Jump to content

ISP account - full reports


henpa
 Share

Recommended Posts

Hi, I've used spamcop for a long time for both reporting spam and also as a anti-spam abuse team when I used to work at a large ISP a few years ago.

Currently I am sending emails for a few customers and I regularly receive a summary spam report such as:

IPs reported in past hour:

64.34.214.40

64.34.214.40 is used exclusively by a single client for opt-in newsletter, but once in a while I get an email from spamcop saying it got a spam complaint.

My server at 64.34.214.40 is a dedicated server from Serverbeach and according to this page http://www.spamcop.net/sc?track=64.34.214.40 all reports goes only to them.

I currently have other servers with serverbeach and I would like to know how can I receive full reports from all of these servers. I have searched a lot for this answer, but I could not find it. I found someone asking the same thing, but it is not clear to me what I have to do. According to http://forum.spamcop.net/forums/index.php?showtopic=11830 I have to contact the "deputy" and ask them directly. Is that it?

Thanks a lot!

Link to comment
Share on other sites

We won't send reports to the person sending the emails.

You can always write to me if you want information.

For example...

64.34.214.40 is henpa.lojanet.com.br

Received: from henpa.lojanet.com.br ([64.34.214.40])

by [trap servername] with SMTP; 12 Oct 2011 04:xx:xx -0700

Received: from ws012 (ws012 [10.25.9.78])

by henpa.lojanet.com.br (Postfix) with ESMTP id x

for <x>; Wed, 12 Oct 2011 08:xx:xx -0300 (GMT+3)

From: "DVD WORLD" <dvdnews[at]lojanet.com.br>

Subject: =?iso-8859-1?Q?[72_HORAS_DE_LOUCURA_SONY_PICTURES_-_REDUCAO_TOTAL_DE_PRECOS]?=

Date: Wed, 12 Oct 2011

The server is sending that mail to spamtrap addresses that feed our complaint database.

A spamtrap is an unused address whose sole reason for existence is to see if people will send unsolicited mail to it. Spamtraps are basically the nonexistent addresses at small vanity domains owned by us or our associates. Mail to nonexistent addresses is proof-positive that email addresses are being added to a mailing list without the address owner's permission.

- Don D'Minion - SpamCop Admin -

- service[at]admin.spamcop.net -

.

Link to comment
Share on other sites

Thanks for your reply Don! Please let me emphasize that I hate spam and I am totally against this practice.

I'm not actually the person sending the emails, but I am responsible for the infrastructure for this specific client and a couple of others. As I have told you, each client uses their own exclusive IP addresses to avoid problems.

This client lojanet.com.br is using this server IP address for a long long time and I believe he runs a very clean opt-in e-mail list. We can never know how this "spamtrap" got into his list and who's fault this is. This client used to use icontact's service before and I can never know what happened in the past. But I do want to run a spam-free service, so I make sure my clients uses emailes that are opt-in only (I currently cannot force them all to use double opt-in) and I also make unsubscribing VERY easy and I also instantly remove e-mails bounced with "user unknown" error. Could this be an expired/old e-mail address? It shouldn't be, right?

Anyway, we offer a quick-and-easy unsubscribe link at the bottom of every email and for a month or so we've added a list-unsubscribe header that shows a mailto address that when mailed to (or clicked on gmail.com for example), users are automatically marked as "unsubscribed" and we never send them emails again.

That being said, shouldn't there be a way to eventually fix these kind of problems? I don't think there's a point in reporting spamtraps forever (eternally) without offering a way to manually fix them eventually.

Like I said, I am committed into improving my services and running a spam-free service, so please let me know if I missing something or if there's something else that I should be doing.

Thanks a lot!

We won't send reports to the person sending the emails.

You can always write to me if you want information.

For example...

