Jump to content

Yahoo! groups


F. Jones

Recommended Posts

I read a fairly heated thread on the forum about SpamCop's handling of Yahoo! groups. The gist of the thread was that unsolicited mail can come from Yahoo! groups and SpamCop blocks it.

That all sounds good, but I'm interested in whether or not this has the effect of blocking legit mail from Yahoo! groups.

I've been testing out a number of RBLs lately and several of them resulted in the blockage of legit Yahoo! group traffic. I seem to have a lot of Yahoo! group users, so this is important to me.

Anyone have any thoughts on this? I've considered a simple whitelist for the groups, but the lists I checked that blocked these groups seemed to be a bit too aggressive in general, so this seems to be a good litmus test. Also, given that the front page for SpamCop's blacklist info says that's it's too aggressive for production use (as a simple BL, that is), I thought it would be worth asking what others think of the BL.

Other departments here are using the SpamCop BL, but we have all different kinds of users and what's good for one group, might not be good for us. Personally, I have no need for group traffic, but the guy in the office next to me would probably flip without it.

Link to comment
Share on other sites

It's not the "groups" that are blocked. SpamCop works with the IP address of the spew. So yes, if a Yahoo server makes it into the BL, any traffic from that server can end up being blocked by those ISPs that use the BL in that fashion.

You mention the "too aggressive" phrase in the write-up, but you leave out the suggested use of "Tagging or sorting" rather than actually "blocking" words. And yes, it's a fact that most e-mail apps are written such that it is easier to block than figure out how to "manage" the incoming stuff.

Use of a whitelist is also an issue for some e-mail apps. Whereas the "blocking" action might e a line or two of code, filtering, tagging, and moving might take several lines of code, and the application of white-list filters may not be an easy, as where and when they are invoked can be an issue ... and if you white-list a source of incoming e-mail to make that one person happy, how many other folks will be upset at receiving the spam that caused that source to be identified as a "bad" source? Then there's the question of corporate policy and rules (you mention departments ond other office) ... what Yahoo Groups are used that would provide impact on the business concerns bottom line?

Link to comment
Share on other sites

It's not the "groups" that are blocked.

Well, if the servers that pass along the group e-mails are blocked, it's the same thing. It looks like they all have "grp" in their address, so it appears that they have dedicated servers for the groups.

So yes, if a Yahoo server makes it into the BL, any traffic from that server can end up being blocked by those ISPs that use the BL in that fashion.

I guess what I was asking was...does this happen a lot? But I suppose the frequency isn't all that important, if it happens at with any regularity at all, now that I think about it.

You mention the "too aggressive" phrase in the write-up, but you leave out the suggested use of "Tagging or sorting" rather than actually "blocking" words.

That is why I wrote "as a simple BL". We're only dealing with standard blocking at this point.

... and if you white-list a source of incoming e-mail to make that one person happy, how many other folks will be upset at receiving the spam that caused that source to be identified as a "bad" source?

This is a non-issue. It doesn't matter how many users are upset about getting too much spam if any user can't get his legit mail on a regular basis. At least in our situation.

I guess since the BL is aimed for use as a weighting factor, this is understandable, and I should heed the warning.

We understand that on very rare occasions we're going to have a legit message bounced, but we can't use the list if it's going to do something like this on a regular basis.

... what Yahoo Groups are used that would provide impact on the business concerns bottom line?

That's not my concern. More than that, that's none of my business.

I guess I've been going about this the wrong way. I should take the warning at its word and try and determine if the list is workable with a few whitelisted entries.

Has anyone else had any experience with similar organizations getting their mail blocked systematically by SpamCop?

Link to comment
Share on other sites

It's not the "groups" that are blocked.

Well, if the servers that pass along the group e-mails are blocked, it's the same thing. It looks like they all have "grp" in their address, so it appears that they have dedicated servers for the groups.

Yes the end result may be similar, but .. it's the problem of using the generic "Yahoo Groups" descriptuion vice talking about a specific IP address of "a" server ... I don't have knowledge of how Yahoo manages their server farms, so I can't tell you if one server handles 30 groups or if it's more of a load sharing set-up and all outgoing traffic just goes to the least busy server ...

