Jayson Smith writes: > 1. Is Linode, my VPS provider, also receiving these complaints? If so, > I'm surprised they haven't at least sent me a notice telling me about them.
Seems unlikely, both on general principles and since you haven't heard from them. Have you confirmed that these notifications are really from Hotmail staff (or an automated process there)? Although other things equal it's unlikely, the most likely possibility (the subscriber complained) is denied by the subscriber so it could theoretically be some third party trying to mess with you or the subscriber. Also, have you confirmed that it's actually the specific messages from you or your list that were cited? Is it possible that some spammer is spoofing your return address, and the subscriber is legitimately complaining about mail that to the email provider appear to be from you but to the subscriber are from somebody else? Is it possible your Linode VPS has been hacked, or the MTA is an open relay, and is being used to send spam? If you've confirmed that the complaints are citing mail you know you sent, these possibilities don't apply, and they're fairly unlikely anyway given that it's only one subscriber that's having the issue. > 2. Does anyone know if having received these complaints might cause > Microsoft to be more likely to add my IP to their infamous block list? More likely, yes, but how much more likely, you'd have to get an answer from Microsoft. I don't know anybody who has gotten anything useful out of them, though. Mistaken additions to block lists anywhere seem to quite random for good actors, and the blockers are rarely willing to explain what the problem was, or how to avoid it. You could try explaining the situation to staff@hotmail, and get the subscriber to do so too. But I wouldn't expect too much. You could also look up what their mitigation strategies, if any, are. Some providers have services you can sign up to which provide more information about complaints, and guidelines on how to keep your list(s) in good standing with the providers. I don't know about Microsoft/Hotmail. There are also some general rules: 1. Check that your server is not in any of the reputable RBLs. I don't have a list offhand. (A couple of RBLs are known to shake down sites by putting them in bad actor lists and then asking for money for a "service" to help clean your reputation. The big providers like Hotmail know who they are and ignore them, you probably can ignore them too.) 2. Make sure that your DNS has correct configurations for SPF and DKIM. Make sure that your signing keys are correct. It may halp a little to do DMARC, too, even if you just set a policy of p=none. If your lists accept posts from off-host, you likely would benefit from configuring ARC as well. 3. Everything that goes *in* to your MTA *except from Mailman* should be spam- and virus-filtered. That should include mail generated on the Mailman host. Then you can safely forward all mail from Mailman. (Filtering mail *from* Mailman on the way out is very expensive unless you have very few subscribing domains.) 4. If your lists are open subscription and of moderate size, and you don't require moderator approval of subscriptions, we recommend setting all new subscribers to "hold for moderation". If the first post is acceptable, then set them to default processing or accept. For many lists that nearly eliminates "drive-by" spams and other unwanted posts. YMMV of course. > 3. I haven't ever received such complaints before this situation started > on March 24. Is Microsoft noted for somehow generating spurious > complaints like this? Not that I've heard of. Maybe somebody else has. The only case I know of like that was AOL, which put the "Report Spam" button next to the "Delete Message" button. Perhaps Hotmail has a similar issue, but I haven't heard of it. You could ask the subscriber if it's possible she missed and hit the wrong button, but since she's already denied doing that, you'll have to be careful about it. I'm sorry not to be of more help, but given that big providers like Microsoft are never willing to engage in situations like this, there's little information in the public domain. I'm afraid you're going to have to work it out with the subscriber. ------------------------------------------------------ Mailman-Users mailing list -- mailman-users@python.org To unsubscribe send an email to mailman-users-le...@python.org https://mail.python.org/mailman3/lists/mailman-users.python.org/ Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/ https://mail.python.org/archives/list/mailman-users@python.org/