64.34.214.40 is henpa.lojanet.com.br

Received: from henpa.lojanet.com.br ([64.34.214.40])

by [trap servername] with SMTP; 12 Oct 2011 04:xx:xx -0700

Received: from ws012 (ws012 [10.25.9.78])

by henpa.lojanet.com.br (Postfix) with ESMTP id x

for <x>; Wed, 12 Oct 2011 08:xx:xx -0300 (GMT+3)

From: "DVD WORLD" <dvdnews[at]lojanet.com.br>

Subject: =?iso-8859-1?Q?[72_HORAS_DE_LOUCURA_SONY_PICTURES_-_REDUCAO_TOTAL_DE_PRECOS]?=

Date: Wed, 12 Oct 2011

The server is sending that mail to spamtrap addresses that feed our complaint database.

A spamtrap is an unused address whose sole reason for existence is to see if people will send unsolicited mail to it. Spamtraps are basically the nonexistent addresses at small vanity domains owned by us or our associates. Mail to nonexistent addresses is proof-positive that email addresses are being added to a mailing list without the address owner's permission.

- Don D'Minion - SpamCop Admin -

- service[at]admin.spamcop.net -

.

Link to comment
Share on other sites

Anyway, we offer a quick-and-easy unsubscribe link at the bottom of every email and for a month or so we've added a list-unsubscribe header that shows a mailto address that when mailed to (or clicked on gmail.com for example), users are automatically marked as "unsubscribed" and we never send them emails again.

Most Brazil spamming, flooding, DOS attacks, etc that come from Brazil have "a quick-and-easy unsubscribe link" these just feed other Brazil spammers hackers and so-on with verified email addresses (won't stop Brazil spam). If they are feeding spamtraps and me they are liars (ALL spammers are liars and Brazil is full of them) and anyone connected with them (Brazil) cannot be trusted in my experience. I block the whole country! Not that I should ever be getting any email from Brazil in the first place but I do, reporting it just gives more spam

Edited by petzl
Link to comment
Share on other sites

If you are that concerned, have your clients send out a subscription reconfirmation email and only opt back in people who validate their email address as being active and that they do desire to continue to receive email from that list, otherwise expunge the email address as being either dead, spamtrap, or someone who's just too lazy to unsubscribe from the emails they were getting to begin with.

Link to comment
Share on other sites

Hi petzl, my understanding is that spam is a global problem and Brazil solely is far from the only responsible country for all the spam in the world. You should remember, however, that we're the fifth largest country in the world, with a population of almost 200 million people, and although you're probably right by saying we do generate a lot of spam, you must not generalize by implying that everyone here is automatically a spammer. That kind of comment is absolutely unnecessary and get us nowhere.

I noticed from your profile that you are from Sidney, Australia. According to wikipedia, the city where I live (Sao Paulo) has half the population (11M) of your whole country (22M). So you must put this into perspective before criticizing or naively comparing us to other countries.

There're a lot of people here fighting spam and with your kind of attitude and prejudice, yes, it is a very hard job indeed.

Most Brazil spamming, flooding, DOS attacks, etc that come from Brazil have "a quick-and-easy unsubscribe link" these just feed other Brazil spammers hackers and so-on with verified email addresses (won't stop Brazil spam). If they are feeding spamtraps and me they are liars (ALL spammers are liars and Brazil is full of them) and anyone connected with them (Brazil) cannot be trusted in my experience. I block the whole country! Not that I should ever be getting any email from Brazil in the first place but I do, reporting it just gives more spam

Link to comment
Share on other sites

Hi petzl, my understanding is that spam is a global problem and Brazil solely is far from the only responsible country for all the spam in the world.

<snip>

...Well put! In addition, not all spam coming from a Brasil source comes from a spammer from Brasil. On the other hand, Brasil ISPs and ESPs do seem to have a way to go to show that they are serious in trying to stop spam (as is also true of those in my country, the USA).
Link to comment
Share on other sites

If you are that concerned, have your clients send out a subscription reconfirmation email and only opt back in people who validate their email address as being active and that they do desire to continue to receive email from that list, otherwise expunge the email address as being either dead, spamtrap, or someone who's just too lazy to unsubscribe from the emails they were getting to begin with.

