Related Posts

How to be a spammer

JD had a comment on my Valentines day semi-fluff post, that really summed up the reality for senders. He said

Read More

Yahoo and Spamhaus

Yahoo has updated and modified their postmaster pages. They have also put a lot of work into clarifying their response codes. The changes should help senders identify and troubleshoot problems without relying on individual help from Yahoo.
There is one major change that deserves its own discussion. Yahoo is now using the SBL, XBL and PBL to block connections from listed IP addresses. These are public blocklists run by Spamhaus. Each of them targets a different type of spam source.
The SBL is the blocklist that addresses fixed spam sources. To get listed on the SBL, a sender is sending email to people who have never requested it. Typically, this involves email sent to an address that has not opted in to the email. These addresses, known as spamtraps, are used as sentinel addresses. Any mail sent to them is, by definition, not opt-in. These addresses are never signed up to any email address lists by the person who owns the email address. Spamtraps can get onto a mailing list in a number of different ways, but none of them involve the owner of the address giving the sender permission to email them.
Additionally, the SBL will list spam gangs and spam supporters. Spam supporters include networks that provide services to spammers and do not take prompt action to remove the spammers from their services.
The XBL is a list of IP addresses which appear to be infected with trojans or spamware or can be used by hackers to send spam (open proxies or open relays). This list includes both the CBL and the NJABL open proxy list. The CBL list machines which appear to be infected with spamware or trojans. The CBL works passively, looking only at those machines which actively make connections to CBL detectors. NJABL lists machines that are open proxies and open relays.
The Policy Block List (PBL) is Spamhaus’ newest list. Spamhaus describes this list as

Read More

Senders need to take responsibility

Having just returned home from another conference, my head is full of new ideas, new thoughts and new projects. I enjoy seeing old friends, making new contacts and sharing ideas. One thing I don’t enjoy, though, is listening to senders and marketers complaining about how hard it is to be a sender because the ISPs will not tell them what standards they need to meet.
If the ISPs would just tell us what they want us to do, we’ll do it.

The ISPs have told senders what they want them to do. They want senders to stop sending mail that their users don’t want. It is a very simple statement.
Stop sending spam.

For many senders, however, it’s not enough. “Tell us exactly what we need to do to stop sending spam. What complaint rates must we be under? What bounce rates do we have to be under? How do you want us to do this?” By this point in the conversation the ISP person is mentally rolling their eyes and looking for a way to escape the conversation.
The ISPs don’t want to tell senders how to behave, they want senders to start behaving. Stop sending spam should be all they need to tell senders.
Senders who ask for ISPs to tell them how to stop sending mail recipients think is spam are looking for specific thresholds they can stay under. They’re not really interested in actually sending wanted mail, they’re interested in sending good-enough mail, where good-enough mail is simply mail that gets to the inbox.
Want to know why ISPs don’t think much of many senders? Because the senders are not visibly taking any stand against abuse. I know there are a lot of senders out there who stop a lot of spam from ever leaving their systems, but there’s also a lot of unwanted mail that goes out, too. Some of that mail is even spam by any definition of the word. All the ISPs can see is the spam that gets through, and then they hear just tell us what to do and we’ll do it. From an ISP perspective, this means the senders only care about the thresholds and getting in under the ISPs’ radars.
Senders need to take more responsibility for the mail that goes out over their networks.
What do I mean by this? I mean senders need to stop waiting for the ISPs to define good practices. Senders need to implement standards and good practices just because they’re good practices, not because the ISPs are dictating the practices. Senders need to stop customers from doing bad things, and dump them if they won’t stop. Senders need to stop relying on ISPs for specific answers to why mail is being blocked. Senders need to take responsibility for the mail going across their networks.
It’s time for senders to grow up and stop relying on others for guidance. They shouldn’t implement good practices just because the ISPs tell them to, but instead should implement good practices because they are good practices.

Read More