Blocking senders that are whitelisted

[Alex <my...@gmail.com>]

Hi, we have a user complaining about receiving email from a solar
panel company and want us to block it. The problem is that it
originates from mailchimp, which is whitelisted.

It's my belief that mailchimp is safe to whitelist (mcsv.net).
However, what happens when an email is received that needs to be
blocked? Do you just report it?

Chances are probably good that I could click the "unsubscribe" link
and just unsubscribe the user, and will probably do that, but I'm
looking for a more general solution.

I'll also report the sender to mailchimp, but the email looks like
they're following all the rules. The sender is
expedite@iowawindandsolar.com.

Should I block the From address in postfix?

Is it possible to blacklist the From when the sender is whitelisted?

Re: Blocking senders that are whitelisted

[Alex <my...@gmail.com>]

Hi,

On Wed, Oct 4, 2017 at 11:52 AM, David Jones <dj...@ena.com> wrote:
> On 10/04/2017 10:23 AM, Alex wrote:
>>
>> Hi, we have a user complaining about receiving email from a solar
>> panel company and want us to block it. The problem is that it
>> originates from mailchimp, which is whitelisted.
>>
>> It's my belief that mailchimp is safe to whitelist (mcsv.net).
>> However, what happens when an email is received that needs to be
>> blocked? Do you just report it?
>>
>> Chances are probably good that I could click the "unsubscribe" link
>> and just unsubscribe the user, and will probably do that, but I'm
>> looking for a more general solution.
>>
>> I'll also report the sender to mailchimp, but the email looks like
>> they're following all the rules. The sender is
>> expedite@iowawindandsolar.com.
>>
>> Should I block the From address in postfix?
>>
>> Is it possible to blacklist the From when the sender is whitelisted?
>>
>
> MailChimp is a good sender that handles abuse reports properly.  Just
> unsubscribe the recipient.  If I remember correctly, they have a feedback
> option for "I never subscribed to this email" which will register a
> complaint.  Too many complaints and the sender will get banned/blocked.
>
> https://kb.mailchimp.com/accounts/compliance-tips/about-abuse-complaints
>
> MailChimp's policy is to only use opt-in lists.  If you report a sender to
> their abuse and it's found their customer was using bad lists of contacts,
> they will get banned.  I have reported some senders to MailChimp lately and
> they have handled the sender properly.
>
> I bet this user signed up for this email somehow, possibly a while ago and
> has forgotten about doing so.  So many times, when you register for accounts
> on websites, the check box to opt-in to a mailing list is already checked
> and most users don't take the time to read the page and uncheck the box
> before clicking OK/Accept.  My Mom is really bad about this and she gets a
> ton of junk in her Gmail Inbox that is technically legit.

Thanks guys, that's exactly what I did. I should have described that
more fully. I also suspect that, while this one's legitimate, chances
are the others he's reported (or thought that he reported) with his
mail client were probably just "solar panel" spam.

I also question whether it's the best idea to whitelist mailchimp and
constantcontact, etc, as well. They can't guarantee we'll never end up
whitelisting a spam.

Update: Received a response from mailchimp

"However, on review of the provided information, it doesn't appear
that the recipient email address is a match for the email address from
which you are writing to us. In order to properly investigate this
issue, we'll need to hear directly from the affected recipient."
Suppose I could forge the sender's address in their webform, since
there's no way to indicate I'm acting on the recipient's behalf. I did
successfully unsubscribe the recipient, however.

Update1: I also received a response back from the user, and they were
blocking the sending address solar@mail64.suw15.mcsv.net,
mail63.atl5.mcsv.net, etc. No surprise they were receiving multiple
copies.

Re: Blocking senders that are whitelisted

[Dave Warren <da...@hireahit.com>]

On 2017-10-04 10:26, Ian Zimmerman wrote:
> On 2017-10-04 10:52, David Jones wrote:
> 
>> I bet this user signed up for this email somehow, possibly a while ago and has
>> forgotten about doing so.  So many times, when you register for accounts on
>> websites, the check box to opt-in to a mailing list is already checked and most
>> users don't take the time to read the page and uncheck the box before clicking
> 
> Then it's not really opt-in except to a lawyer.
> 
> Sorry, I know this is beating a dead horse.
> 

In Canada, and many parts of Europe, pre-filled checkboxes no longer 
qualify as consent either unless the only purpose of the form is to 
subscribe to a mailing list.

Transactions still result in implied consent, but this is limited and 
somewhat risky to rely upon.

Your legal jurisdiction may vary, and if you rely on random mailing list 
participants for legal advice, well, you'll get what you paid for.

Nonetheless, MailChimp will honour unsubscribes and their abuse 
department is at least somewhat responsive.

Re: Blocking senders that are whitelisted

[Ian Zimmerman <it...@very.loosely.org>]

On 2017-10-04 10:52, David Jones wrote:

> I bet this user signed up for this email somehow, possibly a while ago and has
> forgotten about doing so.  So many times, when you register for accounts on
> websites, the check box to opt-in to a mailing list is already checked and most
> users don't take the time to read the page and uncheck the box before clicking

Then it's not really opt-in except to a lawyer.

