a double lame-o excuse: first you insult him by saying that his email
looked like spam then you admitted you received but ignored it. It
doesn't make you look like you know what you're doing. In fact, you
don't. If an email bounces from an important customer, I've never met
one who doesn't understand "geez, must be something wrong down in IT,
I'll deal with it". You whitelist the customer, it never happens (to
him) again and you look competent, which you are. You avoid wasting
half an hour each day scouring the spam bucket and you never miss
important mail. This is may not be the preferred approach for AOL and
MSN who have to deal with millions of teenage customers, but if you are
running a business, it arguably _is_ the best thing to do.
The only case where someone might not contact you for a bounce is if
they're blanketing everyone in a market segment with the same RFQ and
you've neither met nor heard of them before. That is borderline spam
and it is a waste of your time to quote on such garbage anyway. If
you're that desperate, it's time to look for a new line of work.
--
Seth Goodman