Wizard IT Products

First of all I would like to say thanks for right product - Plesk really lacks of many smtp filtering functions (like graylisting).

But I would like to rise a question about recommendations (Best Practices) that we have to really follow.

For example I'm not sure why you don't recommend "Valid FROM domain" policy? All messages that we're filtered with that seems like spam or generated with faulty php scripts. Any comments on that?

Again within just one day we had a number of complaints about "Block Mail Servers on Dynamic/Dial-up Addresses" policy that is recommended. And this is only for clients who waited for e-mail, but it was rejected. Who knows how many was really rejected silently. For example one of rejected mails was from Latvian IT outsourcing provider (they use large home ISP services and mail server have "suspicious" reverse) and another from Netherlands dedicated server provider (they use reverses with IP address in the hostname). Antispam solution providers usually claim about one from one million fail-positive rate, but with recommended MagicSpam settings in our situation we have less than 1 from 3500 (10+ fail-positives per 35000 mails). In fact our work is to make clients happy - fast and easy e-mail without spam, viruses and lost e-mails. Basically any lost e-mail is way more important than another spam message in mailbox. My main idea is that potentially high fail-positive policies should not be a recommended ones and maybe even count them for scores if enabled rather than strict deny.

I would like to discuss any policies/reputation lists (not only mentioned ones). Any input on that?

PS: I've just realized that it's a great idea to include configurable graylisting intro magicspam.

You asked 'why'? Because it helps stop spam, encourages email operators to set up their email servers correctly, passes the onus back to the sender and their email systems, rather than you and your customers.

And most of our 'Best Practises' recommendations come from those worked on by MAAWG, Canadian Anti-Spam Task Force, and others.. (see http://www.linuxmagic.com/best_practices.)

But even more to the point, these are from experience working with millions of users, at ISP's and Telco's who use MagicMail which uses MagicSpam as well. The nice thing about when we do block, eg "Block Mail Servers on Dynamic/Dial-up Addresses" , people notice right away and fix their email servers. It just has to be brought to their attention. Some rules we don't include as a default even tho they should be in a perfect world, because there are still too many email operators with unusual reasons for eg. strange HELO identifiers etc.

Normally, the basic tests are how much do you block vs how much spam do you stop. You would like to block none, and if email servers are properly set up according to best practices, it should be none. But it was only a few short years ago that people thought they didn't even have to set up DNS. Now, virtually every email server is configured to block connections with no reverse DNS.

We are always reviewing what we recommend by defaults, and there will always be some that want more strict, and some less strict.. I guess it depends on how much email you get from email servers that aren't configured correctly. But we all agree... we want Spam Management to be simple, free from pain, and easy for everyone.

My question in fact was why you recommend some policies while others not. As an example - "Valid FROM domain" vs "Block Mail Servers on Dynamic/Dial-up Addresses" policy.

We have recommend some rules over others just from our experience with them on mail servers. If a rule is not recommended, it may be because it is more likely to generate a few false positives. We have collected information about these rules from several different mail servers, and make our recommendations based on that analysis.

what were the 'default' recommended settings?

Hello, the 'default' recommended settings are indicated in the MagicSpam interface on the 'SMTP Policies' page. Under the 'Default' column will be a series of 'yes' or 'no' labels indicating if the rule in question is part of the default recommended set. The same is true as well of the IP Reputation block lists that are selected.