Sorry, I know this is beating a dead horse.

-- 
Please don't Cc: me privately on mailing lists and Usenet,
if you also post the followup to the list or newsgroup.
Do obvious transformation on domain to reply privately _only_ on Usenet.

Re: Blocking senders that are whitelisted

[David Jones <dj...@ena.com>]

On 10/04/2017 10:23 AM, Alex wrote:
> Hi, we have a user complaining about receiving email from a solar
> panel company and want us to block it. The problem is that it
> originates from mailchimp, which is whitelisted.
> 
> It's my belief that mailchimp is safe to whitelist (mcsv.net).
> However, what happens when an email is received that needs to be
> blocked? Do you just report it?
> 
> Chances are probably good that I could click the "unsubscribe" link
> and just unsubscribe the user, and will probably do that, but I'm
> looking for a more general solution.
> 
> I'll also report the sender to mailchimp, but the email looks like
> they're following all the rules. The sender is
> expedite@iowawindandsolar.com.
> 
> Should I block the From address in postfix?
> 
> Is it possible to blacklist the From when the sender is whitelisted?
> 

MailChimp is a good sender that handles abuse reports properly.  Just 
unsubscribe the recipient.  If I remember correctly, they have a 
feedback option for "I never subscribed to this email" which will 
register a complaint.  Too many complaints and the sender will get 
banned/blocked.

https://kb.mailchimp.com/accounts/compliance-tips/about-abuse-complaints

MailChimp's policy is to only use opt-in lists.  If you report a sender 
to their abuse and it's found their customer was using bad lists of 
contacts, they will get banned.  I have reported some senders to 
MailChimp lately and they have handled the sender properly.

I bet this user signed up for this email somehow, possibly a while ago 
and has forgotten about doing so.  So many times, when you register for 
accounts on websites, the check box to opt-in to a mailing list is 
already checked and most users don't take the time to read the page and 
uncheck the box before clicking OK/Accept.  My Mom is really bad about 
this and she gets a ton of junk in her Gmail Inbox that is technically 
legit.

-- 
David Jones

Re: Blocking senders that are whitelisted

[Rob McEwen <ro...@invaluement.com>]

Alex,

(if you have the time...) You should challenge this sender to provide 
evidence that your user signed up for their messages. Tell them that it 
isn't good enough to receive an IP address and date/time-stamp. You want 
to know what action your user took to get on their distribution list. 
(then possibly share that information here and with Mail Chimp)

It could very well be that your user signed up for their services in 
some way - but either forgot - or the messages got rebranded in such a 
way that your user didn't recognize it? But it is also possible that 
they were added via a purchased list or something bad like that.

Rob McEwen
invaluement.com

On 10/4/2017 11:23 AM, Alex wrote:
> Hi, we have a user complaining about receiving email from a solar
> panel company and want us to block it. The problem is that it
> originates from mailchimp, which is whitelisted.
>
> It's my belief that mailchimp is safe to whitelist (mcsv.net).
> However, what happens when an email is received that needs to be
> blocked? Do you just report it?
>
> Chances are probably good that I could click the "unsubscribe" link
> and just unsubscribe the user, and will probably do that, but I'm
> looking for a more general solution.
>
> I'll also report the sender to mailchimp, but the email looks like
> they're following all the rules. The sender is
> expedite@iowawindandsolar.com.
>
> Should I block the From address in postfix?
>
> Is it possible to blacklist the From when the sender is whitelisted?
>

-- 
Rob McEwen
http://www.invaluement.com

Re: Blocking senders that are whitelisted

[Kris Deugau <kd...@vianet.ca>]

Alex wrote:
> Hi, we have a user complaining about receiving email from a solar
> panel company and want us to block it. The problem is that it
> originates from mailchimp, which is whitelisted.

I don't consider ESPs to be collectively or individually "white" enough 
to whitelist all mail sent through them.  I've seen spam from pretty 
much all of them once in a while.

I *do* whitelist individual senders, just not the sending organizations.

> It's my belief that mailchimp is safe to whitelist (mcsv.net).

And rsgsv.net, and mcdlv.net.

> However, what happens when an email is received that needs to be
> blocked? Do you just report it?

If a customer reports something as spam that is otherwise generally 
legitimate, I'll first recommend they try unsubscribing.

If they report they continue to receive mail long after unsubscribing, 
I'll generally report a message or two to the ESP, and recommend the 
customer add a mail filtering entry to block the message.  In our case, 
that's checked by our glue layer that calls SA;  if there's a match 
there SA never sees the message in the first place.

> Should I block the From address in postfix?

Only if you want to block this sender from all of your users.

> Is it possible to blacklist the From when the sender is whitelisted?

Not easily.  You could tinker with the scores for USER_IN_WHITELIST* and 
USER_IN_BLACKLIST so that one outweighs the other, but then what do you 
do when someone wants mail flow to balance the other way?

You could also use def_whitelist_* instead of whitelist_* in your 
systemwide definitions, but I have been bitten by a couple of odd cases 
where that was ineffective for some reason.  For the systems I work 
with, simply bypassing SA in the first place is the simpler solution.

-kgd