just another misgiuded rant

[PaulCoddington]

Moderator Edit: This post (and a bit of the following discussion) was split out from the "Resolved back in February" Topic it was posted into. Then moved into the Lounge as the more appropriate place for the rant.

Sorry, but there are no 'innocent victim's of spamtraps. Spamtrap addresses have NEVER sent e-mail and therefore CAN NOT POSSIBLY have solicited any mail. All mail to spamtraps is, by definition, unsolicited. All IPs sending mail to them are, by definition, 'guilty' of sending unsolicited mail. That's why they are weighted heavily in the SpamCop lgorithm.

No, this is not true. Innocent bystanders are held hostage by SPAMCOP blacklisting their domains in an attempt to offload the task of pressuring ISPs to take corrective action.

If the ISP cannot correct (or will not correct) the default behaviour of their servers, it is left to the innocent party (the owner of the domain who has no control over the ISP) to play ISP-transfer-roulette until they find an ISP that SPAMCOP approves of. As it is expensive and time consuming to transfer providers, and this cannot be done frequently (as there are time limits imposed), and there is no guarantee of success in any case, this expectation is not reasonable.

Accordingly, SPAMCOP should not be blocking IPs that have misdirected bounces to spam traps, or that have been randomly spoofed by spammers, as this is doing harm. It is a fundamental error to assert that all users of the Internet manage their own servers, and it is hypocritical to suggest that bounces are offloading the task of filtering to others, while offloading the task of policing ISPs to end users.

Under these circumstances, the only appropriate response to spurious listing (after requesting the ISP to resolve the alleged issue of bounced e-mail, for which the end user is provided with no evidence and over which the end user has absolutely no control) is to report SPAMCOP to the appropriate authorities and their hosting provider and to provide a disclaimer on one's own website regarding SPAMCOPs tendency to block innocent parties. Also, it is appropriate to inform administrators, who are using SPAMCOP to filter e-mail, that spurious listing has occurred, explain the problems encountered attempting to resolve it, and to request white listing of the domain in question, whenever an e-mail rejection notice is received.

I appreciate the effort put into SPAMCOP, particularly that of volunteers, and I do respect it's goals, but some policies are clearly aggressive to the point of harm. Responsibility for these problems cannot be simply dismissed by claiming "the spammers made us do it", as some have done.

[Telarin]

Sorry, no. I have every right to decide what email enters my system. Having received over 1000 misdirected bounces in a single day before, I find spamcop VERY effective in preventing these kind of cripling bounce attacks.

However, the fact is, spamcop itself recommends using their list for redirecting and tagging emails as spam rather than outright blocking, however, the implementation is ultimately up to the ISP using the list.

All spamcop does is provide a list of servers currently sending spam, nothing more, nothing less. And yes, misdirected bounces ARE spam. Feel free to suggest to admins that they not use the list, but I'm betting most will either politely accept your suggestion and continue using the list, or will tell you just what you can do with your suggestion.

It costs even a small ISP thousands of dollars every month to accept, process, store, and deliver spam. Using blocklists like spamcop allows them to avoid all those costs, their only cost is for the initial connection, which is trivial.

If your ISP keeps getting blocked and can't provide you with reliable mail service, find another ISP. If you're under contract, I'm betting you could get out of it with a decent lawyer on the grounds that they are not providing the service you are paying for. Or keep your ISP and simply use a more reliable mail service. Hotmail is fairly reliable, they rarely get their servers listed, and I'm sure there are countless other services that manage the "impossible" task of regulating what they spew to the internet.

[dra007]

spam has become such a massive problem that no ISP that willingly supports it and/or is not proactive about it, is innocent. Innocent and victims are us who have to resort to additional services and report hundreds of spams daily just to filter our inboxes of illegal pils, porn mortgage quotes and yes, countless bounces from misconfigured servers. If you expect any sympathy from us you came to the wrong place.

[Wazoo]

No, this is not true. Innocent bystanders are held hostage by SPAMCOP blacklisting their domains in an attempt to offload the task of pressuring ISPs to take corrective action.

There isn't much sense in responding to the rest of your post, as you start off on the wrong foot.

The SpamCopDNSBL only lists identified IP Addresses that "meet the math" ... Domain does not enter the equation.

The 'reason' for listing in the SpamCopDNSBL is for the use of SpamCop.net e-mail account holders as a tool to manage/handle incoming and unwanted e-mail.

However, access to the SpamCopDNSBL for others has been granted. It should also be noted that SpamCop.net itself recommends against using that list in a blocking fashion. It would appear that it is this part of the plan that has you upset ... yet ranting here about the actions of other ISPs isn't really going to gain you much ...

