Too much wasted time for a non-help query

[ClayRabbit]

No, I don't agree.

No, it is not a fact.

Why? All just going sraight like that. If you have "autoresponders & vacation messages and/or running MTA with delayed bounces" you can be blacklisted _anytime_ because of some misderected reply on spam message went into spamtrap. There is no way prevent such things while you have "autoresponders & vacation messages and/or running MTA with delayed bounces".

[Wazoo]

Why?

SpamCop FAQ - top of this page

Jump To Section Links ->

• SpamCop Parsing & Reporting Service
  
• How to "Forward as Attachment"
  
• SpamCop Email System & Accounts
  
• SpamCop Blocking List Service
  

SpamCop Blocking List Service

• How do I configure my mailserver to reject mail based on the blocklist?
  
• What is on the list?
  

Once again, please show me where you find the "political" words in that definition.

Please show where it states "only for an ISP using exim that bounces."

Please show how the "math formula" does "not" apply to your situation.

[ClayRabbit]

Once again, please show me where you find the "political" words in that definition.

Please show where it states "only for an ISP using exim that bounces."

Please show how the "math formula" does "not" apply to your situation.

There is no such words there, so what? This doesn't affect existing situation.

What math formula?

[Wazoo]

There is no such words there, so what? This doesn't affect existing situation.

You are the one that brought up that scenario.

What math formula?

The whole section under the title SCBL Rules

[Derek T]

Perhaps it is time to stop feeding this troll, Wazoo? and to take it to the lounge where it belongs?

[ClayRabbit]

So what with that formula? In our situation there was no regular reports at all. Only spamtraps. So what? BTW, inside "SCBL Rules" described how score is counted, but where is discription about how this score is used?

"If a server sends bounces to an SCBL spamtrap in sufficient quantity to meet the listing criteria, the SCBL will list that server."

[Wazoo]

but where is discription about how this score is used?

"If a server sends bounces to an SCBL spamtrap in sufficient quantity to meet the listing criteria, the SCBL will list that server."

You ask where the forumula is, you ask how it is used ... then quote that specific set of details ... I belive it's time for you to hire a translator (or possbly a server Admin) .. you don't understand my long answers, you don't understand my short answers, you don't understand answers posted by other people, you don't understand words posted by someone else from a few years back .... and, the bottom line .. you have played this "don't understand" for too long.

83.102.212.34 not listed in bl.spamcop.net

83.102.151.66 not listed in bl.spamcop.net

The possible future re-listing seems like it's on your shoulders. You do know what the problem situations are, some solutions have been offered ... game time is over ....

Moved to the Lounge as a useless waste of time for most folks concerned ....

[ClayRabbit]

you don't understand my long answers, you don't understand my short answers, you don't understand answers posted by other people

Nope. I "can't understand" only your posts there. Other's posts in this thread is quite simple to understand.

Yep. As you said - enough is enough. I got enough about SpamCop's attitude to that problem.

PS: You are free to keep moving my posts and renaming my topic as long as you want

[Wazoo]

I got enough about SpamCop's attitude to that problem.

For a "SpamCop.net attitude, you'll need to talk to the "official" staff. You've been wasting volunteer time here, folks that have tried to help in their spare time ....

PS: You are free to keep moving my posts and renaming my topic as long as you want

Wow! Thanks for your permission. That certainly makes things easier ....

[Miss Betsy]

Nope. I "can't understand" only your posts there. Other's posts in this thread is quite simple to understand.

Yep. As you said - enough is enough. I got enough about SpamCop's attitude to that problem.

PS: You are free to keep moving my posts and renaming my topic as long as you want

If you can understand other posts, then why did you only answer Wazoo's?

There were several other people who tried to explain what you did not seem to understand. Now we don't know whether you did understand or not.

Miss Betsy

PS A minor translation problem: 'attitude' is not the word you want to use. The word has a connotation from slang use that is confrontational. 'policy' would be a better choice. In slang, people with 'attitude' are not nice. 'Policy' is neutral. Spamcop can have a policy which you may, or may not, agree with, but it is simply a policy without any particular meaning. If you use 'attitude,' native American English speakers get a first impression that you are accusing spamcop of being arrogant on purpose to annoy others.

