Jump to content

SPAMCOP Integrity Failing. Blocked 2x in 1 week

Cyberglobe

By Cyberglobe
in SpamCop Lounge

Recommended Posts

Telarin Advanced Member

Telarin

Posted
Posted
Vacation Messages should be made so that ONLY ONE message be sent for the life of the Actual Vacation Message and NOT 1:1 triggering which I do agree is annoying.

Ok, look at it this way. Spammer does a spam run of 10 million email addresses using YOUR address as the FROM address. Of those, lets say 90% get filtered or are otherwise undeliverable. That means 1 million email addresses receive the email "from you". Of those, if even 1% of those people are out of office using OOR you will receive approximately 10,000 out of office responses for email that you didn't send. Of course, this doesn't include probably another 10,000 NDRs for undeliverable addresses that come back from misconfigured mail servers. Sound like fun? Think your servers could even HANDLE that mail load? I know mine can't, at least not in a short timeframe. That is why many companies (mine included) use the SCBL as an actual block list, and why we are happy to have these poorly configured mail servers on the list.

You can always have individual clients whitelist your server if you just can't seem to get it configured properly, but as for the rest of us, we'll continue sending emails to the bit bucket based on the SCBL.

Link to comment
Share on other sites
Cyberglobe Member

Cyberglobe

Posted
  • Author
Posted
...So far, no one seems to have been able to come up with a better alternative to address spam than blacklists. Backscatter is now seen by many as abusive. We will report it to try to help save both ourselves and others from having to spend as much resources as currently spent on spam.

...Yes, spammers have spoiled the internet and e-mail for us all. :(

37690[/snapback]

I Understand this fact and this is what I am trying to point to you. SPAMCOP can't handle these types of problems other than what another protocol can handle. SPF is what handles this however your provider fails to install SPF records and therefore are not working properly. After today, we will be flatly denying all non-SPF records and therefore if your network has none installed, Tough luck then. SPF is a better form of authenticating the Sender. SPAMCOP is NOT.

Well what is the problem to put your email address on a global DNR list? It is MUCH easier to manage instead of actually getting the junk and reporting it. THINK ABOUT IT BEFORE YOU TYPE. By having such a list, you can eliminate 99% of all your bounce messages which will ALWAYS come no matter what in some form or another. This way you can eliminate 3rd party bounces altogether. You guys are so inclined to use Spamcop and "HELP" it track spam, but you DON'T want to put your simple one line email address into an DNR List to help eliminate 99% of your junk mail. WHERE IS YOU FRIGGIN LOGIC?

I am also against spam but if you don't want to get spam, You got 2 choices. Either create a list of ONLY acceptable email address that can send to your mailbox, or consider the DNR list and become spam free for the future. Using RBLs are good for Relaying issues but NOT when it comes to servers that are conducting business.

Moderator Edit: did the best I could do with the messed up quoting .. snipped one section that was basically mis-attributed, more that was simply redundant and wasting bertical screen post, as the quoted post was immediately above this post ... Nothing in the "Reply" part of this post was touched ...

Link to comment
Share on other sites
turetzsr What Life?

turetzsr

Posted
Posted
<snip>

Well what is the problem to put your email address on a global DNR list?  It is MUCH easier to manage instead of actually getting the junk and reporting it. THINK ABOUT IT BEFORE YOU TYPE.  By having such a list, you can eliminate 99% of all your bounce messages which will ALWAYS come no matter what in some form or another.  This way you can eliminate 3rd party bounces altogether.  You guys are so inclined to use Spamcop and "HELP" it track spam, but you DON'T want to put your simple one line email address into an DNR List to help eliminate 99% of your junk mail.  WHERE IS YOU FRIGGIN LOGIC?

<snip>

37709[/snapback]

...Okay, I no longer understand anything you are saying but you have made it more than clear you have decided to descend to simply being abusive. My participation in this thread (and any other messages you post in the SpamCop forums) is finished (that won't be any great loss). Good luck in solving your problem with others' help.
Link to comment
Share on other sites
StevenUnderwood What Life?

StevenUnderwood

Posted
Posted

All of these alternatives have been argued here before and very few work for everyone.

SPF does not work for me because I want all my replies coming from a specific address no matter where I send them from. SPF requires me to use my ISP address when connected through my ISP, etc. I don't use (or even check) my ISP address because it gets spam.

Link to comment
Share on other sites
Merlyn Been There

Merlyn

Posted
Posted
I Understand this fact and this is what I am trying to point to you.  SPAMCOP can't handle these types of problems other than what another protocol can handle.  SPF is what handles this however your provider fails to install SPF records and therefore are not working properly.  After today, we will be flatly denying all non-SPF records and therefore if your network has none installed, Tough luck then.  SPF is a better form of authenticating the Sender.  SPAMCOP is NOT.

Well what is the problem to put your email address on a global DNR list?  It is MUCH easier to manage instead of actually getting the junk and reporting it. THINK ABOUT IT BEFORE YOU TYPE.  By having such a list, you can eliminate 99% of all your bounce messages which will ALWAYS come no matter what in some form or another.  This way you can eliminate 3rd party bounces altogether.  You guys are so inclined to use Spamcop and "HELP" it track spam, but you DON'T want to put your simple one line email address into an DNR List to help eliminate 99% of your junk mail.  WHERE IS YOU FRIGGIN LOGIC?

I am also against spam but if you don't want to get spam, You got 2 choices.  Either create a list of ONLY acceptable email address that can send to your mailbox, or consider the DNR list and become spam free for the future.  Using RBLs are good for Relaying issues but NOT when it comes to servers that are conducting business.

There are many alternatives to fighting spam but the best alternative is not to be part of the problem. If you are sending messages to the "From" or "Reply-To" address you are a part of the problem and deserved to be blocked.

