False spam reports and ISP's supporting them?

[icarus2004]

We are having big troubles with a mayor ISP that refuses to remove false spam reports issued by their clients.

We have show them that we have all the data regarding two false reports. But they still refuses to remove the evidence. Also refuses to ask thehr cliens to check if they report the message by mistake.

We know spam is a serious problem, hard to fight and cost a lot of money, but is there anyone taking care about people that issues false spam reports and also the ISP's that supports those guys?.

Thanks

[dra007]

If that was more than a rant, then posting some details would help us help you identify the problem.

[icarus2004]

If that was more than a rant, then posting some details would help us help you identify the problem.

26057[/snapback]

Thank you for you interest.

This ISP is in Venezuela. The mails we exchanged are mostly in spanish.

The most recent case is a for subscriber that filled spam reports. We sent this ISP all the data we had and here is part of the last message

"No nos corresponde a nosotros decidir si el reporte es falso o no. Ud. no nos ha _entregado_

la evidencia (en forma de encabezados y registros de bitácoras). Sólo nos dió su palabra de

que el usuario se registró y nos indicó que le habían sacado de sus listas de distribución.

Dado que esta es la primera vez que interactuamos con Uds., su palabra nos pareció

suficiente."

Translation by google:"It does not correspond us to us to decide if the report is false or no. You are no _ given _ the evidence to us (in form of headed and logs). Only he gave his word us of which the user registered itself and he indicated to us that they had removed to him from his lists of distribution. Since this is the first time that we interacted with You, its word seemed sufficient to us."

But we actually sent them all the records we had, the subscription of the person who filled the report and the date and time he subscribed (we know all that because the mail was personalized). We ask them to request the user to rectify the spam report, but they refused. We sent the clients info, as a proof that he subscribed and told them he was removed from our mail list, and they replyed "We're happy with this response and action." ????

We replyed back and again told us they do not have any way know that spam report is false.

We had a similar problem back on december, when a client on same server sent a Chistmas card to their address book, and they said us the message was spam because it was a bulk mail sent by outlook.

The last message was personalized, so they just trust their clients, and no one can chalenge the reports.

They also clain to use spamcop and other spam fight services, but seems that they write their very own rules.

If you consider we must paste here more info, well be gald to share it as well

Thanks again

[dra007]

What you need to post is the IP in question so we can come up with original reports and other statistics.

[Jeff G.]

Also, if the report was filed through SpamCop, you can send your evidence to the Deputies via deputies<at>spamcop.net so that they can discipline the reporter.

[icarus2004]

Thank you very much, but the problem hasn't anything to do with Spamcop.

I just asked here because we were clueless on how or where to find any info regarding how to handle this problem.

I was told by our ISP that there no much to do in this situations. They are fully informed regarding the situation and will ignore the reports, because we show them all our records and actions, so we have a very fluid communications. They know we have a 15.000 members community, and we sent them mails every other month. But this ISP still supports their clients on false spam reports.

Our IP's are clean and as we know, we have never been reported at Spamcom, and hope never will. We are streamly carefull with our mails and mailing lists.

Thank you for your interest and your help

[turetzsr]

Thank you very much, but the problem hasn't anything to do with Spamcop.

26074[/snapback]

...Actually, that is not really true. Is what you write is true (and I am not doubting you, I just do not know of my own knowledge), the SpamCop reporting tool is being misused in violation of the terms of service and the people who are doing so should be asked (by SpamCop administrators) to change their behavior or forfeit their right to use the system. I hope you will report this to the SpamCop deputies, as Jeff G. (26069[/snapback]) suggested. Thanks!

[Miss Betsy]

They also clain to use spamcop and other spam fight services, but seems that they write their very own rules.

"My server, my rules" That is what many ISPs say.

However, there are some people who report spam without using spamcop. In that case there is not much that you can do except try to convince them that fighting spam is not helped by those who do not weigh the evidence carefully before acting.

You can quote them the parts of the Best Mailing Practices that you follow and point them to the sites that recommend them. The Spamcop FAQ on this subject has just been updated.

You could also send emails every month - I get an email once a month from a mailing list reminding me of how to set my preferences. Since you only email every other month, the reminder email could be every other month also - that way people don't forget.

You could also try to persuade them that other filtering methods produce many more false positives than blocklists.

And you could point to the spamcop policy of cancelling reporting privileges for those who make false reports. You could also try to contact higher management.

