Spam Filter ISP Support - Feature request

Feature request - Add a Footer

Printed From: LogSat Software
Category: Spam Filter ISP
Forum Name: Spam Filter ISP Support
Forum Description: General support for Spam Filter ISP
URL: https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=6522
Printed Date: 15 March 2025 at 4:40pm

Topic: Feature request - Add a Footer

Posted By: jerbo128
Subject: Feature request - Add a Footer
Date Posted: 17 July 2008 at 2:10pm

I keep looking for a way for customers to report missed spam without an admin having to sift the headers of many messges per day.

How about this...

If SF had the option to add a TEXT footer to the bottom of each email, it could contain a link that when clicked, would submit the contents of X-SF-Originating_IP to the database.

Something like:

The message was Checked by XXX Spam Filter. If you believe it to be spam, CLICK HERE to REPORT - - The link would point to an asp page that would submit the ip to a table where admins can keep track of the numbers / frequency of each ip or subnet. Such as http://spam.server.com/report_spam.asp?ip=200.200.200.253 - http://spam.server.com/report_spam.asp?ip=200.200.200.253

If the text footer that is added to each email is configurable, this would open up a huge amount of options using variables like %IP%, %domainname%, etc

Any thoughts...

Replies:

Posted By: mbrusl
Date Posted: 18 July 2008 at 7:54am

Ohh wow! That would be huge. I like that idea. There is potential there for spam reporting right back to the abuse department of the spamfilter server ISP or host provider.

-------------
Michael
support@spacequad.com
If blocked, use spacequad@hotmail.com
Spacequad Internet Services
Spacequad AntiSpam Services
Thunder Bay, Ontario
--------------------------------------------------

Posted By: LogSat
Date Posted: 19 July 2008 at 10:41am

We've always been hesitant to implement similar features, as they are likely to open your systems to interference by hackers.

Our SFDB reporting system employs 3DES encryption to post spammer IP data to our webserver. As hackers/spammers don't have access to the private encryption key, creating bogus reports is very very hard makign the system pretty safe.

If we implement headers/footers in emails that are used to report back information to your webservers, this information would be in clear-text, not encrypted. A hacker/spammer could then very easily inject bogus data into your back-end database to alter its contents. To be safe, SpamFilter would have to encrypt the header/footer, and your code on the webserver would need to then decrypt the data in order to update your database. this can most certainly be done, but would require quite a bit more steps to implement, the major difficulty being to have both SpamFilter and your webserver use *exactly* the same kind of encryption methods and keys. As some webservers use ASP, others .NET, and others PHP this creates some hurdles in finding a common library. We ourselves ended up writing our own encryption DLL to be used on our IIS server to render the encryption between SpamFilter and our IIS servers compatible when receving encrypted SFDB data.

-------------
Roberto Franceschetti

http://www.logsat.com" rel="nofollow - LogSat Software

http://www.logsat.com/sfi-spam-filter.asp" rel="nofollow - Spam Filter ISP