simbalion

I will do that. One last question, is the reputation score change finalized from when the emails are forwarded, or only after I click the 'send report' button? I am tired of sending reports when many of them get /dev/nulled, and if that part of the process isn't necessary for the core function of spamcop then I might lower it on my priority list.

I understand your counter and I agree with you, when resources are considered, and when the company is going to /dev/null them anyway, then it does make sense. At least in the case of SendGrid, I believe the /dev/null practice should be stopped. This email I received from their abuse department suggests not only do they "Take seriously" reports of spam from their customers, but encourages me to continue sending reports of unsolicited email from their network. That sounds like they want to receive SC reports. Can we end the /dev/null on their emails? I've quoted the email I received below. Hello, Thank you for taking the time to report this spam message to the SendGrid Compliance team. Reports like yours allow us to be aware of users who are not following our terms of service, and we greatly appreciate them so that we may take action on your behalf in order to ensure that our services are not being used for the sending of unrequested email. We take user complaints very seriously and do not tolerate spamming, and as such we are moving forward by investigating the practices and email policies of this user. Thanks again for sending us this report, and please continue to do so in the future with other unsolicited messages you may receive from SendGrid so that we may work to keep our services free from this type of activity. Kind regards, SendGrid Compliance

Respectfully, I disagree. That does not even fit the definition on the SpamCop website. While abuse reports are certainly unsolicited, they aren't bulk. And therefore they aren't spam. Further, why should the negligent administrators get a free pass from having to deal with the headaches caused by spammers they are permitting to operate? For every 1 email their spammers send, they should have to read at least 1 email themselves, preferably more, until the problem is dealt with. Regarding reputation, if Amazon AWS, a gigantic hosting company, has been doing nothing about spam on it's network, then surely there must be a ton of spam coming from it's network, why aren't they blacklisted by now? Sendgrid is another company I've noticed that is being /dev/nulled. They're a bulk email company, so it seems even more despicable that they should somehow not have to take responsibility for their actions. In the case of Sendgrid, the spam I've received from them has unsubscribe links but they do not function, which is a violation of the CAN-spam act and should be getting reported to them, but because of the /dev/null policy requires I send them a unique email every time which is a _huge_ inconvenience and probably ensures that they receive far fewer reports than the problems justify. I understand SpamCop doesn't want to be seen as hostile or troublesome, but where is the harm in shaking things up a little? spam is a problem because of negligent administrators, more than any other reason. I don't think those administrators should be given a pass, no matter how large their employing organizations are.

I understand that sometimes reports are sent to /dev/null because the abuse@ address has requested they not be sent any longer, but is that not an abdication of their responsibilities? For a hosting company in particular, keeping on top of which systems are sending spam is vital to ensuring the security of their network, since spam most often originates from compromised servers. The abuse@ person should not be permitted to hide from the reports. Is this the reason abuse@amazonaws.com gets /dev/nulled or is it some other reason? And when a network provider has decided to neglect it's obligation to police it's own infrastructure, does that reflect negatively on their reputation?