Good Luck

Miss Betsy

[shmengie]

FWIW: I've reported legatimate spam on purpose. I know it may not be what you want to hear, but its true. One company I manage e-mail for, when I person leaves the organization, their e-mail gets bounced to me. When those ppl sign up for news letters purposefully or not, I end up getting spammed.

Unless the link for unsubscription is clearly visible in these cases, I consider this unwanted message no better than professional spam.

Since I've recieved soo much spam in my life (4048 this year alone), that I took the time to write a program to report this unwanted by-product. However, spam-cop often does pull a few more addresses than my program, so I usually report via both spam-cop and my program.

Since this doesn't guarentee I'll stop recieving this psudo "spam", I also take the time to find the unsubscribe link as well. I hate, having to do that.

An explaination of why the person is recieving commercial e-mail should be first and an easy-out 1 click web link second, should be the can-spam policy, IMO.

[StevenUnderwood]

FWIW: I've reported legatimate spam on purpose.  I know it may not be what you want to hear, but its true.  One company I manage e-mail for, when I person leaves the organization, their e-mail gets bounced to me.  When those ppl sign up for news letters purposefully or not, I end up getting spammed.

26101[/snapback]

schmengie: You may not want to hear this, but by my interpretation, you are breaking spamcop's rules. I would treat it like you signed up for it since someone did.

To be considered spam, a message must be:

Unsolicited (I didn't request it explicitly or implicitly); and,

Bulk (the same message was sent to many people at once).

Those mailing lists were requested and it is simply the way that company handles email, and no fault of the sender, that it ends up in your mailbox. IMHO, you should do whatever is requested/required to unsubscribe from these lists, including sending an email to the list manager (since automatic removal may not be available if your message does not "come" from that user). If those requests are ignored, then I would consider reporting, the same as if you had signed up and had trouble getting off the list.

You may be putting your account at risk if one of these lists challenges your report and they have the proof it was requested.

[shmengie]

I don't intentionally use spamcop to report that type of spam.

40-50 spams a day makes shmengie a persistent reporting machine.

Sometimes get too carried away and send out a report on an associate of mine. Hate when I do that, because I then must report myself as being bad. I really wish the spam would end or be the exception rather than the norm.

I once reported one of Hanaro's replies, to my reports, as a spam to hanaro. They quit accepting my reports for a while after that

One e-mail acoc**t is hurrendously spammed. Cannot alter the server configuration, to use a blacklist I could forgo using that account, but I've used it with soo many contacts, I haven't considered that a viable option.

Because I recieve so much spam daily, I've found it difficult to use spamcop with out spending a large portion of my day. For this reason, I wrote a program which allows me to report directly to the Originating ISP of the spam... I even extended it to parse the spams and write a note to the web site ISPs referenced in the spam. This is the tool I use to report the psuedo spams. AFAIK no blacklists are involved in this method of reporting.

After I dig my way out of the stack of spams that arrive overnight, I then start submitting spams to spamcop as well as using my reporting tool. Usually spamcop and my tool are in sync with whom to report spam. But they aren't always, so I find this is slightly more thorough means to report/handle spam.

The amount of time lost in web-transit during spam reporting with spamcop is filled nicely by using my tool as well. Often the isp's recieve a couple of reports about the same spam, but none have raised an issue with me for this.

Some day, I may make this reporting tool publically available as an open-source project. But... For now, it's too kludgey for me to feel comfortable with that.

There are a few down sides too... I've recieved virus's in the mail from foriegn countries, where as that had not happened before using this tool. I suspect that I reported a spammer to himself, and he figured he'd fix my wagon and virus me. >

The amount of spam recieved has neither diminished nor increased since I started reporting with this tool. All in all, it's kind-of a wash, but the quality and volume I report has increased, so I guess it's worth the effort. I feel better, which is all that matters (to me).

A couple of days ago, I did recieve confirmation (personalized email) that a website operator who spammed me, was shut-down. That felt very good.

[yourbuddy]

Why not use Outlook 2003 and the "Junk E-mail" filter that is built in,

then you can have a happy life without spam, and without SpamCop.

[Miss Betsy]

Why not use Outlook 2003 and the "Junk E-mail" filter that is built in,

then you can have a happy life without spam, and without SpamCop.