Thanks for the tip cwg.. I created this topic only because I am getting a few "spamtrap" complaints everyday from spamcop for each email my clients sends and I would like to fix that. I'm pretty sure they're always for the same spamtraps accounts.

Other than this, we're currently not having any other trouble or problems in delivering our mails. According to senderscore.org, we currently have a deliverability "Accepted Rate" of 99.73% and a senderscore of 83. We deliver over 30.000 emails daily to hotmail and SNDS (Smart Network Data Services) doesn't show any trap hits there and complaint rate are less than "0.1%", so I do believe his list is "pretty much" clean.

I could send a confirmation email to all subscribers only to get rid of these spamtraps from spamcop, but I'm worried that we could miss a lot of interested customers that simply missed our emails for any reason and my client's email list would drop considerably in size, and I would have a lot of trouble explaining that to my client, with the risk of losing his contract and live with the fact he would probably hire some other company much less careful about spam then I am. ;-)

I am researching about methods for filtering inactive subscribers from his list based on many metrics, so if a complete report from spamcop can't be made available for me at this moment, I guess I'll keep receiving spamcop's emails about these spamtraps until I can get this fixed somehow.

Thanks!

Edited by henpa
Link to comment
Share on other sites

<snip>

I could send a confirmation email to all subscribers only to get rid of these spamtraps from spamcop, but I'm worried that we could miss a lot of interested customers that simply missed our emails for any reason and my client's email list would drop considerably in size, and I would have a lot of trouble explaining that to my client, with the risk of losing his contract and live with the fact he would probably hire some other company much less careful about spam then I am. ;-)

<snip>

...This should probably be a responsibility for your customer, not for you. Do you have a TOS or AUP that requires your customers to react to spam reports? If not, I would suggest that you consider such a policy so that you could take the actions you are understandably reluctant to take to stop sending to spam traps.
Link to comment
Share on other sites

Hi petzl, my understanding is that spam is a global problem and Brazil solely is far from the only responsible country for all the spam in the world.

Not only me finding Brazil is the worst country for spamming

http://www.net-security.org/secworld.php?id=9055

A Google search verifies this

I find India and China less of a problem with spammers than Brazil. The reality is that India and China do react to spammers and deal with them, Brazil doesn't seem to do anything except aid the spammer.

Doubt if my "attitude" about Brazil is a lone one. All spammers are doing is making Brazilians disliked and untrusted. This distrust is overflowing to all other aspects about Brazil aside from your spam.

Australia while a small population is serious about dealing with spammers all ISP's block port 25 (that I know of) I use Greylisting which accepts only email from mail servers.

You might wish to learn about "double opt-in" any mail list without it is just spamming junk (why your spam is being picked up by spamtraps)

Confirmed mailing lists (double opt-in) require the would-be subscriber to provide a positive response to an initial email. For example, the recipient must respond to an email or click on a link in an email.

You only think that your spam gets through to Hotmail inboxes? Neither Hotmail, Gmail or Yahoo block it. They just put it in a junk/spam folder. Everyone just pushes the empty spam button without opening it (dangerous to even open spam)

Edited by petzl
Link to comment
Share on other sites

Dear petzl,

1) Anyone can google any combination of words and find many "amazing" articles. Example: http://romeocayabyab.com/australia-not-in-...e-to-6-spammer/

2) This topic is not about how you perceive Brazilians.

3) Sorry, I ran out of troll food.

Not only me finding Brazil is the worst country for spamming

http://www.net-security.org/secworld.php?id=9055

A Google search verifies this

I find India and China less of a problem with spammers than Brazil. The reality is that India and China do react to spammers and deal with them, Brazil doesn't seem to do anything except aid the spammer.

