3
To warn or not to warn
Question asked by Stefano - 9/15/2021 at 6:28 AM
Unanswered
Hello community,

I've got one question for you.
When you receive a SPAM message, will you warn the sender that its message was marked as SPAM or not?
Because some clients would like to make the sender knows if the message has been marked as SPAM.
How do you work about it?
Thanks!

Stefano

7 Replies

Reply to Thread
0
Ron Raley Replied
We always bounce back letting them know that the user on our server did not receive. We choose notify.

Thank you,
Ron
1
Douglas Foster Replied
Not me.

1) How will the sender be notified?   If with a REJECT result in SMTP, no problem, BUT:  

Many of the spam tests occur after the message has been received, so a Non-Delivery Report (NDR)will be generated if the message is blocked.   At this point, you have to worry about whether the return-path address is valid or not.    If the return-path is forged, then your NDR becomes backscatter spam.   This risk can be minimized by setting <System Admin>... Settings... Antispam... Options (tab)... Options (section)... 
Autoresponders = "Require Message pass SPF"

2) How much do you trust your spam filter?  

If it is usually correct, why do you want to notify the sender that you have concluded that he is malicious?  I don't talk to criminals, it only encourages them.   If  you are unsure of  your spam result, send it to quarantine instead of blocking it.

DF


2
Ron Raley Replied
The problem is that there will ALWAYS be false positives. I don't see this going away anytime soon.

So we accept communication with the spammer for the benefit of a legit user. Also, it could be a critical email.

In the emergency services field, we have seen several scenarios where emails with legit, but long COVID urls, blocked by some spam filters.

We want the sender to know they've been rejected vs email lost in outer space and them wondering why nobody received it.

I appreciate the conversation.

Ron
0
Kyle Kerst Replied
Employee Post
That makes perfect sense Ron. I'd say quarantining is your best bet so that you always have a worst case scenario recovery point for those critical emails that got marked. Unfortunately, antispam is a tricky front, and there is no one size fits all solution. Good discussion all the way around!
Kyle Kerst System/Network Administrator SmarterTools Inc. (877) 357-6278 www.smartertools.com
0
echoDreamz Replied
We notify as well, and also give the reason in the bounceback, be it SPF, anti-spam, bad attachment etc.
0
Ron Raley Replied
Hold up echoDreamz, how are you giving the reason? Is this a new setting? We want to do this as well.
0
echoDreamz Replied
Ron, we use rSpamD as our gateway, we have some special sauce to help with that.

Reports why the email was rejected, IE SPF FAIL, VadeSecure said it was spam, multiple high-value RBLs, bad attachment like an exe or a virus/malware detected.

Reply to Thread