You are either part of the solution or part of the problem the decision is yours.

Link to comment
Share on other sites
Cyberglobe Member

Cyberglobe

Posted
  • Author
Posted
All of these alternatives have been argued here before and very few work for everyone. 

SPF does not work for me because I want all my replies coming from a specific address no matter where I send them from.  SPF requires me to use my ISP address when connected through my ISP, etc.  I don't use (or even check) my ISP address because it gets spam.

37711[/snapback]

Well your ISP offers you Webmail access right? So when you are elsewhere, you use that instead. Plain and Simple. If you want your Mail domain to support your ISP address, then add that into it or use a VPN to get into your network to send mail or better yet, make sure your mail server supports webmail and that should resolve the issue.

Link to comment
Share on other sites
Wazoo What Life?

Wazoo

Posted
Posted

If I had to guess (which has been made mandatory in the last badly quoted post {I'll see if I can fix that]) ... I'd say that nothing has been researched and there has been yet another assumption made about what a "spamtrap" is .... at least, I think this is what the "put one address in a DNR list" might be suggesting.

Topic is headed for closure and movement to the Lounge as a rant.

Link to comment
Share on other sites
Telarin Advanced Member

Telarin

Posted
Posted

I think its a safe bet that spamcop will not change the way they operate or the criteria for adding someone to the blocklist based on one user complaining. So your choices are simple.

1) You can ask the recipient to whitelist your server, which is probably the easiest choice.

2) You can convince the recipient that the SCBL is evil and not to use it, though you will still have problems sending to the thousands and thousands of ISPs and businesses out there that use the SCBL. Not to mention that most SCBL users are very happy with the way it operates, and will be unlikely to quit using it because you whine at them about your email being blocked.

3) You can fix the configuration of your mail server so that you don't bombard innocent bystanders with misdirected NDRs, C/Rs, and OORs. This will solve all your problems with the SCBL (assuming you aren't sending any other spam) and you won't have to worry about it again.

Link to comment
Share on other sites
Cyberglobe Member

Cyberglobe

Posted
  • Author
Posted
There are many alternatives to fighting spam but the best alternative is not to be part of the problem. If you are sending messages to the "From" or "Reply-To" address you are a part of the problem and deserved to be blocked.

You are either part of the solution or part of the problem the decision is yours.

37713[/snapback]

Well I just made it part of the solution by enabling blocking of non-SPF or failed records. Now this should help reduce both spam and getting back on that dreaded Spamcop system.

However, by offering an additional supporting solution with the DNR list, it does not seem like your community is willing to accept such a system cause it seems all to simple to do as stated by some previous posters.

So we shall see what can be done about this in the future.

Link to comment
Share on other sites
Telarin Advanced Member

Telarin

Posted
Posted

The biggest problem with and NDR system, is exactly the same as with SPF records. There is no way to force everyone to use it. The biggest producers of spam (china, korea, etc) choose to ignore pretty much every best practice, and generally refuse to enforce the TOSs that they themselves put into place. What makes you think they are going to spend money to implement an SPF or NDR type of system?

The internet is based on a loose set of rules. There is no way to force others to follow the rules, all we can do is choose not to communicate to those that refuse.

Choosing to block non-SPF records will certainly cut down on your spam, and should in fact stop bouncing of invalid messages, provided you refuse them with a 500 series message based on the SPF record, and not just accept them and bounce them later. However, as SPF is still very much in the early stages of adoption, you will also be blocking the bulk of your legitimate email.

A good anti-spam system should block as much spam as possible while at the same time blocking as little real email as possible. Going to far to one side or the other makes an anti-spam system useless as such. I for one find the SCBL to be a very nice middle-of-the-road arrangement. It blocks about 30,000 spams per day to my company, while at the same time only having 1 or 2 false positives a month. This for me is acceptable, but you have to choose what works best for you.

Link to comment
Share on other sites
Cyberglobe Member

Cyberglobe

Posted
  • Author
Posted
I think its a safe bet that spamcop will not change the way they operate or the criteria for adding someone to the blocklist based on one user complaining. So your choices are simple.

1) You can ask the recipient to whitelist your server, which is probably the easiest choice.

2) You can convince the recipient that the SCBL is evil and not to use it, though you will still have problems sending to the thousands and thousands of ISPs and businesses out there that use the SCBL. Not to mention that most SCBL users are very happy with the way it operates, and will be unlikely to quit using it because you whine at them about your email being blocked.

3) You can fix the configuration of your mail server so that you don't bombard innocent bystanders with misdirected NDRs, C/Rs, and OORs. This will solve all your problems with the SCBL (assuming you aren't sending any other spam) and you won't have to worry about it again.

37716[/snapback]

Well I am waiting for our Software vendor to get back to me with the possible fixes pertaining to this. However, we can't determine what messages are triggering them. I will be switching the C/R to Recipient Authorization only once the vendor adds that functionality. Otherwise, without this, alot of our clients will be flooded again with spam.

Yes Spammers have ruined it for us... but its time for us to take back our servers.

Link to comment
Share on other sites
StevenUnderwood What Life?

StevenUnderwood

Posted
Posted
Well your ISP offers you Webmail access right? So when you are elsewhere, you use that instead.  Plain and Simple.  If you want your Mail domain to support your ISP address, then add that into it or use a VPN to get into your network to send mail or better yet, make sure your mail server supports webmail and that should resolve the issue.

37714[/snapback]

Except that I don't own or control any of the domains that I am trying to use. This is all personal email. My ISP offers webmail, but I don't want anyone to use that address as it is full of spam and I would need to start checking it. I don't have my own mail domain, I have a third party mail provider, and I don't wish to use webmal, preferring to keep all of my mail on my own machines. Perhaps YOU have not thought this through enough.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...