Perhaps I wasn't able to adequatly describe the scenario;

1-Some user (say Joe) on some machine (say @box) sends an email to one of
your lists
2-this app intercepts it before it gets handed over the listserv
3-sends back a mail message TO Joe#box asking him to confirm his existence
by clicking on a web link

4a- if Joe clicks on the special link the app then goes on to deliver (to
listserv) the original message Joe sent as well as add Joe to a whitelist.
This way the next time Joe@box sends an email to ANY list/user on your
domain his mail gets delivered directly to listserv.
  
4b- however if Joe does not click on the link because of a forged header,no
such user, whatever then his  original mail does not get pushed on to the
listserv but dumped.  In the case he did not click because he missed the
message from the app, next mail from Joe@box will be asked to confirm as
well.



On Paul's note about backscatter;   Yes it does mean that each brand new
email meaning those that havent been white listed will create one reply.
But my experience is that its better then loops and zillions of garbage in a
administrators mailbox.   It also saves you on the potential of false
positives with anti-spam solutions. 


What im planning to do as soon as I have time is  
1- spamassasin incoming
2- if marked as spam give it to this application asking for whitelisting
3- and figure out a way to have spamassasin and the mentioned app share
whitelists!
4- then deliver to listserv or other accounts.



Best,
Omer.



> -----Original Message-----
> From: LISTSERV site administrators' forum 
> [mailto:[log in to unmask]] On Behalf Of Pete Weiss
> Sent: 13 Eylül 2006 Çarşamba 23:57
> To: [log in to unmask]
> Subject: Re: What do you do with spam
> 
> At 16:35 9/13/2006 Wednesday, A.Omer Koker wrote:
> 
> >Or you might use a service that asks for the sender to confirm their 
> >email authenticity by clicking on a link and adding them to 
> your whitelist.
> >Since the message specifically asks the user to click a link (http) 
> >there is no valid (or another /dev/null) return email adr 
> catching any loops or error
> >messages.   I ran across this service some time ago but 
> misplaced the link
> >so if someone else knows what im talking about PLEASE send links on 
> >company/applications that does this.
> 
> How do outbound-only mail services deal with that?
> 
> As a list poster or list-owner, I hate having to confirm my 
> (our) intention of sending to a list subscriber's mailbox.  
> If they want list mail, they can do the whitelist.
> 
> I especially do NOT want to click on a link for some unknown 
> service for probably some unknown list recipient.
> 
> 
> /Pete
> 
> [not associated with PSU LISTSERV management]
>