Re: [GTALUG] Spam is basically dead
On 17 August 2017 at 12:54, David Collier-Brown <davec-b@rogers.com> wrote:
If they don't voluntarily agree to stop emailing me, I drop them into spamcop form below:
^u^a^c... ^p and they get their corporate email provider flagged as a spammer.
This usually gets them told there will be a fine from the provider every time they get blacklisted and have to appeal to be unlisted. That motivates them wonderfully (;-))
Please think twice before doing this. Spamcop, Spamhaus and the rest are little better than extortionists. If you have the unlucky coincidence to be on shared mail hosting with a blacklisted site, *your* mail can be blacklisted too. Tortuous interference can get very ugly (read $$$) in the courts. I had this happen at a former employer. We lost sales and communications for two days. The owner got in a foul mood, and I'm sure the last words of any well-intentioned but naive sysadmin that got within stabbing distance would have been: "We need our own mailserv...aaaargh!" cheers, Stewart
On 17/08/17 06:40 PM, Stewart Russell via talk wrote:
On 17 August 2017 at 12:54, David Collier-Brown <davec-b@rogers.com <mailto:davec-b@rogers.com>> wrote:
If they don't voluntarily agree to stop emailing me, I drop them into spamcop form below:
^u^a^c... ^p and they get their corporate email provider flagged as a spammer.
This usually gets them told there will be a fine from the provider every time they get blacklisted and have to appeal to be unlisted. That motivates them wonderfully (;-))
Please think twice before doing this. Spamcop, Spamhaus and the rest are little better than extortionists.
Spamcop.net should not be compared to the extortionist sites, nor the email vendors. It's honest, and living on a shoestring. The others are cash cows for the inherently dishonest. And note that it's the _corporate email providers_ who charge money to anyone who gets reported for spamming: that's why I used that particular example. --dave -- David Collier-Brown, | Always do right. This will gratify System Programmer and Author | some people and astonish the rest davecb@spamcop.net | -- Mark Twain
On 17 August 2017 at 19:30, David Collier-Brown via talk <talk@gtalug.org> wrote:
Spamcop.net should not be compared to the extortionist sites, nor the email vendors. It's honest, and living on a shoestring.
On a shoestring? They're part of Cisco. They run an RBL, so they can still block shared servers. I still put them on the evil side.
And note that it's the _corporate email providers_ who charge money to anyone who gets reported for spamming: that's why I used that particular example.
The RBL that blocked my former employer asked for money to get a faster resolution. That's extortion. And there's a precedent for considering RBLs tortous interference: Spamhaus vs E360, which from reading Wikipedia and Spamhaus's own coverage, you'd think Spamhaus won. They lost: the $3 symbolic damages remained. Stewart
Cisco owns IronPort, who owns spamcop, but neither provide any money to spamcop. Spamcop used to be partially supported by CES, but they bailed. Spamhaus is a different company, and is arguably evil. --dave On 17/08/17 08:48 PM, Stewart Russell via talk wrote:
On 17 August 2017 at 19:30, David Collier-Brown via talk <talk@gtalug.org <mailto:talk@gtalug.org>> wrote:
Spamcop.net should not be compared to the extortionist sites, nor the email vendors. It's honest, and living on a shoestring.
On a shoestring? They're part of Cisco. They run an RBL, so they can still block shared servers. I still put them on the evil side.
And note that it's the _corporate email providers_ who charge money to anyone who gets reported for spamming: that's why I used that particular example.
The RBL that blocked my former employer asked for money to get a faster resolution. That's extortion. And there's a precedent for considering RBLs tortous interference: Spamhaus vs E360, which from reading Wikipedia and Spamhaus's own coverage, you'd think Spamhaus won. They lost: the $3 symbolic damages remained.
Stewart
--- Talk Mailing List talk@gtalug.org https://gtalug.org/mailman/listinfo/talk
-- David Collier-Brown, | Always do right. This will gratify System Programmer and Author | some people and astonish the rest davecb@spamcop.net | -- Mark Twain
On Thu, 17 Aug 2017 21:20:07 -0400 David Collier-Brown via talk <talk@gtalug.org> wrote:
Cisco owns IronPort, who owns spamcop, but neither provide any money to spamcop. Spamcop used to be partially supported by CES, but they bailed. Spamhaus is a different company, and is arguably evil.
and, to add clearly: Spamcop does not charge money to get removed from RBL Spamcop is also not perfect, no single RBL is. For effective spam control, figure out which 10-20 of the almost 500 Public and International RBL's lists your specific spam the best. (I have included the list of known and considered 'ethical' Rbl's in the six steps :) ) Spamcop is just one RBL and, for example, Spamcop does not list twitter.com - which is probably the largest spammer that still gets spam through filters. - Yet, there are many many International RBL's that do list twitter.com for the spammers they are - so, my clients have to specifically white list twitter.com domain, if they wish to receive email from twitter.com, same can be said for facebook.com - these multinationals use/leverage emails to grow and/or engage their 'products' or 'users' or whatever they are calling them. Corporate/Institutional spam and spam from 'public' email providers like @google is still problematic. But if you configure spamassassin properly, it adds to the 'score' of incoming emails and that, together with reputation, is what stops/identifies almost all spam. Plus as you said: Report to Spamcop and other reporting rbl's :) I have many accounts and traps and the only reason those accounts still get spam is to collect data... Then, ethics: People on 'shared hosting' where the host considers themselves to be 'bullet proof' and/or ignore spam complaints - should move their hosting to an ethical provider. Clients are becoming more educated and once you point out that they are hosting in a really bad place (and maybe show them examples of the rubbish their 'host' is relaying on the Internet) in my experience eventually they move their hosting... Once ISP's start figuring out that they are actually losing clients because of poor abuse management it becomes a 'money' thing and the winners are everyone... And also, who still uses a single RBL for dropping/bouncing email? - Are there still ISP's or email admins that use any RBL for 'drop/bounce' ? RBL's should be used for 'scoring' not for bouncing.... I think this is the 'secret sauce' - to use 10+ ethical RBL's for reputation scoring - assign 'points' to each RBL (larger email providers should setup dns caching) and then to also scan the email characteristics for additional scoring...- and to allow your clients to easily white list anyone and to easily black list anyone... So, spam is basically dead :) Andre
participants (3)
-
ac -
David Collier-Brown -
Stewart Russell