I've been using eMail since 2000 and using SmarterMail for more than a decade. I have been an eariler adopter of SPF, DKIM and DEMARC got us -- Its better but not close to perfect.
In the USA I have more rules on how to construct or renovate a house than setup an eMail Server. If you already are using SmarterMail's paid SPAM Filtering this works very well so you might understand the genesis of the idea I have here.
The solution is to build a facility into SmarterMail and Web Mail itself thus leverage the smartest AI of them all -- YOU. Here is the suggest workflow concepts!
We also have a "SenderApproved" List to easily see who we have approved. We kind of have a solution with "Block Sender" Rule but its difficult to use. And if and end user makes a mistake its hard to find in the simple list of domains or eMails. I will mention more on this laer.
With a default setting, eMails arrive first in "InboxToBeApproved" Folder with a count down clock that you can set a time period (default 30 days) where by eMails NOT approved are automatically added to the "SenderBlocked" List. I am getting tons and tons of eMails about Loans, and Lease approvals over and over that pass all verifications.
In Web Mail you can either manually approve, deny, or implicitly approve by reply, or forward all of which then Update "SenderApproved" List and the eMail is moved from "InboxToBeApproved" to "Inbox" when approved or to another folder depending on the action -- approve, deny, forward or reply. Any approval have sub-options to allow the entire Domain, eMail or both.
Another part of this is feature is "Bounce upon Block" feature. As part of this process a header entry should be added to bounce message to track it -- a guid with header "SmarterMail-Bounce-Tag: b6fbd357-0318-5d5a-b24c-1da688f7513d" using UUIDv5. With this the sending to the original user can write an appeal using the link in the Bounce via SmarterMail Web Site so we have better tracking. You can only appeal from a bounce message. We know that most of the bounce won't arrive into someone's eMailbox because the sender is a "bad actor". Thus if someone arrives at the appeal without a valid "key" the form it can't be used.
Further if you are NOT using Web Mail, say gMail on a Smart Phone or Outlook on a PC, SmarterMail would send you a Digest of eMails that are waiting for approval -- with configurable settings once per so many hours, days or weeks. The Digest needs to be clickable with link with an auth key baked in so I don't have to logon - except maybe for 2FA which would be enabled or not by admin or user preference.
The value of a "InboxToBeApproved" Folder is you can use you SmartPhone to look at that folder and simply reply or forward which triggers approval. In this way EAS, EWS and MAPI actions can be hooked onto for this workflow on the Server Side.
The "BlockedSender" List should contains display name, eMail Address, source SMTP IP Address, source Domain, Last Message date, count of appeals, count of blocke, type of block implicit or manual. I should be able to add address to manually block simply to the list by clicking on "Sender Blocked". Blocked eMails would automatically go into SPAM.
While we are at it we should replicate a very siminlar kind of work flow with the "SPAM" Folder -- in that a Digest would be helpful and similar abilities as listed above. I often -- but not too often review my SPAM and everyone in a while I find something I need -- but a nice reminder to do so would be more efficient.
We can refine this to with improved workflow with your input! I implore you to +1 this so we can get the attention of SmarterMail!