<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="Generator" CONTENT="MS Exchange Server version 5.5.2655.35">
<TITLE>RE: Whitelisted</TITLE>
</HEAD>
<BODY>
<P><FONT SIZE=2>See earlier thread on splitting messages with multiple recipients into messages with one recipient each as a workaround.</FONT></P>
<P><FONT SIZE=2>-----Original Message-----</FONT>
<BR><FONT SIZE=2>From: Matt Kettler [<A HREF="mailto:mkettler@EVI-INC.COM">mailto:mkettler@EVI-INC.COM</A>]</FONT>
<BR><FONT SIZE=2>Sent: Tuesday, July 22, 2003 4:16 PM</FONT>
<BR><FONT SIZE=2>To: MAILSCANNER@jiscmail.ac.uk</FONT>
<BR><FONT SIZE=2>Subject: Re: Whitelisted</FONT>
</P>
<BR>
<P><FONT SIZE=2>At 12:00 PM 7/22/2003 -0600, Dustin Baer wrote:</FONT>
<BR><FONT SIZE=2>> > Dustin,</FONT>
<BR><FONT SIZE=2>> > Maybe that is where my misunderstanding is. I thought, that would turn off</FONT>
<BR><FONT SIZE=2>> > spam filtering for that user only. Does that say anything addressed to</FONT>
<BR><FONT SIZE=2>> that</FONT>
<BR><FONT SIZE=2>> > user and anyone else, will go through?</FONT>
<BR><FONT SIZE=2>></FONT>
<BR><FONT SIZE=2>>Hi Kris,</FONT>
<BR><FONT SIZE=2>></FONT>
<BR><FONT SIZE=2>>As far as I understand MailScanner's whitelisting, if one recipient is</FONT>
<BR><FONT SIZE=2>>in the whitelist, all recipients receive the message. I have run into</FONT>
<BR><FONT SIZE=2>>your situation also, and refuse to whitelist recipient names here, if I</FONT>
<BR><FONT SIZE=2>>see that they receive a high volume of spam. I don't want other people</FONT>
<BR><FONT SIZE=2>>getting spam, just because they want their name whitelisted.</FONT>
<BR><FONT SIZE=2>></FONT>
<BR><FONT SIZE=2>>I am sure someone will correct me, if I have mis-stated how MailScanner</FONT>
<BR><FONT SIZE=2>>operates its whitelist.</FONT>
</P>
<P><FONT SIZE=2>That is correct. And this "problem" is a fundamental limit of running at</FONT>
<BR><FONT SIZE=2>the MTA layer. It's not a bug, or a mistake, it's a design tradeoff between</FONT>
<BR><FONT SIZE=2>flexibility and efficiency.</FONT>
</P>
<P><FONT SIZE=2>Mailscanner runs at the MTA layer, not the MDA layer, so there is not one</FONT>
<BR><FONT SIZE=2>copy of the message per user when MS sees it.. there's just one message</FONT>
<BR><FONT SIZE=2>with many recipients. Thus MailScanner can only whitelist that one message,</FONT>
<BR><FONT SIZE=2>or not whitelist it. There is no such thing as "well, later when you go to</FONT>
<BR><FONT SIZE=2>deliver this, give these guys this copy, and that guy this other version".</FONT>
<BR><FONT SIZE=2>It's one message, and they'll all get the same message, all MailScanner can</FONT>
<BR><FONT SIZE=2>do is edit it.</FONT>
</P>
<P><FONT SIZE=2>Running at the MTA layer is much more efficient, because you only scan the</FONT>
<BR><FONT SIZE=2>message once, but it inherently has limits on "per user" customization. The</FONT>
<BR><FONT SIZE=2>MTA layer is the ideal spot to do virus scanning, because you rarely want</FONT>
<BR><FONT SIZE=2>user-specific behaviors for virus scanning. However doing spam scanning at</FONT>
<BR><FONT SIZE=2>the MTA layer is somewhat limiting if you've got users that need "exceptions".</FONT>
</P>
<P><FONT SIZE=2>Personally I deal with it by creating custom SpamAssassin rules instead of</FONT>
<BR><FONT SIZE=2>whitelists. This gives me the ability to target specific kinds of messages,</FONT>
<BR><FONT SIZE=2>rather than specific sources or destinations. If I have to do a whitelist,</FONT>
<BR><FONT SIZE=2>I try to make it a "fromto" type whitelist where it winds up narrowly</FONT>
<BR><FONT SIZE=2>defined. I never use To: type whitelists, and I avoid simple From:</FONT>
<BR><FONT SIZE=2>whitelists as well.</FONT>
</P>
</BODY>
</HTML>