PM sent to advise of the split/movement of the Topic starting post and following dialog.

[PaulCoddington]

There isn't much sense in responding to the rest of your post, as you start off on the wrong foot.

The SpamCopDNSBL only lists identified IP Addresses that "meet the math" ... Domain does not enter the equation.

Meet the math? According to your reports, it only takes 3 bounces per week to meet the math! Domain does enter the equation as it is attached to an IP address - if you block an IP address, you may be blocking e-mail for an entire domain. Besides, this is not an argument about semantics, and you know it.

I understand that you have labelled this a 'rant' as a straw man argument. Yet everything I have said is based on the following facts:

1. Your list has been used to block a site which is not spamming, has never spammed, and never will spam, on the basis of a maximum of only 3 hits of bounced messages to a spam trap. Putting aside the question of whether this can be forged, you have exceeded your role, which is to notify the server administrator, not to block legitimate mail from the end-user (by encouraging others to do so).

2. You have made it clear, in your FAQ, that there is no appeal process.

3. You have designed your website to be convoluted, needlessly wordy, and full of circular links and dead-ends which make it difficult and frustrating to pursue a complaint, and this would appear deliberate.

4. Your forum members hide behind pseudonyms and your domain has no listed contacts.

5. You have made it clear, in your FAQ, that you subscribe to "How to Ask Questions the Smart Way" (an infamous document of dubious merit and one of the most stupid and offensive articles I have read in some time) used by some discussion groups to "justify" the abusive behaviour of their members by pretending that it is "intelligence" behind their childishness and that only "losers" are offended ("Emperor’s New Clothes" is no substitute for professionalism).

6. The attitudes described in point 5 have at times, pervaded your forums (the title for this thread is a good example).

All of the above points reflect very badly on spam Cop, and leave it open for adverse publicity and legal action, so why not be reasonable? According to your own website, you used to be.

"It should also be noted that SpamCop.net itself recommends against using that list in a blocking fashion."

This raises the question as to whether the list is categorised into sites that should be blocked and those which should be flagged. If not, then of course innocent sites will be blocked as noone is going to merely flag email from known (real) spammers. Also, I find it ironic that the list is used to bounce e-mail back to sender with a rejection notice (I may be wrong in assuming that these can also be misdirected).

[PaulCoddington]

spam has become such a massive problem that no ISP that willingly supports it and/or is not proactive about it, is innocent. Innocent and victims are us who have to resort to additional services and report hundreds of spams daily just to filter our inboxes of illegal pils, porn mortgage quotes and yes, countless bounces from misconfigured servers. If you expect any sympathy from us you came to the wrong place.

I have come back from breaks to find 60,000+ spam messages in my box, before I moved to a provider with a filtering service.

So what are you implying by your comment? I'm already being victimised by idiots who think that a spurious entry in spam Cop is authoritative evidence that I am a spammer. In truth, I exchange only a few e-mails a week. I don't even use mailing lists.

I mean, don't you have anything better to do with your time than try to inflame an issue and pick fights with innocent strangers? I guess hiding behind a psuedonym means never having to be embarressed about what you say.

[PaulCoddington]

Sorry, no. I have every right to decide what email enters my system. Having received over 1000 misdirected bounces in a single day before, I find spamcop VERY effective in preventing these kind of cripling bounce attacks.

If you are an ISP, your customers may leave you if you continue to block legitimate mail from their friends and/or business contacts. You will have trouble pursuading anyone that loss of legitimate mail is acceptable collatoral damage.

However, the fact is, spamcop itself recommends using their list for redirecting and tagging emails as spam rather than outright blocking, however, the implementation is ultimately up to the ISP using the list.

Perhaps, but does that list distinguish listings by cause? Can an ISP choose to block known spammers and flag minor offences that are at best 'under suspicion - not confirmed'? Or are they forced to block everyone? Obviously some IPs have to be blocked, but not all. If the list does not make it possible to distinguish targets, then perhaps it should. It is the structure of the list that decides the policy as no-one is going to merely flag email under the circumstances (there is too much spam to flag it).

All spamcop does is provide a list of servers currently sending spam, nothing more, nothing less. And yes, misdirected bounces ARE spam. Feel free to suggest to admins that they not use the list, but I'm betting most will either politely accept your suggestion and continue using the list, or will tell you just what you can do with your suggestion.