Why not change your email address to one that is alphanumeric and be careful about where you use it? Then there is no possibility that some real email will be caught by the 'Junk email' filter and that unless you look at the folder everyday extremely carefully, you will never know you lost it.

Any system other than blocklists (and there are other blocklists than spamcop so that it is not the only one that can be used) is simply a version of JHD. It puts the responsibility and burden of spam email on the recipient instead of on the sender. The sender is the only one who can prevent spam from being sent.

Miss Betsy

[yourbuddy]

  The sender is the only one who can prevent spam from being sent.

Miss Betsy

26128[/snapback]

Ah yes, very true indeed!!, but ...

So far, they seem to have no "motivation" to stop!!

DNSBL's don't seem to work (nice try by Spamhaus and

SpamCop and others, noble ambition, but no real results).

The "automated" JHD (just hit delete) systems seem like the

only way to put the junk where it belongs. Once the spammers

realize that "almost foolproof" JHD systems are being used by

nearly everyone, only the really stupid will be reading spam.

Which seems to be their "target audience" anyway

[Miss Betsy]

only the really stupid will be reading spam.

Which seems to be their "target audience" anyway

Even the spammers don't expect, at this time, for many people to be reading spam. What is the response rate 1% or less? The problem is that they don't 'target' that 1%, but send spam to everyone whether real email addresses or not, whether they get a response or not. And all those people who don't want it are PAYING to receive it and process it.

There must be a better way.

So far, they seem to have no "motivation" to stop!!

It is obvious that there are many ISPs out there who are either incompetent (look at the ones who don't realize the problems with backscatter) or have no economic impact on their bottom line. If only a few of their customers were educated about the ways that spam could be stopped and complained - and if they didn't get reliable service, left, ISPs would start to take reasonable steps (of which blocklists are one aspect) to prevent spam and reduce false positives.

Part of the problem is that the biggest customers are probably also bulk emailers (legitimate best practices ones). And those customers want to receive /any/ unsolicited email so they don't miss a sale. It is worth it to them to pay for processing out the spam. So, in the end, as in the offline world, the big guys with the money write the rules for their convenience and profit.

Miss Betsy

[icarus2004]

Can we go back to the issue that started this thread?

Is there any way or does anyone know someone who is trying to "tag" or have a register of "false spam report supporters"? Does anyone else think this is needed?

I read here about some false reports doing on purpose, for example, does anyone else than StevenUnderwood will take serious the post of shmengie when he wrote "FWIW: I've reported legatimate spam on purpose. "????

As you can read at that post, you can find the problem is a lack of knowledge and/or a bad policy with mail handling. Why instead of forwarding former employees to you inbox, you don't set to bounce those emails? any well manage list will remove a two hard bounce consecutive address ( this is how any group mail as yahoo does). Also I'm not expert about privacy policies but, reading other people mails .... can't say it is wrong but doesn't seems to be good.

I don't think we have to ignore this kind of situations. We have to act as we do against spammers, because they damage and cause a lot of troubles. We spent a lot of time taking care about our mails, and when we were reported, we spent hours looking at our records, searching at the mail logs, writing mails, making phone calls, and who pays for this resource consumption??? no one does, as well as spammers they consume everyone else time money and resources.

I hope there are many people who think about false reports as we do and then find some solution.

[StevenUnderwood]

Also I'm not expert about privacy policies but, reading other people mails .... can't say it is wrong but doesn't seems to be good.

In a business environment, many times there is no privacy issue because the address is owned by the company. I know that is the way it is here where I work. Most of the time, the account is simply turned off, causing bounces, but recently one of our PR people left and all messages have ben transferred to another person on the staff for a few months.

This does depend on the company and situation, of course.

I also have the power and authority to search anyones email or files, but do not unless there is a specific request to do so. All this is layed out in our corporate computer use policy.

[Miss Betsy]

I hope there are many people who think about false reports as we do and then find some solution.

A blocklist that expects to be used by very many people will have policies in place to revoke users who make false spam reports - as does spamcop.

Apparently your problem is with an ISP who allows its users to mark email as spam and then builds its blocklists on that information whether for just that user or for all users, I am not certain. The only remedy for that situation is to try to convince the management of that ISP that this is a bad policy.

Other systems (like Brightmail) that use data from user reported spam may have some kind of system where a certain number of reports have to be generated. Again, I don't know what is done to prevent either false reporting or mistakes.