So yes, if a Yahoo server makes it into the BL, any traffic from that server can end up being blocked by those ISPs that use the BL in that fashion.

I guess what I was asking was...does this happen a lot? But I suppose the frequency isn't all that important, if it happens at with any regularity at all, now that I think about it.

Again, this is a question in abstract, one would have to tackle the specifics with a specific IP address to see what the history is, perhaps also relating to the above unknowns on Yahoo's configurations.

... and if you white-list a source of incoming e-mail to make that one person happy, how many other folks will be upset at receiving the spam that caused that source to be identified as a "bad" source?

This is a non-issue. It doesn't matter how many users are upset about getting too much spam if any user can't get his legit mail on a regular basis. At least in our situation.

Well, that was kind of the side issue ... is something from a Yahoo Group actually considered "legitimate e-mail" in the view of the business you're working for/at?

We understand that on very rare occasions we're going to have a legit message bounced, but we can't use the list if it's going to do something like this on a regular basis.

And again, if it's "bouncing" (and that's a actually a bad word, "rejected" would be much better, both in sound and execution) .. this is where the Tagging of the incoming would be more appropriate .. use of Tagging would allow users to set up filters to do with this stuff as they choose.

... what Yahoo Groups are used that would provide impact on the business concerns bottom line?

That's not my concern. More than that, that's none of my business.

As above, in the terms of the business environment, might not this Yahoo Group traffic be seen as more of a "personal" e-mail issue, better handled on that person's home machine?

I guess I've been going about this the wrong way.  I should take the warning at its word and try and determine if the list is workable with a few whitelisted entries.

Has anyone else had any experience with similar organizations getting their mail blocked systematically by SpamCop?

There's ton loads of examples. one that comes to mind is Fred Langa and his LangaList newsletter. He was outsourcing the delivery of the newsletter to some outfit that was also hosting some spammers .. so there were numerous incidents of one newsletter going out with no problems, but the next might have thousands of rejections, based on the spam complaints from actual spam being reported in quantites such that the IP of that server made it into the BL ... and as in the Yahoo Groups scenario .. ole Fred complained bitterly about SpamCop blocking his newsletter, but ignoring all the pointers that it wasn't his newsletter, it was where his newsletter was coming from that was the issue.

Link to comment
Share on other sites

I don't have knowledge of how Yahoo manages their server farms, so I can't tell you if one server handles 30 groups or if it's more of a load sharing set-up and all outgoing traffic just goes to the least busy server ...

I think it's safe to say that each group does not have an individual IP address. The point is that if it can be realistically expected to happen (which I think it pretty evidently can), I have to deal with that situation.

... is something from a Yahoo Group actually considered "legitimate e-mail" in the view of the business you're working for/at?

Yes.

.. use of Tagging would allow users to set up filters to do with this stuff as they choose.

True enough, but we're not exploring that option now.

There's ton loads of examples.

That's worth thinking about. I haven't encountered anything other than the Yahoo! groups, and none of the services I'm using seem to block those.

Thanks for the info.

Link to comment
Share on other sites

I use Spamcop's block list, and I subscribe to two Yahoo groups, which are whitelisted.  Works well for me.

It looks like all the group traffic comes from servers named n[1-150].grp.scd.yahoo.com

Is that what you whitelisted, or did you just whitelist all of Yahoo!?

Both seem fairly reasonable to me.

Link to comment
Share on other sites

I'd like to use the SpamCop RBL (as a straight rejection tool, not as part of a weighted assessment), but I've done a bit of reading and it seems that legit mailing lists are frequently listed in the RBL. This is consistent with my experience.

This seems to be a pretty well-known phenomenon, however, so I was wondering if anyone has created a whitelist for their site to allow them to use the SpamCop RBL? (I realize these lists would be different for different sites, depending on the user base.) I don't suppose I'd be lucky enough to find that there's a central respository for this kind of thing?