[loafman]

Unfortunamely, AFAIK, many admins using RBLs thoughtlessly. They just paste 1-3 rbls in config, and though - now it's all right with my mail. I think many of them is not quite aware that using SpamCop RBL for mail rejection currently means "I agree to reject all mail from any mailserver just because that server supports autoresponders & vacation messages and/or running postfix or exim". At least most of postfix and exim users wouldn't use bl.spamcop.net if they realized that fact, I think

Postfix will not produce backscatter if you configure it correctly. I know because I've done it and it works. I'm not sure about exim, but I'm sure a bit of googling will get the answer that you need.

[ClayRabbit]

If you can understand other posts, then why did you only answer Wazoo's?

Miss Betsy, I didn't answered to your posts, because the source of problem we are discussing there is inside technical area of mailserver functioning. As I can see you are not expirienced in that? I understand your position as end-user.

But we still just don't have a real possibility to completely disable delayed bounces. And there is still huge number of mailservers arround that sends "Failed to deliver to 'blah[at]blah.blah' because: account is full (quota exceeded)". And I cant agree with intention to treat such hosts as spammers because bounce messages was and still the part of official SMTP definition (RFC2821). Those hosts acts exactly as required by RFC.

Postfix will not produce backscatter if you configure it correctly. I know because I've done it and it works.

That's good. Then I was wrong about postfix. But give me some answers:

a) Postfix writes message to mailbox during SMTP-session? It checks mailbox quota during SMTP session? What happened if quota is exceeded?

Let's presuppose, your user have forwarder from local address to remote. What happened if your mailserver is received message to that address while remote address is undeliverable (quota exceded/server unavailable/etc.)?

There will be no bounces generated in such circumstances?

I'm not sure about exim, but I'm sure a bit of googling will get the answer that you need.

Of course I tried it. This time and few monthes ago. Found nothing for a while.

But, BTW found very interesting discussion about bounces: http://lists.megacity.org/pipermail/rfci-d...ber/003784.html

[Miss Betsy]

But we still just don't have a real possibility to completely disable delayed bounces. And there is still huge number of mailservers arround that sends "Failed to deliver to 'blah[at]blah.blah' because: account is full (quota exceeded)". And I cant agree with intention to treat such hosts as spammers because bounce messages was and still the part of official SMTP definition (RFC2821). Those hosts acts exactly as required by RFC.

I know that it is a problem because the RFC has not been modified. As you point out, as an end user, I am not in a position to comment on this aspect.

However, the end users are the ones who want spam-free inboxes. And the way that ISPs insure spam-free inboxes for their customers is mainly through blocklists. Spamcop is not the only blocklist that lists spam trap hits. Forewarned is forearmed.

And, as I said before, there are many server admins who have been able to work around this problem. Hope you get the information that you need. Then you won't be annoying the rest of the internet with unsolicited bounces.

Miss Betsy

[StevenUnderwood]

But, BTW found very interesting discussion about bounces: http://lists.megacity.org/pipermail/rfci-d...ber/003784.html

Yes, TECHNICALLY server B is following the rules BUT server B is using a way of notifying "the sender" that a lot more often than not notifying an innocent 3rd party (almost 90% of the messages coming to my domain are spam, all with forged email addresses).

Another rule is my server, my rules. I CHOOSE to use spamcop because of their stand on misdirected bounces, among other things. I also use a personal blacklist of servers that have sent more than 10 back scatter messages directly to my server. Those servers do NOT come off that list.

The management at my company has listened, understands, and supports the settings I use (we are public and subject to Sarbanes-Oxley review of all policies each year). They like the fact that we cut the ISP charges by about half simply by eliminating the spam in addition to having to deal with less spam.

[dbiel]

But we still just don't have a real possibility to completely disable delayed bounces. And there is still huge number of mailservers arround that sends "Failed to deliver to 'blah[at]blah.blah' because: account is full (quota exceeded)". And I cant agree with intention to treat such hosts as spammers because bounce messages was and still the part of official SMTP definition (RFC2821). Those hosts acts exactly as required by RFC.

You seem to have forgotten that the RFC was based on the assumption that the Reply to and From addresses are real, not forged, which is the case of most spam being sent today.

Again the real problem is that those forged addresses just happen to be real addresses belonging to someone else.

Maybe you have just been lucky, but a lot of people have received hundreds and even thousands of bounced messages in one day due to their address being used as a forged address by some spammer.

Why should anyone be forced to receive those type of bounces which you seem to think are just fine to send out.

That is why SpamCop handles servers that bounce mail to forged addresses the same as original messages from the spammer.

You want an easy fix. Use a different IP address to bounce mail from than the one you use to send mail from. You will still be considered a spammer because of the bounced mail, but at least your regular mail would be unaffected.