Actually, my recipients and I are asking them to whitelist my mail server on a case by case basis until my provider resolves the problem - however, they are also taken in by the 'mud sticks' approach that assumes spam Cop is infallible. Logic does not work with such people. It is like a case where someone once accused a teacher of being a pedophile - by the time it was determined that the complainant was a nutcase ("he must be a pedophile because he carries an unbrella, and carrying an umbrella means he's a homosexual, and all homosexuals are child molesters"), that man's life was already destroyed (and people would still believe the accusation regardless).

spam Cop must avoid defaming innocent people by listing them as spammers when they are clearly not. Redefining the meaning of words to include them is... well, it speaks for itself, doesn't it.

It costs even a small ISP thousands of dollars every month to accept, process, store, and deliver spam. Using blocklists like spamcop allows them to avoid all those costs, their only cost is for the initial connection, which is trivial.

All the more reason to have accurate lists that do not trap legitimate mail. If you are bouncing legitimate mail you are missing the point of having a mail server (it does not exist merely to reject spam - although one could be forgiven for feeling that way at times).

Try telling users that important mail has been thrown away to save you money - and they'll look at all the spam they are still getting and wonder why they are paying you to cover your expenses when they are getting nothing in return.

If your ISP keeps getting blocked and can't provide you with reliable mail service, find another ISP. If you're under contract, I'm betting you could get out of it with a decent lawyer on the grounds that they are not providing the service you are paying for. Or keep your ISP and simply use a more reliable mail service. Hotmail is fairly reliable, they rarely get their servers listed, and I'm sure there are countless other services that manage the "impossible" task of regulating what they spew to the internet.

Err.. all Hotmail addresses are usually automatically blocked by almost everybody, as is the case with Yahoo and similar services. I only use my hotmail for public posts to let that be harvested by spammers - I can't send anyone mail from it and expect it to arrive unless I know I'm whitelisted at the other end. And last time I transfered providers, there was a requirement that domains could only be transferred within an elapsed time period. Again, this is ISP roulette played to cave into people who are blocking legitimate mail, which is unacceptable because I am not the cause of the problem.

And that is the key - people can talk about the problem of spam forever, and play around with the definition of the word spam as much as they like, but none of this addresses the core problem - innocent people are being labelled as spammers and legitimate mail, that has been paid for at both ends, is being blocked.

[dra007]

Oh boy, how quickly a misguided ranter changes into a munchkin troll...and does so hiding behind such pompous language...yet so misinformed...

I think this rant perhaps should be closed with a resoved tag! Moderators?

[Telarin]

Ok, at the risk of trolling...

If you are an ISP, your customers may leave you if you continue to block legitimate mail from their friends and/or business contacts. You will have trouble pursuading anyone that loss of legitimate mail is acceptable collatoral damage.

If users stubornly refuse to leave their ISPs because their mail is being blocked by recipient ISPs, I doubt many of the people on the receiving end (or failing to receive end as the case may be) would refuse to leave either. Especially if said receiving ISP offered reasonable white-listing abilities. However, this can be argues both ways all day long, but since neither of us has any real numbers, such arguments would be useless.

Perhaps, but does that list distinguish listings by cause?

No, spamcop listings are all for the same reason, an IP address has been confirmed sending a particular percentage of unsolicited email. Spamcop is an automated system, so trying to divide these up into different flavors of unsolicited would be both pointless, and very time consuming since most of the division would have to be done manually.

Can an ISP choose to block known spammers and flag minor offences that are at best 'under suspicion - not confirmed'? Or are they forced to block everyone? Obviously some IPs have to be blocked, but not all. If the list does not make it possible to distinguish targets, then perhaps it should. It is the structure of the list that decides the policy as no-one is going to merely flag email under the circumstances (there is too much spam to flag it).

An ISP can choose to block or flag whatever it pleases using whatever criteria it determines to be effective. Many ISPs block email only if it is on the SCBL AND another list, some block based solely on the SCBL, still others may flag email from the SCBL, and block from another list. Configuration of the MTA is soley at the discretion of the ISP.

spam Cop must avoid defaming innocent people by listing them as spammers when they are clearly not. Redefining the meaning of words to include them is... well, it speaks for itself, doesn't it.

You repeatedly claim that you are innocent, however, so far in this discussion you have not provided any evidence to support that. You have followed these claims of innocence with claims that your listing has been caused by spamtrap hits, which would seem to contradict such claims of innocence. By definition, any email send to spamtraps is unsolicited, as these addresses are unpublished and have NEVER sent any outgoing email.

Try telling users that important mail has been thrown away to save you money - and they'll look at all the spam they are still getting and wonder why they are paying you to cover your expenses when they are getting nothing in return.

Thanks for the suggestion, however, having reduced the spam received in my users inboxes to <2 messages per day at the cost of the very rare blocked legitimate email, I have not had this problem. Email filtering offers its own problems, as it is far more likely for a message to get lost among several hundred messages in a bulk-mail folder without the sender ever knowing. Using rejection instead of filtering, a sender knows immediately that a message did not go through and can find alternate means of communication.

all Hotmail addresses are usually automatically blocked by almost everybody, as is the case with Yahoo and similar services.

