Thanks, right now I'm more focused on understanding possible
impacts/issues by enabling such feature.
Based on your experiece, did such setting bring issues in your
environment ?
I've to admit that I'm not using the native exchange spam filtering
(IMF ....) since, dating back to 15 years ago... or maybe more; I found
a filtering solution which did fit my needs; anyways, this doesn't mean
that I don't know how to set IMF up, just that imHo it lacks a number
of features and this makes it look like a spam filter from 20 years ago
(no, not kidding, nor trying to troll or start a flame, mind me) it's
just that
given the fact that you PAY it you'd expect to have some -at least-
kind of decent and UP TO DATE smtp filtering but probably someone
up in Redmond decided that we'll have to stay at the stone age or
either pay some $$$ to buy a filtering product <sigh>
See, the rules of thumb of whatever spamfilter are... allow the "admin"
to set things in test mode and have a clear log of what's going on
and, allow the admin to set "scores" for each spam check and reject
a given message only if the score goes over the given limit; in both
cases the exchange filtering fails, so... given that it doesn't even
have
a way to use DNSWL (whitelists, to oppose to blacklists and which
should be checked BEFORE DNSBL checks) the "risks" let's call it
so missing a better term of using DNSBLs are mainly the classic
false-positive ones, that is, a given sending host which, for a reason
or another got listed in some DNSBL and is now unable to send you
jun... ahem... email :) such an issue is usually solved by using the
so called DNS whitelists (DNSWL), they work just like the DNSBLs
but instead of listing "bad sending host" they list "good ones" so,
the idea is basically to check DNSWLs first, see if the incoming IP
(since that's what the server sees) is whitelisted and, if that's the
case, skip whatever DNSBL lookup, otherwise, go on with the
lookups and all the other stuff
As (I hope) you realized by now, all this means trusting the opinion
of the DNSBLs you're using, so, it's important to pick reputable ones
and, at the same time, lists which won't "incorrectly list a bit ISP IP
by chance" but which will ensure that, if an IP is listed then it's at
99%
a BAD one; that's why I suggested the lists you'll see in my previous
post; and, if you want, give it a spin, see how they work for you and
then, make a decision; again, given that no one filters the same kind
of stuff, it's all about agreeing about "where the borderline is"