A much better approach is to try to identify the message first. If it is spam don't bounce it. If it is legitimate mail then send the bounce. There is nothing wrong will sending bounces or vacation notices, as long as they go to the person that actually sent the original message.

But bouncing mail to someone that did not send it in the first place is just wrong!!!!

And if you can not understand that then you are definitely part of the spamming problem and should be considered a spammer.

[ClayRabbit]

Already said, you can just filter all remote bounces. It's even possible to use separate RBL zone for hosts blacklisted because of bounces. So you can for example filter only bounces from that host.

That much more easier than force postmasters over the world to change their software to fit your rules, not RFC. But it seems somebody just prefer the way of extremism.

Thanks for "easy fix" solution. I'll think about that. Sounds easy to implement.

StevenUnderwood, if receiveing of 100 spam messages for you is worse than rejecting 1 legitimate email, you can keep such aggressive filtering. For many people that is not acceptable.

[dbiel]

That much more easier than force postmasters over the world to change their software to fit your rules, not RFC.

That depends on HOW you read the RFC and WHAT you read between the lines.

Your reading of the RFC says that it is OK to send bounces to FORGED addresses.

My reading of the RFC says that it is OK to send bounces to THE ORIGINAL SENDER as defined by the From or Reply to entries.

We are both reading between the lines.

The RFC was written based on the assumption that addresses are valid, not forged.

Just like original airline security did not check for bombs because "why would anyone put a bomb on a plane" It just was never considered.

The same is true for the RFC.

Where in the RFC does it say that it is OK to forge the From or Reply to entries? It does not.

So your interpretation is that it is OK to follow the letter of one RFC (ok to bounce) in reply to someone else who has already violated the RFC by using incorrect From and Reply to entries.

There just was not any RFC written to cover the current situation.

Traffic laws do not permit stopping for a green light. But just because the traffic RFC say green light means GO, if another car is going 175mph headed for a RED light and is going to hit me if I go through my green light, the SMART thing to do is to stop for the green light and not get hit.

But your interpretation says the RFC says GO so I am not going to STOP, I will just hit or be hit by the other vehicle, I just do not care. The RFC say GO, thats what I am going to do.

So you tell your insurance company, yes I saw the other car coming, yes I could have stopped in time to avoid the accident, but I had the green light so why should I stop? So what do you think that the insurance company is going to do with your insurance policy? The odds are that they will cancel it because you are an unsafe driver; you saw that an accident was coming and you could have prevented it, but you chose not to.

If in one year you are involved in 50 traffic accidents (none of them your fault) do you really think that anyone will really care that they were not your fault because you were just following the RFC; that your insurance rate will not skyrocket anyway or more likely just be cancelled simply because you are an unlucky driver. Your answer would be "It was not my fault, I should not be punished because someone else broke the law"

Spammers do not follow the RFCs but I have the right to add to the problem since I am following the RFC as regards bounces. I just do not send them where they are suppose to go (to the original sender) I just go ahead and send them to any FORGED address. I do not care if that causes a problem for someone else. They just better not affect my ability to have all of my mail delivered regardless of the fact that I do not care if I am sending it to the right place or not. Who's being unfair in this situation. SpamCop who is helping people avoid massive amounts of invalid bounced mail, or YOU the sender of the bounced mail?

[Miss Betsy]

That much more easier than force postmasters over the world to change their software to fit your rules, not RFC. But it seems somebody just prefer the way of extremism.

It is not just spamcop that has these rules. Long before spamcop allowed reporting of misdirected bounces, AOL stopped accepting email and then rejecting it because of the complaints from the recipients of forged return paths.

And spamcop is not the only blocklist that uses spam traps. There are other less aggressive blocklists that also use spam traps. It is only a matter of time before you are on those blocklists also.

And, 100 misdirected bounces is the norm. Some people have had thousands. In addition, many people are panicked by seeing their email address as the 'sender' of spam. Those misdirected bounces cause every bit as much trouble and expense as spam.

Miss Betsy

[StevenUnderwood]

StevenUnderwood, if recieveing of 100 spam messages for you is worse than rejecting 1 legitimate email, you can keep such aggressive filtering. For many people that is not acceptable.

At work, we actually are currently using another company to filter our messages before delivering the clean ones to us. They hold the messages for a length of time so if someone calls and says we are not receiveing their emails, I can go in and forward the message. I have not been asked to do that in over 2 years (right after we set it up. Each user can whitelist their own addresses, if needed, but few have.

