Jayson Smith writes:
> 1. Is Linode, my VPS provider, also receiving these complaints? If so,
> I'm surprised they haven't at least sent me a notice telling me about them.
Seems unlikely, both on general principles and since you haven't heard
from them.
Have you confirmed that these notifications are really from Hotmail
staff (or an automated process there)? Although other things equal
it's unlikely, the most likely possibility (the subscriber complained)
is denied by the subscriber so it could theoretically be some third
party trying to mess with you or the subscriber.
Also, have you confirmed that it's actually the specific messages from
you or your list that were cited? Is it possible that some spammer is
spoofing your return address, and the subscriber is legitimately
complaining about mail that to the email provider appear to be from
you but to the subscriber are from somebody else? Is it possible your
Linode VPS has been hacked, or the MTA is an open relay, and is being
used to send spam? If you've confirmed that the complaints are citing
mail you know you sent, these possibilities don't apply, and they're
fairly unlikely anyway given that it's only one subscriber that's
having the issue.
> 2. Does anyone know if having received these complaints might cause
> Microsoft to be more likely to add my IP to their infamous block list?
More likely, yes, but how much more likely, you'd have to get an
answer from Microsoft. I don't know anybody who has gotten anything
useful out of them, though. Mistaken additions to block lists
anywhere seem to quite random for good actors, and the blockers are
rarely willing to explain what the problem was, or how to avoid it.
You could try explaining the situation to staff@hotmail, and get the
subscriber to do so too. But I wouldn't expect too much.
You could also look up what their mitigation strategies, if any, are.
Some providers have services you can sign up to which provide more
information about complaints, and guidelines on how to keep your
list(s) in good standing with the providers. I don't know about
Microsoft/Hotmail.
There are also some general rules:
1. Check that your server is not in any of the reputable RBLs. I
don't have a list offhand.
(A couple of RBLs are known to shake down sites by putting them in
bad actor lists and then asking for money for a "service" to help
clean your reputation. The big providers like Hotmail know who
they are and ignore them, you probably can ignore them too.)
2. Make sure that your DNS has correct configurations for SPF and
DKIM. Make sure that your signing keys are correct. It may halp
a little to do DMARC, too, even if you just set a policy of
p=none. If your lists accept posts from off-host, you likely
would benefit from configuring ARC as well.
3. Everything that goes *in* to your MTA *except from Mailman* should
be spam- and virus-filtered. That should include mail generated
on the Mailman host. Then you can safely forward all mail from
Mailman. (Filtering mail *from* Mailman on the way out is very
expensive unless you have very few subscribing domains.)
4. If your lists are open subscription and of moderate size, and you
don't require moderator approval of subscriptions, we recommend
setting all new subscribers to "hold for moderation". If the
first post is acceptable, then set them to default processing or
accept. For many lists that nearly eliminates "drive-by" spams
and other unwanted posts. YMMV of course.
> 3. I haven't ever received such complaints before this situation started
> on March 24. Is Microsoft noted for somehow generating spurious
> complaints like this?
Not that I've heard of. Maybe somebody else has. The only case I
know of like that was AOL, which put the "Report Spam" button next to
the "Delete Message" button. Perhaps Hotmail has a similar issue, but
I haven't heard of it. You could ask the subscriber if it's possible
she missed and hit the wrong button, but since she's already denied
doing that, you'll have to be careful about it.
I'm sorry not to be of more help, but given that big providers like
Microsoft are never willing to engage in situations like this, there's
little information in the public domain. I'm afraid you're going to
have to work it out with the subscriber.
------------------------------------------------------
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
https://mail.python.org/archives/list/mailman-users@python.org/
