Re: mail filtering policy

From: Richard Hunt (richard.2002.munged@no.sp.am.attbi.not.net)
Date: 03/23/03


From: "Richard Hunt" <richard.2002.munged@no.sp.am.attbi.not.net>
Date: Sun, 23 Mar 2003 05:33:56 GMT


"Doug Fox" <dfox168@hotmail.com> wrote in message
news:sS2fa.29864$Dtv1.21538@news04.bloor.is.net.cable.rogers.com...
> Our firewall blocks incoming mail if there are over 50 recipients in the
cc
> (carbon copy) field. One day, a customer sent us a mail with over 50
> recipients, therefore the firewall blocked the mail. This customer
reported
> the situation to its contacts at work. As a result, we are instructed to
> allow over 100 recipients in the cc field.
>

I can't resist asking: was it a legitimate business email, or a joke
picture?

> As I understand, the filtering policy is to prevent spamming, prevent mail
> generated by worms, etc.
>
> How do most companies handle this situation? How many recipients are
> allowed in the cc field?
>

My company would keep the 50 recipient rule, but whitelist the customer; a
whitelist is a list of senders whose mail will be passed without any other
filtering.

Actually, I think the filter is constructed as follows:

1. examine attachments for virus, reject if found.
2. examine subject & message for virus text tags, reject if found.
3. if sender on whitelist, pass.
4. if sender on blacklist, pass.
5. apply word list to subject & message, reject if spam.
6. apply other rules, etc

A human being is supposed to review the rejected messages, and apply human
judgement to the messages which have been incorrectly identified. Sometimes
they don't.

Richard