You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Charles Gregory <cg...@hwcn.org> on 2010/01/05 23:32:33 UTC
Re: [sa] Re: semi-legit senders in DNSWL and habeas - a hard
problem
On Tue, 5 Jan 2010, J.D. Falk wrote:
: On Jan 5, 2010, at 10:10 AM, Greg Troxel wrote:
: > Once again I went to returnpath and senderscorecertified's web pages,
: > and found no link to an email address to report being spammed by one of
: > their customers.
: Is the font size for "Contact Us" and "Support" too small?
I keep seeing the complaint, and this response, so I thought I would take
a look, and indeed, the one form under 'Contact Us' appears to be for
general inquiries, and not for spam complaints, and includes the
significant deterrent of requiring large amounts of personal/corporate
information.
My suggestion: Setup a link/page that provides for rapid reporting by
pasting an offending e-mail without a bunch of form-filling. Just use a
captcha to avoid poisoning.... :)
- C
Re: semi-legit senders in DNSWL and habeas - a hard problem
Posted by Charles Gregory <cg...@hwcn.org>.
On Tue, 5 Jan 2010, Michael Scheidell wrote:
: > My suggestion: Setup a link/page that provides for rapid reporting by
: > pasting an offending e-mail without a bunch of form-filling. Just use a
: > captcha to avoid poisoning.... :)
: > - C
: or an industry standard, RFC REQUIRED abuse@ address.
Well, I'm trying to be flexible here, and you have to realize that an
'abuse@' address can be badly abused at large companies. I can actually
see the logic where if it is made too *easy* to forward a complaint to
abuse@ then people adopt the attitude of forwarding *all* the mail
that they don't like, even if it is not really spam, and with no effort to
determine the actual originating system.
I am lucky enough to get very few complaints here, so I can read them all
personally. But even so, the majority of them are people complaining
about spam that merely has *spoofed* our domain name in the From header.
Forcing people to use a web form may be 'non-compliant' to RFC, but it
puts some thought into the process, and makes people think twice about
reporting the one 'invite' out of many that they "didn't want".
But the forms at returnpath are uber unfriendly. They need a quicker
simpler form. Otherwise, as they sit, it honestly looks like they are
trying to discourage reports by making them *too* difficult.
- C
Re: [sa] Re: semi-legit senders in DNSWL and habeas - a hard problem
Posted by "J.D. Falk" <jd...@cybernothing.org>.
On Jan 5, 2010, at 3:52 PM, Michael Scheidell wrote:
> or an industry standard, RFC REQUIRED abuse@ address.
>
> Section 1 of RFC2142
abuse@ works, but it isn't the fastest method for reaching the correct team.
What I think a lot of y'all are missing is that we have more than one product, and (unfortunately) a lot of legacy domain names, so anything sent to abuse@ goes into a general queue which gets sorted later. Neil and I have been trying to give you the fastest method for resolving issues, but if you'd rather take it slow... *shurg*
One of the things I've noticed about the anti-spam community over the years is that we'll always heap way more abuse on anyone who is willing to listen than we do on the spammers who aren't listening at all. That's never a good idea, because it chases away people who might otherwise be listening -- or even helping.
(Oh BTW, take a look at the acknowledgements section of RFC 2142.)
--
J.D. Falk <jd...@returnpath.net>
Return Path Inc
Re: [sa] Re: semi-legit senders in DNSWL and habeas - a hard problem
Posted by Michael Scheidell <sc...@secnap.net>.
O
> My suggestion: Setup a link/page that provides for rapid reporting by
> pasting an offending e-mail without a bunch of form-filling. Just use a
> captcha to avoid poisoning.... :)
>
> - C
>
or an industry standard, RFC REQUIRED abuse@ address.
Section 1 of RFC2142
However, if a given service is offered, then the associated mailbox
name(es) *must* be supported, resulting in delivery to a recipient
appropriate for the referenced service or role.
--
Michael Scheidell, CTO
Phone: 561-999-5000, x 1259
> *| *SECNAP Network Security Corporation
* Certified SNORT Integrator
* 2008-9 Hot Company Award Winner, World Executive Alliance
* Five-Star Partner Program 2009, VARBusiness
* Best Anti-Spam Product 2008, Network Products Guide
* King of Spam Filters, SC Magazine 2008
_________________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.spammertrap.com
_________________________________________________________________________
Re: semi-legit senders in DNSWL and habeas - a hard problem
Posted by Kai Schaetzl <ma...@conactive.com>.
