Back to Community Threads
Trust Sender on SMTP Send? or Add Recipient to Contacts on Send?
Problem reported by Craig Edmonds - Yesterday at 8:07 PM
Submitted
I am on SmarterMail Linux.

I have ALOT of customers who tell me the following "I did not receive an email from a clients/supplier and it went to junk, it was important yadda yadda yadda...". Its nearly impossible to get them to understand how spam filtering works, they dont want toihear it.

Is there a way to:

1. SM customer sends an email to recipient
2. Recipient is added to Trusted Senders
3. Next time receipient sends email to SM, it bypasses spam checks.

I have already made KB's showing clients that if they add them to webmail contacts they bypass spam filtering, showed them trusted senders etc etc but I think prevention would be better than cure in this case.

I was thinking maybe that i could create a linux service which polls the smtp logs for outgoing mail and then add the recipient email to the senders trusted senders list or as a contact.
D
Douglas Foster Replied
Today at 6:54 AM
I suggest you implement a customizable Spam filter, such as Declude / Declude Reboot.
I have already built scripts to parse the Delivery and SMTP Out logs into a database table of known recipients. 

When messages arrive, I add a customized External Sender warning with this information:
  • The sender has a known relationship to us because the address or domain is in a corporate database.
  • The sender is a known correspondent with us, based on past messages.  Dates of last inbound and last outbound is included.
  • If the Reply-to address is different from the From address, a line that shows the reply-to address and notes that it is different from the From address.
  • If the From address is not verified by aligned DKIM or aligned SPF Pass, a warning that the From address is not fully authenticated.
(The external sender warning is only applied to about half of our incoming mail.   The most trusted and best authenticated messages are exempted, in the hopes that users will actually read the messages when they do appear.)

I do not currently alter my filter settings based on known-sender status, but it would be an easy extension of what is already in place.   I am currently collecting data while developing a plan to quarantine all messages from unknown source domains.   It will be more risky to quarantine messages from unknown mailbox provider accounts (e.g. user@gmail.com), because we receive a lot of messages from consumers and many of those addresses are not in a corporate database.

Two reasons why collecting Known Sender data is the most important part of spam filtering:
  • If you are blocking spam as it is detected, essentially all new attacks will come from unknown senders.
  • Known senders comprise a finite list.  Unknown senders comprise an infinite list.   A finite list can be defined in a database, an infinite list cannot.  
Essentially all email filtering assumes that we can identify and block all of the bad stuff, then allow everything else by default.   This approach has never worked and never will.
Back to Community Threads

Reply to Thread

Enter the verification text
Related Knowledge Base Articles
Key Feature and Version Milestones in SmarterMailSmarterMail
Sender Verification Shield ExplanationSmarterMail > Antispam and Antivirus
Add to Outlook LimitationsSmarterMail > Desktop and Mobile Synchronization
Configure POP for iPhone, iPad or iPod TouchSmarterMail > Desktop and Mobile Synchronization
Set up Mac mail with IMAPSmarterMail > Desktop and Mobile Synchronization