Jump to content
Sign in to follow this  
elind

Uncomplimentary comments about Spamcop

Recommended Posts

I've used Spamcop for several years and have been satisfied with the filtering, and also thought that I was providing a service to the community at large (and got some personal satisfaction) by reporting spammers. Over 15000 reports so far, as an individual. Most of my reports have been accurate, of real spammers, but recently I received a test email from a list manager (that I subscribe to), but the email looked like a blank test spam from an unrecognized origin, and I reported it. However it was a poorly composed message but not spam and I eventually had an exchange (friendly) with the list manager sorting this out. I received the following opinion which I thought I would share here, and I would be interested to hear any comments.

(Names of the innocents have been removed to protect the guilty)

Quote:

No responsible ISP would use Spamcop. We used to use them, when they

first started, but they are too unreliable. There are good places, such

as Spamhaus, which we use routinely to block spam before it even enters

our networks. I could tell you many horror stories about Spamcop (and

places like them), but just consider this: Because of spamcop's policy

of hiding the identity of the reporter, when I get a report of spam from

them, there is absolutely nothing I can do about it. They only reason I

was able to do something in your case is because there were enough clues

left in the message that I was able to establish your identity. If I

used ordinary mailing list software, this wouldn't be possible. I

wouldn't even be able to remove your name from a mailing list that you

didn't want to be on, or track down users who were reporting each others

posts to spamcop because they were upset with each other, and thought

that by doing so they would someone make life difficult for each other.

(Yes, this happens, and fairly often too.)

Meanwhile, spamcop has listed us as a spam source in their database, and

I have to deal with thousands of bounces from lists that I donate to

organizations such as xxxx and xxxxx free of charge, because of

misbehaving users whose identity spamcop is attempting to hide from me.

There is something here about 'no good deed goes unpunished...'.

I admit this is much less of a problem now, since since fewer and fewer

places are using spamcop to bounce spam. At this point, I think I would

just delete the users who use those sites, since it is much less hastle

for me than trying to straighten out the whole mess.

And of course, Spamcop moronically lists a mailing list origin as the

origin of the spam. This only helps hide the identity of the spammers.

For example, if a piece of spam gets through to the xxxxx list (which is

unlikely, but could happen), and you report this as spam, it is my

network that is listed as the spam origin site, not the spammer, who

remains anonymous and protected.

So, in short, if you are happy with spamcop, good for you. I remain

unimpressed.

Regards,

Share this post


Link to post
Share on other sites

Personal opinion ..?? Just a bit of an idiot. Wondering why someone would report an e-mail as spam when it was something sent by an outfit he/she had "donated" his/her mailing list to ...??? clueless doesn't even start to cover that problem.

The complaints about "addresses" are another way of saying "list-washing" which is just a way to keep the complaints from coming in, not actually resolving the real issue.

Won't argue about the "using SpamCop to bounce e-mail" (other than technically being a wrong statement) .... as actually more and more folks are simply deleting the e-mail, based on spammer abuse of the bounce function .. so, in a way, he/she is kind of right <g>

The listing of of "his/her list-server" rather than the spammer is surely possible .. but on the other hand, this also suggests that the servers in question (or his/her "something other than ordinary mailing-list software) are not configured correctly.

Hidden within this Forum structure are a number of posts from a number of ISPs that use the SpamCopBL ... there are discussions concerning compromised servers that were cleaned up and brought back under control because of someone else's use of the SpamCopBL ... unfortunately buried within so many more discussions created by folks like your friend .. those that define spam as that which they do not do and thier systems are not allowed to do that which they do not do either <g> ... off the top of my head, I'd say I had over a dozen auto-acks just today from ISPs that include / reference www.spamcop.net as a place to learn how to handle / submit your spam (noting that these auto-acks came from my manual reports)

Bottom line, this friendly person doesn't seem to follow "best practices" in managing his/her mailing-list .. thus, the SpamCop "problem" scenario ....

Share this post


Link to post
Share on other sites
Because of spamcop's policy

of hiding the identity of the reporter, when I get a report of spam from

them, there is absolutely nothing I can do about it.

If he was using 'best practices', he could do something because he would have the unique token showing that you had confirmed subscription.

I have to deal with thousands of bounces from lists that I donate to

organizations such as xxxx and xxxxx free of charge,

Those organizations should know better than to use mailing lists that they didn't confirm themselves as wanting email from them. He obviously doesn't have any concept of 'confirmed subscription'

OTOH, he is not the only ISP who thinks that spamcop reporters are too often inaccurate in identifying spam. However, an inaccurate report is very unlikely to result in being put on the blocklist because of the different criteria in the algorithym. Therefore, it makes one suspicious that he has other problems (probably stemming from not having a confirmed subscription list or sending messages that look so much like spam that even list subscribers think they are spam or other incidents of poor list managing ).

Miss Betsy

Share this post


Link to post
Share on other sites

I received this from the email administrator of a big organization in a discussion about misdirected vacation responders:

As a side note note about Spamcop - It is also important to point out that the Spamcop listing policies are not universally accepted by the technical email community.  It is a very difficult for a computer program to accurately determine that a messages is spam or for that matter, misdirected.  (Internet standard email protocols allow for legitimate email to use forged form addresses in many important circumstances.)  Many people believe that Spamcop programs are failing to accurately detect spam in an increasing percentage of cases.  As a consequence, Spamcop is listing a great many legitimate sites where servers are configured correctly to obey Internet standard policies for email.  Doing a simple google search for "spamcop" will show that there is considerable discussion about this outside of xxxxxx.  This isn't to say that Spamcop isn't useful in a wide variety of places.  I can imagine that many small to medium businesses benefit greatly by the increased scrutiny of email that Spamcop provides.  xxxxxx, like many other large institutions, simply can not use such restrictive lists to detect  spam or viruses.