Charles Gregory wrote on Wed, 6 Jan 2010 12:20:33 -0500 (EST):
> Because I was getting several M$ Outhouse correspondents complaining that
> my messages (using the 'standard' '>') were 'difficult to read'.
> I could never get them to explain exactly how/why they were difficult to
> read. It was like they were seeing something completely different with
> bits of text missing. Not just word-wrapped..... They were very insistent
> that I top post rather than use (to me) standard quote-reply method...
The reason are not the ">", but the fact that these morons are only used to
the crappy way that Outlook quotes. It makes no difference for them what
character you use, it's the basic way of quoting.
Kai
--
Get your web at Conactive Internet Services: http://www.conactive.com
Re: semi-legit senders in DNSWL and habeas - a hard problem
Posted by Christian Brel <br...@copperproductions.co.uk>.
On Wed, 6 Jan 2010 14:06:23 -0800
"jdow" <jd...@earthlink.net> wrote:
> From: "Kai Schaetzl" <ma...@conactive.com>
> Sent: Wednesday, 2010/January/06 13:03
>
>
> > Jdow wrote on Wed, 6 Jan 2010 10:40:14 -0800:
> >
> >> Actually, Charles, this is a VERY good reason I'd use to justify
> >> changing my quote character to something goofy like % or # or
> >> even ; just to annoy the anal retentive types.
> >
> > First, to clarify, it was Charles who sent this to the list, not me.
> > Second, I see, RFC-compliance is "anal-retentive".
> >
> > Kai
>
> It's a Request For Comment, not a rule or law. Using something
> different would be my comment.
>
> {^_^}
>
Oh dear. *plonk*
Re: semi-legit senders in DNSWL and habeas - a hard problem
Posted by jdow <jd...@earthlink.net>.
From: "Kai Schaetzl" <ma...@conactive.com>
Sent: Wednesday, 2010/January/06 13:03
> Jdow wrote on Wed, 6 Jan 2010 10:40:14 -0800:
>
>> Actually, Charles, this is a VERY good reason I'd use to justify changing
>> my quote character to something goofy like % or # or even ; just to annoy
>> the anal retentive types.
>
> First, to clarify, it was Charles who sent this to the list, not me.
> Second, I see, RFC-compliance is "anal-retentive".
>
> Kai
It's a Request For Comment, not a rule or law. Using something different
would be my comment.
{^_^}
Re: semi-legit senders in DNSWL and habeas - a hard problem
Posted by Kai Schaetzl <ma...@conactive.com>.
Jdow wrote on Wed, 6 Jan 2010 10:40:14 -0800:
> Actually, Charles, this is a VERY good reason I'd use to justify changing
> my quote character to something goofy like % or # or even ; just to annoy
> the anal retentive types.
First, to clarify, it was Charles who sent this to the list, not me.
Second, I see, RFC-compliance is "anal-retentive".
Kai
--
Get your web at Conactive Internet Services: http://www.conactive.com
Re: semi-legit senders in DNSWL and habeas - a hard problem
Posted by jdow <jd...@earthlink.net>.
From: "Charles Gregory" <cg...@hwcn.org>
Sent: Wednesday, 2010/January/06 09:20
> On Wed, 6 Jan 2010, Kai Schaetzl wrote:
> : just wanted to inform you that ">" is the only official quote marker.
>
> Deep sigh..... Do you know why I changed it?
>
> Because I was getting several M$ Outhouse correspondents complaining that
> my messages (using the 'standard' '>') were 'difficult to read'.
> I could never get them to explain exactly how/why they were difficult to
> read. It was like they were seeing something completely different with
> bits of text missing. Not just word-wrapped..... They were very insistent
> that I top post rather than use (to me) standard quote-reply method...
>
> I haven't confirmed it yet, but after reading a few notes on the web, I
> was testing the possibility that Outhouse was incorrectly attempting to
> parse the '>' as an HTML marker and mangling my messages.....
>
> But if this is really messing up people (or software) on this list, I'll
> put it back to '>'...
Actually, Charles, this is a VERY good reason I'd use to justify changing
my quote character to something goofy like % or # or even ; just to annoy
the anal retentive types.