Anyway, I'm not passing any sort of judgement regarding the fact that these lists (which are responsible for some spam) are added to the RBL, I'm just looking for a technical solution, and was wondering if someone else in the same boat could help me out.

Link to comment
Share on other sites

I use Spamcop's block list, and I subscribe to two Yahoo groups, which are whitelisted.  Works well for me.

It looks like all the group traffic comes from servers named n[1-150].grp.scd.yahoo.com

Is that what you whitelisted, or did you just whitelist all of Yahoo!?

Both seem fairly reasonable to me.

AFAIK, the whitelist works for the actual email FROM address. I have the FROM address for both groups on my whitelist.

Link to comment
Share on other sites

(Not sure I agree with merging this thread with the new one I was trying to start, since I was trying to get away from discussion of Yahoo! groups, since the problem is much larger than that, and this isn't going to help people searching on the whitelist issue, this thread might not get read by someone who doesn't care specifically about Yahoo! groups, etc. ...but whatever...)

As for the Yahoo! groups topic...

AFAIK, the whitelist works for the actual email FROM address. I have the FROM address for both groups on my whitelist.

Ah, I see. That makes sense if there are just a few groups to whitelist, but it doesn't solve the problem long-term and it means you have to notice/be informed of users joining new lists, which is a bit impractical in my case.

In any event, thanks for your input.

Link to comment
Share on other sites

As for the Yahoo! groups topic...

AFAIK, the whitelist works for the actual email FROM address. I have the FROM address for both groups on my whitelist.

Ah, I see. That makes sense if there are just a few groups to whitelist, but it doesn't solve the problem long-term and it means you have to notice/be informed of users joining new lists, which is a bit impractical in my case.

I note that the standard advice to enable whitelisting of ALL Yahoo Groups would be to select

Return-Path: anything-followed-by returns.groups.yahoo.com

HTH

Link to comment
Share on other sites

THe spamcop system also allows you to whitelist on any part of the right side of the address. So the following would allow larger amounts of messages through the system.

returns.groups.yahoo.com

groups.yahoo.com

yahoo.com

Link to comment
Share on other sites

(Not sure I agree with merging this thread with the new one I was trying to start, since I was trying to get away from discussion of Yahoo! groups, since the problem is much larger than that, and this isn't going to help people searching on the whitelist issue, this thread might not get read by someone who doesn't care specifically about Yahoo! groups, etc. ...but whatever...)

Then might I ask that you also join in on my request for input on the re-shaping of these Forums? http://forum.spamcop.net/forums/index.php?showtopic=1672 Yes, I'll agree that Filtering needs its own place, as there are so many variations on the theme. But I also saw your "new" Topic as just a continuation and expansion upon your 'first' Topic, so in my mind, better that folks following the development should see what had gone on to get to the point of your 'new' Topic.

Link to comment
Share on other sites

Well, in my experience, the fewer forum categories the better. At the very least, all the categories need to make sense the first time you encounter them, when you have no idea what SpamCop is or how it works, because that's the state of mind many posters are going to be in.

So, a "Why am I listed?" forum could be good, but breaking things down for more technical reasons than that is probably just going to result in a lot of moved threads, which adds to n00b confusion.

You also have to consider that these forums are not just for discussion, they are an archive of solved problems for (polite) users to look at before they ask questions. I bring this up, because if I'm searching for whitelist solutions, a thread named "Yahoo! groups" is not necessarily going to catch my eye.

Also, you can see the result was that people helped me out (quite graciously, of course) with adding Yahoo! to a whitelist, but at that point, the question was much larger (ie, is there a decent whitelist that works well in conjunction with SpamCop?).

They could have just been responding to earlier messages in the thread, but you get the idea.

(Of course, I'm not at all practicing what I preach, now that I've added all this commentary about forum configuration into this thread...oops!)

At any rate, I think I've decided that I'm trying to jam a square peg into a round hole here, so I've given up the idea of using the SpamCop RBL. It should be used to help make a decision, with something like SpamAssassin (just like the site says), but I don't think using it to flat-out reject messages is appropriate in a production environment.

