Slash Boxes
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

use Perl Log In

Log In

[ Create a new account ]

Matts (1087)

  (email not shown publicly)

I work for MessageLabs [] in Toronto, ON, Canada. I write spam filters, MTA software, high performance network software, string matching algorithms, and other cool stuff mostly in Perl and C.

Journal of Matts (1087)

Monday February 10, 2003
03:38 AM

On whitelisting systems

[ #10494 ]

Regularly people suggest something like TMDA or Active Spam Killer as the "solution" to the spam problem - they reply to unknown senders getting them to whitelist themselves. This always seemed incredibly annoying to me and in fact I got bitten by it when someone emailed me a question about one of my modules, so I spent a good 20 minutes composing a reply only to get a TMDA bounceback suggesting I should validate myself. It was just too much - he emailed ME unsollicited and I shouldn't have to jump through hoops to get my email reply to him.

Anyway, I saw this nugget on Slashdot (hey, it happens occasionally!):

I'm amazed by this user-hostile suggestion every time I hear it. Suppose you post your resumé on Who are you going to whitelist? Suppose your friend changes ISPs and then tries to e-mail you his new address? It won't be whitelisted, so it will bounce. Suppose to fill out a tech support request form. You don't know the address of the person that will contact you (or even if they will be the same domain as the web site).

I thought that summed up my thoughts on this quite well.

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
More | Login | Reply
Loading... please wait.
  • Surely any address you email should be added to the whitelist ?

    these people must be very stupid - you can filter 99% of spam without resorting to this kind of thing.


    @JAPH = qw(Hacker Perl Another Just);
    print reverse @JAPH;
    • Surely any address you email should be added to the whitelist?
      Yes, and most whitelist systems are very dain bread. They work only on putting incoming messages on hold, not examining outgoing messages. Thus the problem.
      • TMDA can add addresses if you set it as the outgoing method. You also need to do that if you want tmda to rewrite your address (according to your specification) for keyword, date or sender emails.

        I've got tmda and sa configured such that a tmda notice will only go out if the message was classed as spam. Seems to work for me.

        Hey! Mozilla doesn't wipe a text box when you press escape! (unlike IE)
          ---ict / Spoon