Really? I don't think I have ever had my hotmail address blocked by anyone. Do you have any data to back up this claim?

And last time I transfered providers, there was a requirement that domains could only be transferred within an elapsed time period. Again, this is ISP roulette played to cave into people who are blocking legitimate mail, which is unacceptable because I am not the cause of the problem.

I'm not sure what you are trying to say here. When you talk about transferring domains, are you referring to moving your hosting or your registration. The registrar and webhost are not necessarily the same entity. In fact, it is usually good practice to pick a registrar that is seperate from your webhost to make transferring hosting much easier, since YOU have control over the listed DNS servers rather than your host.

Noone is saying YOU personally are the cause of the problem. Unfortunately, again, no data has been provided, so we could only guess at the specific cause of the problem. The most likely causes are spam, or misdirected bounces, both of which fall squarely under your ISPs responsibility.

I have come back from breaks to find 60,000+ spam messages in my box, before I moved to a provider with a filtering service.

Wow, sounds like you need better filtering at your MTA or UA. You might want to consider using a blocklist or two

[dra007]

Wow, sounds like you need better filtering at your MTA or UA. You might want to consider using a blocklist or two

I suggest using spampal....free to download, and based on SCBL as well as other countless and configurable lists ..it does wonders to my inbox, and makes it easy to report the spam in bulk...

[PaulCoddington]

Oh boy, how quickly a misguided ranter changes into a munchkin troll...and does so hiding behind such pompous language...yet so misinformed...

I think this rant perhaps should be closed with a resoved tag! Moderators?

I can see that I have fallen into the trap of wrestling in mud with pigs. One that was deliberately set.

Please do not block my server again, or I will pursue action with the appropriate authorities (and I will have archived this thread before you can delete it, and I will use it as evidence against you).

It is sad to see such an excellent idea degenerate into such vile vigilantism.

[dra007]

me? block? No such thing, the ISP you are sending to has chosen to use SCBL in blocking fasion to prevent spam spewing from your IP. Have you even attemting to broaden your knowladge/understanding by coming here? No evidence of that yet.

[Wazoo]

I can see that I have fallen into the trap of wrestling in mud with pigs. One that was deliberately set.

????? You chose to post into the wrong Forum section, ignoring the documented Titles and descriptions of each section. You have chosen not to provide any specific data to allow anyone to do any research. You have now dropped to offering up a cartooney against the defined user-to-user base of volunteers ...????

You make noise about convoluted and dead links, yet again, offer no specifics. There is the original/official FAQ at www.spamcop.net, there is the single-page-access version existing within this Forum, there have been other forms of a FAQ offered up but died due to lack of participation in building those FAQ lists, and there is now the SpamCopWiki available ... where are the bad/dead links?

You can't find "contact data" .. yet I see FAQ entries titled "How to Contact ..." ....The last entry with that data is titled "Not finding the Help you need?" ...... some sort of language issue involved here? Domain registration has contact data that works.

Please do not block my server again, or I will pursue action with the appropriate authorities (and I will have archived this thread before you can delete it, and I will use it as evidence against you).

Deleted? Take a look at the previous rants from others as misguided as yourself. They are still here.

Any future listings in the SpamCopDNSBL would be based on the same information already provided that you somehow managed to work out to "just three messages" (????)

It is sad to see such an excellent idea degenerate into such vile vigilantism.

Fools are not suffered well here. Had you provided something to work with, this might have been a "technical" discussion ... you are the one that started with a rant, and have yet to move on ...

[Wazoo]

Please delete my account and profile from both your forum and your website.

(You no longer have my permission to store my personal details).

Gee, I'm sorry .... you brought up the cartooney first. Here, I'll play your game ... the existing data has been archived off in preparation of your lawsuit.

[StevenUnderwood]

This raises the question as to whether the list is categorised into sites that should be blocked and those which should be flagged. If not, then of course innocent sites will be blocked as noone is going to merely flag email from known (real) spammers. Also, I find it ironic that the list is used to bounce e-mail back to sender with a rejection notice (I may be wrong in assuming that these can also be misdirected).

The blocking or flagging is up to the administrator utilizing the list as it is their server, their rules.

Spamcop suggests flagging is the appropriate action for using it's list.

If it is a true rejection and not an accept/bounce, then the only way it could be redirected is if a server is blindly accepting email, and it will be that server which could be reported for spamming. A true rejection is done during the SMTP process and would be generated by the SENDING server to the usesr of that server which sent the message.