mailto:*@casino.com*@customer.com - *@casino.com|*@customer.com  in the autowhitelist is the only way at present. We have a spam administrator screen that lets customers add single sender or domain entries for either one person or their whole domain to the autowhitelist. This just appends an entry to the authwhitelistdelivery.txt file.

The biggest issue with SFI is scale. You could buy multiple copies of SF to handle it but then have to worry about syncronization of lists etc.

I think a SFE (spam filter enterpise) product should be conisdered. More expensive then standard SFI but can handle thousands of domains and many,many users. An large organization could easily justify this and understandably a product like this would have a dual CPU and many gig of memory. SFI is a great little engine but they are currently catering to the small operator and trying to use as few resources as possible. There is a market for that, but an enterprise version would have things like:
Autowhitelisting at the domain level
Shared lists if spread across multiple if required
etc,etc. You can probably put together a lengthy wishlist.

Anybody else see a need for a SF on steroids??

I am thinking of starting a spam filtering service, so I've been trying to figure out just what spamfilter will be able to do.  How much hardware, how much ram etc...  How many domains, with how many whitelists can it handle etc?  I'm just going to start with two machines, but am trying to plan ahead... how I would make it scale etc.

The mailto:*@casino.com*@customer.com - *@casino.com|*@customer.com  solution should work well enough.

It is the best software I have used, by far...