Share this post


Link to post
Share on other sites
No responsible ISP would use Spamcop. We used to use them, when they first started, but they are too unreliable.

He has a right to his opinion, but that is all it is, an opinion.

There are good places, such as Spamhaus, which we use routinely to block spam before it even enters our networks.

Yes I agree, Spamhaus works good if the Spammers use their assigned IP ranged to spam from but it does not get them all.

I could tell you many horror stories about Spamcop (and places like them), but just consider this: Because of spamcop's policy of hiding the identity of the reporter, when I get a report of spam from them, there is absolutely nothing I can do about it.

Spamcop makes it too hard for him to listwash and remove persons that did not ask to be on his list.

Meanwhile, spamcop has listed us as a spam source in their database, and

I have to deal with thousands of bounces from lists that I donate to

organizations such as xxxx and xxxxx free of charge, because of

misbehaving users whose identity spamcop is attempting to hide from me.

There is something here about 'no good deed goes unpunished...'.

Not sure what he is saying here but I sure hope it isn't saying he donates email addresses to other lists.

Share this post


Link to post
Share on other sites
I received this from the email administrator of a big organization in a discussion about misdirected vacation responders:

23928[/snapback]

Interestingly, because I use SpamCop to filter rather than reject suspect Email I am able to make an entirely complete analysis of the effectiveness of the SpamCop blocklist as far as my incoming Email is concerned.

My experience is that the SpamCop BL alone has never falsely identified an Email as spam. I actually use a combination of SCBL plus a couple of other blocklists and spam Assassin. Between these I catch about 99.5% of spam.

I would estimate that I falsely trap perhaps 15 Emails per year. So far those false positives have all been a result of my spam Assassin threshold being set very low.

So my own experience is that the SCBL is very effective and not particularly subject to the problems these other folk are mentioning from the perspective of the recipient.

From a sender's point of view, however, I can see that there are a few problems.

The ISP that provides my cable connection is, very occasionally, listed. Most likley when a user gets attacked and used as a zombie to distribute spam.

In those cirucmstances I find my outgoing mail temporarily blocked. Thankfully I have other options to use so am not very inconvenienced but I can see that for larger ISPs with a larger community of possibly less aware users, blocklists in general can be a problem.

On balance I am happy to accept the minor inconveniences for the greater benefit.

Andrew

Share this post


Link to post
Share on other sites
(Names of the innocents have been removed to protect the guilty)

Quote:

And of course, Spamcop moronically lists a mailing list origin as the

origin of the spam. This only helps hide the identity of the spammers.

For example, if a piece of spam gets through to the xxxxx list (which is

unlikely, but could happen), and you report this as spam, it is my

network that is listed as the spam origin site, not the spammer, who

remains anonymous and protected.

So, in short, if you are happy with spamcop, good for you. I remain

unimpressed.

Regards,

23924[/snapback]

Denial of a problem this "mailing list" has is not a solution

It would take more than one report for SpamCop to list an (which is a source)IP and when abuse reports stop coming the IP is released

every abuse report is sent to their ISP and they can have SpamCop send a copy to them (if they wish to, but sounds to me like they prefer to be anti SpamCop) The problems this "mail list" is having is of their own creating and trying to protect the spammers they host

Any user making malicous abuse reports through SpamCop can be expelled, with members fined (or both)

SpamCop Blocklist is the very best spam filter one can use For any one to suggest not to use it is giving real bad advice. Any blocklist should be combined witha whitelist (A whitelist overrides a blocklist)

The next if not best thing for one is to get is the only email address you will ever need which is a fully protected SpamCop email address (From botn virus and spam) Read about what real people say of SpamCop

Edited by petzl

Share this post


Link to post
Share on other sites

Buggering. Must we needlessly debate this? Man.

These are comments from a SENDER not a RECEIVER. Those of us who run our own servers don't really care about these people. Harsh, but this is really getting old. I guess we need to revive these debates every couple years for the new blood but us crusty old farts are getting a bit worn out. Might as well debate: ski vs. board; Harley vs. Japaneese; .45 ACP vs. 9mm; mountain bike vs. road bike....

Why should I care what he thinks about my filtering schemes? I can chose to receive, or not receive, E-mail from anyone I want. If I choose to use SC and SORBS and Haus and filter out all of China and Korea who cares what he thinks? If I miss his newsletter, that's my loss.

I understand some people may have this filtering forced on them by their ISP. Guess what. You can change ISPs! No, really, you can!

Anyone who has REALLY looked at this will tell you the cost/benefit ratio is huge in terms of using every blacklist you can get your hands on. This all falls back on the silent majority theory. Or in this case, the ignorant majority. An ISP gets one complaint from someone who got an incoming E-mail blocked and they start wringing their hands over this one vocal customer. Of course they should be weighing that against the thousands of happy customers who don't have to deal with spam because the ISP is using SC. Of course those happy customers don't call up and thank the ISP every day. Most of them don't even KNOW they should thank the ISP because all the spam is blocked without them even knowing what goes on behind the scenes! Duh. Did someone say SC and DNSBLs were the flawless solution to everything? I don't think so.

I appreciate all the benevolent comments from the knowledgeable regulars here. Don't mean to be an ass. Sometimes I just think you need to save wear and tear on your keyboard for things that really matter.

Sorry, I'm just grumpy this morning.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×