The bottom line is that spammers have created a bad climate for any mailing lists. There was a discussion with another mailing list manager who had /paying/ customers reporting his newsletter. IOW, they paid for the newsletter and then reported it! It would be in the best interests of mailing list managers and the internet for mailing list managers to advocate the use of a blocklist that is designed to protect legitimate bulk emailers from some of these problems and, at the same time, protect people from spam. My solution is to require bulk emailers to use the RFC header that says it is bulk email and then ask customers to whitelist any bulk email that they receive and block all other bulk email. Of course, in order to stop spammers that would mean blocking any ISP that allows customers to send bulk email without such a header. And handling all the complaints that those who are clueless would make when they got blocked. However, if there were a lot of publicity ahead of time, perhaps there wouldn't be such a big problem. That way, all competent ISPs would block all bulk email except those specifically requested by customers, allow all non-bulk email except that which was reported by customers as being bulk. It would be easy to establish that it was bulk by a nanas type reporting. The ISP responsible for allowing that bulk email to be sent without the bulk email header would have his IP address blocked - not because they are spammers, but because they don't adhere to internet convention. Any additional expense would be for bulk emailers, but not for ordinary end users.

Perhaps one of these days, it will be too expensive to deal with the spam and spam control and ISPs and bulk emailers will get together to devise a system that is responsible and works.

Miss Betsy

[Wazoo]

We are having big troubles with a mayor ISP that refuses to remove false spam reports issued by their clients.

Thank you very much, but the problem hasn't anything to do with Spamcop.

Can we go back to the issue that started this thread?

Which seems to read "nothing to do with SpamCop" ????

Is there any way or does anyone know someone who is trying to "tag" or have a register of "false spam report supporters"? Does anyone else think this is needed?

I read here about some false reports doing on purpose, for example, does anyone else than StevenUnderwood will take serious the post of shmengie when he wrote "FWIW: I've reported legatimate spam on purpose. "????

ISP's receiving the reports have the ability to challenge the reports. Rules are in place and enforced against bad reporters. Trying to "make a list of bad reporters" would seem to be something that the complaint recipient would have to try to do .. and is there time and staff available for such an effort?

I hope there are many people who think about false reports as we do and then find some solution.

Again, apparently nothing to do with SpamCop, so not sure where to steer you on this quest.

[icarus2004]

Thank you Wazoo

You are right, we were clueless and didn't know were to find any info regarding how to proceed in this kind of cases. We came and found the spamcom forum, and posted at Spamcop lounge "This forum is for discussion of pretty much anything that doesn't quite fit the other specific Help Forum categories" ... and tried to find if anyone else ever had the problem we shared here and find any possible solution to our problem.

The facts are:

There is an ISP where We had been reported by their users.

We tried to chalenge the report but they didn't accepted to review the report. The report was filled at the ISP and not at spamcop or shared with another ISP or blacklist.

They claim to use spamcop as well as other spamfight services. (here is the oly thing where spamcop is attached to this issue, does an ISP that refuses to chalenge a report, claim to use spamcop? considering that chalenge a spam report is accepted by spamcop.

Thanks

[turetzsr]

<snip>

The facts are:

There is an ISP where We had been reported by their users.

We tried to chalenge the report but they didn't accepted to review the report. The report was filled at the ISP and not at spamcop or shared with another ISP or blacklist.

<snip>

26200[/snapback]

...Ah, the light dawns! I see, now, why your wrote that this has nothing to do with SpamCop!

...In addition, I can see that it would be of interest to SpamCop users -- the actions of the ISP you describe could hurt the reputation of the anti-spam community of which we are a part. I, for one, now appreciate your having raised this question here.

...Unfortunately, I do not have a good answer for you. The best I can offer is that we all do the best we can to education such clueless ISPs whenever we find them and to try to help everyone, especially the victims of such clueless ISPs, see that not all anti-spam efforts are equal (ly thoughtless).

[Miss Betsy]

and tried to find if anyone else ever had the problem we shared here and find any possible solution to our problem.

Since most of the spamcop posters are on the receiving end rather than the sending end, you probably are not going to get much practical help here - not that people don't sympathize with you, but they just don't know what to suggest.

You might try some bulk emailing forums. I can't point you in the right direction, but I found a couple once - probably through google. Just be careful that they are legitimate bulk emailers and not spammers! <g>

Miss Betsy