A few weeks back, me and my crazy co-worker (the one who insists that all mail must have SMTP AUTH in order to not be considered spam regardless of its content or what proportion of the target end user considers it spam) were in another discussion about how to classify mail.
My position is that you should never reject mail that you classify as spam in the SMTP session without consideration of the source of the mail. Here is what I mean by that:
Hey, check out this link: hxxp://www.freemedz4you.com
Hey, DCU, the following spammers are using hxxp://freemicrosoftsoftware.com as a redirect to a free warez page, you might want to go and check it out and take action if necessary.
That’s the way I see things. When it comes to spam filtering, I’ve been around long enough to know that false positives always happen. Better to build a filter on the assumption that your filters will occasionally be wrong rather than assuming that they will always be right, and then defending your errors with the three letter acronym “SLA”.
Of course, the latter part of that phrase is the topic for a future post.