Doubt if my "attitude" about Brazil is a lone one. All spammers are doing is making Brazilians disliked and untrusted. This distrust is overflowing to all other aspects about Brazil aside from your spam.

Australia while a small population is serious about dealing with spammers all ISP's block port 25 (that I know of) I use Greylisting which accepts only email from mail servers.

You might wish to learn about "double opt-in" any mail list without it is just spamming junk (why your spam is being picked up by spamtraps)

Confirmed mailing lists (double opt-in) require the would-be subscriber to provide a positive response to an initial email. For example, the recipient must respond to an email or click on a link in an email.

You only think that your spam gets through to Hotmail? Neither Hotmail, Gmail or Yahoo block it. They just put it in a junk/spam folder. Everyone just pushes the empty spam button without opening it (dangerous to even open spam)

Edited by henpa
Link to comment
Share on other sites

Dear petzl,

1) Anyone can google any combination of words and find many "amazing" articles. Example: http://romeocayabyab.com/australia-not-in-...e-to-6-spammer/

2) This topic is not about how you perceive Brazilians.

3) Sorry, I ran out of troll food.

Thanks for the link! Australian Courts take years to act but they do

http://www.caslon.com.au/anzspamprofile4.htm

Nikhil Kumar Pragji will eventually face court and is likely if found guilty to be deported penniless (takes around 5 years. The above link shows a 3 year lag which is quick for our courts )

Brazil does not even try to catch spammers with ISP's actually aiding them

I'm forever getting your spam and it reads to me like this For security reasons I don't open mail in HTML only plain text

You being a spammer though are not interested in cleaning up your mail list obtained by hacking websites (You hitting spamtraps prove this). In Australia you would face criminal charges (don't travel here)

Until you clean up your spam list your email just ends up in the bit-bin or Junk folder, never getting read, costing you business and harming your country

Edited by petzl
Link to comment
Share on other sites

Hi petz, I was writing a reply to you (because you got a lot of things wrong again), but then I realized that you might just need a hug.

Is there somewhere in Australia that you can go, like visiting a friend, or a family member, and ask for them to give you a nice warm hug?

I know you're from Australia, but remember that "No man is an island" (John Donne). ;-)

Regards from Brazil!

Thanks for the link! Australian Courts take years to act but they do

http://www.caslon.com.au/anzspamprofile4.htm

Nikhil Kumar Pragji will eventually face court and is likely if found guilty to be deported penniless (takes around 5 years. The above link shows a 3 year lag which is quick for our courts )

Brazil does not even try to catch spammers with ISP's actually aiding them

I'm forever getting your spam and it reads to me like this For security reasons I don't open mail in HTML only plain text

You being a spammer though are not interested in cleaning up your mail list obtained by hacking websites (You hitting spamtraps prove this). In Australia you would face criminal charges (don't travel here)

Until you clean up your spam list your email just ends up in the bit-bin or Junk folder, never getting read, costing you business and harming your country

Link to comment
Share on other sites

Hi petz, I was writing a reply to you (because you got a lot of things wrong again), but then I realized that you might just need a hug.

Is there somewhere in Australia that you can go, like visiting a friend, or a family member, and ask for them to give you a nice warm hug?

I know you're from Australia, but remember that "No man is an island" (John Donne). ;-)

Regards from Brazil!

I know your a spammer there is a rule number one about them!

However I've given real advice which you are trying to skirt around

If you wish to legitimize your mail list and then perhaps do legitimate & more business

(see where your/their email ends up when sent to Gmail, Yahoo, Hotmail)

You need to use "Double Opt-in" for email subscribers

An honest unsubscribe link or link via email (you need to test these links to see if they work)

You need to campaign to clean up Brazil's spamming reputation!

Edited by petzl
Link to comment
Share on other sites

Thanks for the tip cwg.. I created this topic only because I am getting a few "spamtrap" complaints everyday from spamcop for each email my clients sends and I would like to fix that. I'm pretty sure they're always for the same spamtraps accounts.

