One of the major problems we have with spam filtering is that it is possible, in a small number of cases, for legitimate mail to be flagged as Spam [Q10042 - What is Spam].

The worst problems are usually HTML messages generated by companies such as Ebay / Amazon and other online retailers.

To help counter this we have begun experimenting with automatic whitelisting of senders that we know are not sending spam. By whitelisting a sender we are telling the system not to mark this mail as Spam.

Our aim is to use published SPF records along with mail sending patterns to determine if the sender should be whitelisted. Since SPF records will show what servers are permitted to send for a particular domain we will whitelist the actual mail servers rather than the domain name. The problem with whitelisting the domain name such as “ebay.com” is that this is easily forged by the sender to bypass Spam checking. By whitelisting the sending IP we ensure that the mail is coming from the correct source and can bypass the Spam checks.

We have successfully tested the technique on our test servers and have deployed it to our live system in a “log only” set-up. By this we mean it is logging what action the system would take but not actually performing it. This will enable us to see how effective it should be in a live environment. If testing is successful then we will roll out the feature to our mail servers.