Blacklist by email
We report spam by emailing abuse@mailroute.net. Could we do something similar with blacklist@mailroute.net where the sender of the original forwarded message is blacklisted?
If that's not possible, could we send an email with the blacklisted sender's email address in the subject line could be added without requiring logging into the service? This would also be useful for whitelists.
I can see how this could be abused, but if the subscriber was using Outbound Filtering, that might not be such a big deal.
-
Hi Gene-
It's an interesting possibility. Given how easy it is to forge email FROM addresses, we'd have to put some other limitations in place....but it's something to which we shall give some serious thought.
Sorry for the long delay in responding. We're still working through some issues with our ticketing system - we just got a bunch of notifications of messages posted here.
0 -
We're still kicking this idea around. But our big stumbling block is still this one: how to prevent a user from forging an email and white or blacklisting an address? We can check the origin of the request, but that wouldn't keep a disgruntled employee from, oh, say blacklisting something for their boss.
We could require people to include some sort of "email control password" perhaps.
And we're open to other suggestions......
0 -
What about a plus address that includes the "Blacklist Password" blacklist+password@mailroute.net (Option 1)
Same feature request for whitelists.
Another option (2a) might be a confirmation email, where a link would have to be clicked to confirm the white or black listing.
Option (2b) confirmation or summary email to the main listed email address, but just informational : Today we whitelisted/ blacklisted the following addresses.
0 -
This hasn't been updated for a long time but it looks like this feature still doesn't exist. I'm getting quite a few spam emails still and it's a bit of a pain having to keep coming to the MailRoute website to blacklist them (as I don't do anything else via the web interface - checking my list happens daily via email from which I can recover and whitelist).
My proposal for how you get around the security problem and forging of email addresses is that you simply create a token for the user and give them a customised blacklist address i.e. blacklist+abcdefghi123@mailroute.net (where "abcdefghi123" is a unique token for the user, not their password). This is how lots of other services that work via email get around this issue and for extra points you can give an option to reset that token and include a digest of blacklisted addresses in the daily email. This would improve my workflow a lot.
0 -
I'd like to second this request. As to the disgruntled employee, they could do any one of a number of things to sabotage their boss. You can't prevent it from happening; you can only take reasonable steps such that a boss who is minding the store will get notice of a blacklist. A daily notification email to the boss' address would seem to take care of that, and requiring a password in the subject line should prevent spoofing.
0 -
Originally posted by Ben Dodson September 15, 2016, 05:15
I've just come back to MailRoute after a ditching it for a year - surprised to see that blacklisting via email isn't yet possible (as can be done securely and relatively easily as outlined above). If you're a developer, you can take a look at the custom solution I've built with context.io (free) that lets me blacklist via email - https://bendodson.com/weblog/2016/09/15/mailroute-blacklisting-via-...
I'd still like to see this implemented natively though!
0
Please sign in to leave a comment.
Comments
6 comments