If we ever get SpamAssassin (or something similar) going here, I'll be sure to use the list, but right now, it would just create problems for us.

Thanks to everyone who provided help and insight.

Link to comment
Share on other sites

Well, in my experience, the fewer forum categories the better.  At the very least, all the categories need to make sense the first time you encounter them, when you have no idea what SpamCop is or how it works, because that's the state of mind many posters are going to be in.

Are you suggesting that descriptions need to go even further?

So, a "Why am I listed?" forum could be good, but breaking things down for more technical reasons than that is probably just going to result in a lot of moved threads, which adds to n00b confusion.

Not sure I grok that entirely. But, maybe the above question repeated?

You also have to consider that these forums are not just for discussion, they are an archive of solved problems for (polite) users to look at before they ask questions.  I bring this up, because if I'm searching for whitelist solutions, a thread named "Yahoo! groups" is not necessarily going to catch my eye.

And that most of the issue of "whitelist solutions" hopefully will already be addressed in the "Whitelist FAQ" ..??

Also, you can see the result was that people helped me out (quite graciously, of course) with adding Yahoo! to a whitelist, but at that point, the question was much larger (ie, is there a decent whitelist that works well in conjunction with SpamCop?).

I have to assume a typo there ..?? looking for someone else's whitelist?

They could have just been responding to earlier messages in the thread, but you get the idea.

(Of course, I'm not at all practicing what I preach, now that I've added all this commentary about forum configuration into this thread...oops!)

and leaving me with a decision to make also on how to respond ... I don't care to "edit" someone else's post, but moving this also seems to leave it a bit out of context. .. but then again, now all this stuff is also.

At any rate, I think I've decided that I'm trying to jam a square peg into a round hole here, so I've given up the idea of using the SpamCop RBL.  It should be used to help make a decision, with something like SpamAssassin (just like the site says), but I don't think using it to flat-out reject messages is appropriate in a production environment.

First of all, "RBL" is a registered mark of MAPS, so it really shouldn't be thrown about freely. You pointed out the "experimental" description, but you keep ignoring the additional text about using it to "Tag/Filter" rather than simply "Block" ... I'm not sure I can guess why that part is skipped as part of your side of the discussion.

If we ever get SpamAssassin (or something similar) going here, I'll be sure to use the list, but right now, it would just create problems for us.

Be sure to do some searching on SpamAssassin here also before just jumping in. The SpamCop Filtered E-Mail accounts have access to that here, and there are some issues. For it to work, there's a tremendous amount of work to get it configured, trained and maintained to run that line between maximum spam stoppage and minimum false positives.

Thanks to everyone who provided help and insight.

You're certainly welcome.

Link to comment
Share on other sites

Are you suggesting that descriptions need to go even further?

No, I'm suggesting that you keep things as simple as possible. A max 2 of technical groups, one being the obvious "Why am I blocked?". The regulars here seem to be well-versed in acronyms and spam slang, but a newbie is not going to even understand the basics of how SpamCop works, and while there are ample FAQs available on the subject, you can't reasonably expect people to read them.

It's also a nuisance to regular users to divide things into too many specific forums.

I have to assume a typo there ..??  looking for someone else's whitelist?

Yes, as I said in the post that you moved, I was interested in other whitelists people had created so I wouldn't have to reinvent the wheel, since it's a known issue that SpamCop sometimes includes servers that send out mailing lists that are not spam.

You pointed out the "experimental" description, but you keep ignoring the additional text about using it to "Tag/Filter" rather than simply "Block"

I'm not ignoring it. I mention it every time.

For it to work, there's a tremendous amount of work to get it configured, trained and maintained to run that line between maximum spam stoppage and minimum false positives.

That's why we're not using it yet, although I suspect that it will be necessary in the near future.

Link to comment
Share on other sites

Yes, as I said in the post that you moved, I was interested in other whitelists people had created so I wouldn't have to reinvent the wheel, since it's a known issue that SpamCop sometimes includes servers that send out mailing lists that are not spam.