{^_-}
Re: semi-legit senders in DNSWL and habeas - a hard problem
Posted by Charles Gregory <cg...@hwcn.org>.
On Wed, 6 Jan 2010, Kai Schaetzl wrote:
: just wanted to inform you that ">" is the only official quote marker.
Deep sigh..... Do you know why I changed it?
Because I was getting several M$ Outhouse correspondents complaining that
my messages (using the 'standard' '>') were 'difficult to read'.
I could never get them to explain exactly how/why they were difficult to
read. It was like they were seeing something completely different with
bits of text missing. Not just word-wrapped..... They were very insistent
that I top post rather than use (to me) standard quote-reply method...
I haven't confirmed it yet, but after reading a few notes on the web, I
was testing the possibility that Outhouse was incorrectly attempting to
parse the '>' as an HTML marker and mangling my messages.....
But if this is really messing up people (or software) on this list, I'll
put it back to '>'...
- C
Re: semi-legit senders in DNSWL and habeas - a hard problem
Posted by Charles Gregory <cg...@hwcn.org>.
On Tue, 5 Jan 2010, Gene Heskett wrote:
: The bottom line is that they are still spammers. Filter 'em.
About that.....
A principle needs to be discussed here: Prohibition does not work.
The way to gain cooperation from 'big business' that *does* want to 'spam'
is to find ways to keep them happy and thinking that they are gainnig
sufficient 'benefit' from this amazing marketing tool called the internet.
And let's be honest with ourselves. Big business is what has *paid* for
this internet, so that you and I can send e-mails around the globe for a
ridiculously small price.
If we 'prohibit' all e-mail advertising, we drive the 'needs' of ALL big
business into an 'underground' that will *struggle* with all its corporate
power to get its spew into every mailbox, and most likely in clever 'off
shore' methods that are even *worse* than what we endure now.
The 'trick' of spam filtering is that there are thousands of people who
are too stupid or gullible to think spam is 'bad' and *welcome* the
advertising of 'legitimate' big business. They WANT this crap. They
willingly and knowingly subscribe to it! And naturally, these are the
people that bug business MOST wants to reach with their spew.
So the principle is, if they both want it, we need to find mechanisms that
HELP that happen, so that they don't fight to get around 'general'
anti-spam filtering, but are content to be given 'special exception' to
get their mail to the people who WANT it. Emphasize, absolutely WANT it.
By cooperating, and doing the job well, we can hope to then gain *their*
cooperation, so that they follow the 'easy path' we give them, and only
'spam' the people who want it.
Now to be fair, there is always the business that wants to see how far
they can 'push' the rules. Every business WANTS to spam, and some of them
try to see if they can do it 'sneakily'. Others try to take advantage of a
'reputation' service to sneak some stuff out. No system is perfect.
But lamely saying that we should ban every last piece of mail through
hotmail or returnpath or any other e-mail service is self-defeating. It
will not result in 'less spam'. It will result in the same spam being
delivered *more* indiscriminately, to YOU and to ME.
No thank you. Let the morons who subscribe to this crap have it. Thanks.
- C
Re: [sa] Re: semi-legit senders in DNSWL and habeas - a hard problem
Posted by Gene Heskett <ge...@verizon.net>.
On Tuesday 05 January 2010, Charles Gregory wrote:
>On Tue, 5 Jan 2010, J.D. Falk wrote:
>: On Jan 5, 2010, at 10:10 AM, Greg Troxel wrote:
>: > Once again I went to returnpath and senderscorecertified's web pages,
>: > and found no link to an email address to report being spammed by one of
>: > their customers.
>:
>: Is the font size for "Contact Us" and "Support" too small?
>
>I keep seeing the complaint, and this response, so I thought I would take
>a look, and indeed, the one form under 'Contact Us' appears to be for
>general inquiries, and not for spam complaints, and includes the
>significant deterrent of requiring large amounts of personal/corporate
>information.
>
>My suggestion: Setup a link/page that provides for rapid reporting by
>pasting an offending e-mail without a bunch of form-filling. Just use a
>captcha to avoid poisoning.... :)
>
>- C
That isn't part of their business model. These folks only think they are
doing it right. Some sort of brainwashed & warped thinking they learned at
the Master Bastards Association school I guess.
The bottom line is that they are still spammers. Filter 'em.
--
Cheers, Gene
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
enhance, v.:
To tamper with an image, usually to its detriment.