Getting spam marked "Domain Allowed"?

--VQ-- · Site Admin Joined: 06 Jan 2003 Posts: 476

Have you recently been getting spam with the control stripe "Domain Allowed"? If you don't recall adding the domain to your Domain-Allow list, then it was probably added by SurfMatch. That feature is designed to admit mail from sites at which you make a purchase or at which you entered personal data into an online form.

But don't worry. It's easy to train Domain Match to exclude popular domains from automatic entry onto the Domain-Allow list. Let's first explore how SurfMatch works...

Surfmatch temporarily admits mail from domains at which you recently made a purchase, submitted a form, or logged in. This includes secure sites that remember you, even if you no longer are required to log in.

But this can create a nuisance. If you log into the control panel of your internet provider (say, Comcast.net), then anyone showing a Comcast address is suddenly admitted into your mailbox.

To avoid this problem, SurfMatch does not automatically add the big ISPs to the Domain Allow list - including popular web sites those that also operate mail services, such as AOL, Yahoo, Google, and Netscape.

Is it unfair to users of these services? Good question! Actually, their exclusion from SurfMatch is unlikely to be noticed, because SurfMatch is intended to admit commercial mail from sites at which you initiate a relationship. These sites use their own domain name (for example, www.DiscountDVD.com ), even if they are actually hosted by a popular service such as Yahoo Stores or if the business owner uses Google for his personal email.

But if we excluded every popular web service, SurfMatch would be less effective. Now, let's suppose that you log into the control panel of your own ISP. Soon, you begin to notice spam slipping through because the spammer is showing an address at the same ISP.

Fortunately, there is an easy way for you to prevent spam "leak-through". Whenever you see spam with "Domain Allowed" control stripe, simply click Exclude. This will not block the domain. It only means that you do not wish for that domain to be automatically added to your Domain-Allow list simply because you logged into a matching web page. In no time at all, the secure web sites that you visit will be admitted by one of a dozen alternate rules, but not by SurfMatch.

Vanquish pre-populates the Domain Exclude list with the most popular email address services such as AOL, Yahoo, Hotmail, Google, Netscape, Cox, Verizon, and Comcast. We also include companies that the targets of phishing attacks such as PayPal, eBay and CitiBank. If you remove these sites from your Domain Exlude list, you will be more likely to receive spam and phishing attacks. [Complete List]

tortoise62 · Joined: 16 Aug 2006 Posts: 11

There is no "Exclude" link that this topic indicates. Valid options are Remove, Block, and Details.

Remove would certainly remove the domain from the allow list (which was auto-added) - however, wouldn't SurfMatch simply re add the domain the next time the domain was visited?

I administer vqSA, and the domain(s) in question were craigslist.org and yahoo.net - auto added - presumably by SurfMatch.

I removed the domain and instructed the user to do the same in the future, but why isn't the Exclude link available?

--VQ-- · Site Admin Joined: 06 Jan 2003 Posts: 476

You are correct. I have just confirmed that in a recent server update, the Exclude link was dropped from the "Domain Match" Control Stipe.

This was probably an oversight - and was not picked up in the regression test. We will try to get this slipped back in. But the test rules may delay this process until we revisit that section of the user interface.

Either way, the situation is rare. If you want to add it to your exclude list you can do so with a few clicks... Click 'V' and choose View | Domain Lists. Drop it right into the entry box and click Exclide Domain.