If your clients had used a confirmation email to begin with, we wouldn't of needed to make this thread.

Obviously, a spamtrap email address cannot confirm opt-in.

Edited by cwg
Link to comment
Share on other sites

In support of cwg's response, there is no easy option. SpamCop will not divulge its spamtrap addresses nor (presumably) provide information sufficient to allow them to be easily discerned (but full marks for trying :P ). As I understand it, the Brazilian Internet Steering Committee has strongly recommended the adoption of self-regulation for e-mail "marketing". The guidance notes for that self-regulation place confirmation of opt-in at the forefront of methods to ensure compliance - http://www.capem.org.br/index.php -

1 - Who can I send e-mail marketing?

The Code states that the bases should be opt-in or soft opt-in. That is, recipients must have requested the receipt of messages (opt in). Or, the sender must have a social or business relationship with the prior and verifiable recipient (soft opt-in)

If your company has been carrying out actions of email-based marketing to a recipient that does not fit in the above is accurate fit. One suggestion is to conduct a campaign for its recipients to confirm their intention to continue receiving your emails. That is, turn them into opt-in. ...

The Brazilian Internet Steering Committee uses metrics to monitor the effectiveness of and compliance with (or lack of it) its "consultative recommendations". Those metrics have included SpamCop statistics in the past and, presumably, will continue to do so. henpa - if your client cannot be convinced that, no matter who his service provider might be, compliance with the self-regulation code is in the interests of himself and of the entire Bazillian internet sector, then he is past redemption and, in light of your self-professed dislike of spamming and fight to eliminate it (for which the global community thanks you) you might consider taking the risk of losing him.

As I understand it, service providers in Brazil are not responsible (beyond the most basic measures) for their users' transgressions so it is a lot to ask of you, you are not "in the firing line" and you have a service to run at a profit. But it is not as much as you seem to be asking of SpamCop.

Link to comment
Share on other sites

Thanks Farelf. I read this self-regulation document for e-mail marketing, but I think it's really simple in the sense that it only mentions simple "opt-in" (which I think means when people registers on a website and "explicitly" allows to receive email) and also a "soft opt-in" method (which I think means when users registers or purchases something on a website and "implicitly" accepts to receive email marketing from that company). It doesn't say anything about validating e-mail or has no mention to "double opt-in".

Other than that, it only says very basic things such as including a unsubscribe link, sending mail from the domain of your company, having SPF set up, bla bla. So I would say my client is doing exactly what it is specified in that document.

My clients currently does "opt-in", not "double opt-in". Can you say my client is a spammer just because he doesn't validate emails? Although I agree that not validating email is not the best practice, I wouldn't call this "spamming". My understand of spammer is when people buy and share other people's lists. And I am sure this isn't what my client is doing. I do understand all the negative points by not validating (users using fake e-mails, users typing they emails wrong, emails going to other people, going to spamtraps, etc, etc).

I talked to him and he is willing to validate all of his emails... So we will send an email per week asking people to validate their email. User's can either validate or not validate his email. Validated users will continue to get his daily newsletter again, and users who explicitly don't validate (click on a link that says "I do not want to continue receiving emails") will not get more emails. But we'll continue to send emails to invalidated e-mails for a couple of weeks to make sure no one misses our emails. He wants to send confirmation emails about 8 times. Would you say this procedure is correct?

Thanks

In support of cwg's response, there is no easy option. SpamCop will not divulge its spamtrap addresses nor (presumably) provide information sufficient to allow them to be easily discerned (but full marks for trying :P ). As I understand it, the Brazilian Internet Steering Committee has strongly recommended the adoption of self-regulation for e-mail "marketing". The guidance notes for that self-regulation place confirmation of opt-in at the forefront of methods to ensure compliance - http://www.capem.org.br/index.php -

The Brazilian Internet Steering Committee uses metrics to monitor the effectiveness of and compliance with (or lack of it) its "consultative recommendations". Those metrics have included SpamCop statistics in the past and, presumably, will continue to do so. henpa - if your client cannot be convinced that, no matter who his service provider might be, compliance with the self-regulation code is in the interests of himself and of the entire Bazillian internet sector, then he is past redemption and, in light of your self-professed dislike of spamming and fight to eliminate it (for which the global community thanks you) you might consider taking the risk of losing him.