A whitelist is very specific to each user and generally can not be shared as it will increase "junk" to all the other users.

Perhaps, rather than using a dnsbl at all, you should consider hiring a company like Postini, which becomes your MX holder, receives your mail, filters it allowing each individual to set their own level of comfort and whitelist along with a corporate whitelist. I know it has been working for my company quite well.

Good luck

Link to comment
Share on other sites

A whitelist is very specific to each user and generally can not be shared as it will increase "junk" to all the other users.

I don't want to whitelist anything except that which is not spam. Mailing list traffic that people have asked for is not spam. I'm willing to accept allowing actual spam thru the door to prevent false positives.

Essentially, I want a system that blocks spam, not just stuff people don't like. Hell, I'd like to filter all the messages from some of the higher-ups here, but, y'know...

Link to comment
Share on other sites

Mailing list traffic that people have asked for is not spam.

I have received spam from the yahoo groups servers. I have even received Yahoo Groups messages which I had not subscribed to, they were spam. I reported them both to Yahoo and spamcop. I got no reply from Yahoo. I have also received Yahoo groups messages I did sign up for, they were not spam. You can not assume that just because your Yahoo group does things properly that others also do.

The Yahoo Groups servers send spam. That is what is listed on the spamcop bl.

Essentially, I want a system that blocks spam, not just stuff people don't like.

If you find evidence the spamcop system has been used to try and block stuff that someone did not like that they signed up for, present that evidence to the deputies (deputies<at>spamcop.net) and they will take care of it, possibly fining or removing the abusive user. That is not what spamcop is trying to report.

Link to comment
Share on other sites

The Yahoo Groups servers send spam.  That is what is listed on the spamcop bl.

Yes, I understand that, but using the SpamCop BL results in the blockage of list traffic that my users want, and that is unacceptable.

Link to comment
Share on other sites

My point is that one could be created if the fairly universal threshhold of "not blocking anything the users asked for" was used. It seemed somewhat likely to me that such a thing could exist, since this is a criteria often discussed among admins when choosing a BL.

In the real world, admins who choose the somewhat risky path of outright rejecting mails based on BL information deal with this tradeoff all the time. They know that such a system can never eliminate all spam, or as much spam as other systems which take more factors into account, but some of those other solutions can be prohibitive, based on hardware and other technological needs.

Since SpamCop is very good at catching spam, it didn't seem entirely unreasonable that such a thing could exist. I'll bet there are a number of people doing this independently that haven't gotten together with each other. If they did, they'd have a very useful tool, since not everyone has the luxury of waiting to see what SpamCop is blocking, and then adding it to the whitelist at that point.

Anyway, whether or not such a thing exists, it also seems likely that whomever has created it doesn't read this forum.

So, you know, moot point.

But I don't agree with your assessment that it is necessary for everyone to create their own whitelist, as long as everyone involved agrees on a basic spec.

Link to comment
Share on other sites

My point is that one could be created if the fairly universal threshhold of "not blocking anything the users asked for" was used. It seemed somewhat likely to me that such a thing could exist, since this is a criteria often discussed among admins when choosing a BL.

But how could someone know if your users asked for a specific list? That is where I am losing you. Only your users can tell you if they have asked for a specific list? Basically, you would need to have a place for your users to tell you they requested the list.

You seem to think that each server (IP) only send requested or unrequested lists. That does not even happen with all lists. And there can be multiple lists per server, even multiple companies.

Some people request porn, most people don't want it. I know that is why I stumbled on SpamCop originally, looking for a way to report the unrequested spam coming into my mailbox, especially with young children in the house.

And anytime you open a hole in a blacklist, you open the possibility for spam to come through. I know you are more worried about not blocking something requested, so perhaps you need to create and use only your own blocklist.

Link to comment
Share on other sites

IMHO, those who use the internet need to be aware of basic internet concepts. And blocking is one of them. If your users want to access Yahoo groups, let them complain to Yahoo for being irresponsible or help them deal with the spam.

Whitelisting is wishy-washy.

Miss Betsy

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...