To be fair, we are primarily an OEM supplying parts to other companies and not dealing with "end user" types of email accounts, except for personal stuff.

Here are the stats for our domain for a single day...seems like a slow day, only 67% spam.

Inbound Traffic by Domain - From 05-25-2006 to 05-25-2006 (1 day)

Messages 3,776

Bytes 133,661,126

Acct Msgs 3,776

Forwarded Acct Msgs 1,249

% of Msgs 33.1

% of Bytes 80.6

Blocked Acct Msgs 0

% of Msgs 0.0

% of Bytes 0.0

Quarantined Acct Msgs 2,527

% of Msgs 66.9

% of Bytes 19.4

[Wazoo]

SapmCop newsgroup traffic just today from the other side to the issue ...

Path: news.spamcop.net!not-for-mail

From: "Peter Day"

Newsgroups: spamcop

Subject: Newbie needs advice

Date: Fri, 26 May 2006 15:32:43 +0100

Message-ID: <e573im$a3g$1[at]news.spamcop.net>

We have our own 'domain' (the-days.org.uk.) Hosted by Low Cost Names here in

the UK. We only have 3 e-mail addresses set up and mine is the 'master'

which also receives mail adressed to *[at]the-days.org.uk where * is not one of

the real adresses.

I started to get a lot of e-mails that seemed to be from the Mail Delivery

System at some real place claiming e-mail sent by *[at]the-days.org.uk had

failed to reach the recipient and was being returned. The * in these cases

are all different and just random letters.

I was concerned we might have a Trojan on one of our machines (though Norton

Internet Security found nothing) but LowCostNames said they thought it was

spam (seems to me to be the most bone-headed and useless spam invented) and

that I should subscribe to SpamCop. They arranged to foward my mail to

Spamcop, but this isn't forwarding these 'returned' mails to the funny

addresses. I now see those by picking them up in Yahoo. I'm attaching one -

not all of it, just the headers - as a text document. This claims to be in

response to a message from iozdi[at]the-days, needless to say this doesn't

exist.

Question for you clever guys (I looked through the forum and didn't

understand half of what I was reading) - is this spam, is it a real response

to a message sent by a spammer pretending to be on our domain, is it a

Trojan?

Grateful for any advice.

Peter

(Note that the use of "forum" apparently means "newsgroups" ...???)

Part of a Reply;

Path: news.spamcop.net!not-for-mail

From: "Mike Easter"

Newsgroups: spamcop

Subject: Re: Newbie needs advice

Date: Fri, 26 May 2006 08:19:50 -0700

Message-ID: <e576ae$csk$1[at]news.spamcop.net>

References: <e573im$a3g$1[at]news.spamcop.net>

Peter Day wrote:

<uuencoded begin 666 is this spam.txt>

Do not post spam or spam headers or raw spam into a discussion group,

neither inline nor as an attachment. The best way to discuss a spam or

other email item is to paste it into the parser, copy the tracking url,

and paste the tracking url into a discussion group. The only other way

to past a spam somewhere is in the group spamcop.spam, which is

specifically for pasting such things as do not belong in discussion

groups -- but is itself not a discussion group.

> We have our own 'domain' (the-days.org.uk.) Hosted by Low Cost Names

> here in the UK. We only have 3 e-mail addresses set up and mine is

> the 'master' which also receives mail adressed to *[at]the-days.org.uk

> where * is not one of the real adresses.

If you accept all of the mail to non-existent addresses you are going to

get a lot of spam which wasn't addressed to your real usernames, which

seems terribly 'wasteful' or inefficient. It is not advised to accept

that mail which doesn't have real usernames.

> I started to get a lot of e-mails that seemed to be from the Mail

> Delivery System at some real place claiming e-mail sent by

> *[at]the-days.org.uk had failed to reach the recipient and was being

> returned. The * in these cases are all different and just random

> letters.

Exactly. That's why you shouldn't do it. Spammers create usernames and

use them in the To and use them in the From. Some servers accespt spams

for delivery and then 'turn around' and create a newmail addressed to

the bogus From to inform the From the spam wasn't delivered. You are

going to get all of the spams addressed to any the-days and you are

going to get all of those belated delivery status newmails which have

any the-day in the From.

> I was concerned we might have a Trojan on one of our machines

No. The belated DSN is not from an item generated by ie sourced from

your machine. It is from a spam with a bogus the-day addy in the From.

--

Mike Easter

kibitzer, not SC admin

Yet another explanation offered ......