As I understand it, service providers in Brazil are not responsible (beyond the most basic measures) for their users' transgressions so it is a lot to ask of you, you are not "in the firing line" and you have a service to run at a profit. But it is not as much as you seem to be asking of SpamCop.

Link to comment
Share on other sites

My clients currently does "opt-in", not "double opt-in". Can you say my client is a spammer just because he doesn't validate emails? Although I agree that not validating email is not the best practice, I wouldn't call this "spamming".

Thanks

So your "client" can hit SpamCop's spamtrap addresses?

Doubt if SpamCop has the only traps he is hitting?

Typically (not always), these addresses are 10 alphanumeric names or even more (Vj9ymRmjrR[at]brazil.nit.br). This example is equal to 80 bit encryption which is estimated for a computer to take 6 years to crack so they are not being accidents (I would score this address as being equal to 10 "guessable" spamtrap hits).

spamrap addresses are often graded/scored by those using them, as to there "guess ability" to block spam

So how then are these being fed into or onto your "clients" mailing list if not collected by a spambot?

Any unsubscribe needs to be checked (use a free throwaway email like Gmail).

Subscribe anonymously then when you get a message try unsubscribing to see if this works, or if if feeds other mailing lists (spammers).

This will also test if Gmail (or who ever) is putting your mail in the inbox, junk or bit-bin

Another issue is with spam, is protection getting so good. Particularly from competent email providers (Gmail) most spam is simply not being seen there and it's no longer being reported. Reporting (even unsubscribing) often just leads to more spam.

Without doing what I suggest you are simply deluding yourself to think your "email" goes anywhere

Edited by petzl
Link to comment
Share on other sites

...I talked to him and he is willing to validate all of his emails... So we will send an email per week asking people to validate their email. User's can either validate or not validate his email. Validated users will continue to get his daily newsletter again, and users who explicitly don't validate (click on a link that says "I do not want to continue receiving emails") will not get more emails. But we'll continue to send emails to invalidated e-mails for a couple of weeks to make sure no one misses our emails. He wants to send confirmation emails about 8 times. Would you say this procedure is correct?

I'm no expert on list management, it sounds a little excessive but you would certainly be left with no more spamtrap hits after 8 weeks. You would be thinking of building a "confirmed" list by progressively migrating confirmed subscriptions to a new list and deleting them from the original list? Also deleting those opting out as they are received. You then send to both lists which are mutually exclusive until, after 8 weeks, you finally scrap the original list and move to the wholly-confirmed list only? The quibble against it is of course that anyone who never did subscribe should never have to unsubscribe and to finally get off the list without unsubscribing they have to endure 8 more weeks and 8 reminders to "confirm" their bogus subscription. The hard-line approach would be for one verification run only.

So, it is a compromise you are looking at. I understand why your customer wants it to be spread out to that 8 week extent (to cover almost any instance of inattention through the temporary absence of the recipients) and cannot fault him for that - except for having a compromised list in the first place - since you assure us he is not an intentional spammer. Of course he needs to follow the full rigour of the positive methods of "full verification" for the future growth of his list - http://www.mail-abuse.com/an_listmgntgdlines.html - to keep his list clean. Then (I imagine), subject to proof of a properly maintained list, you and he might anticipate that SC would be in a position to lend co-operation in discounting any bad reports that might be made (it seems almost always there is someone who forgets they subscribed) and disciplining the reporters who make them (assuming all your customers have verifiably clean lists).

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...