(apologies in advance if this ends up a double-post) Hello everyone,
I am the postmaster for magisto, an app centered around user generated content (UGC). we enjoy some popularity, and with popularity comes abuse. There are users who utilize magisto to generate content to be used for spamvertisement and/or other unsavory content. they will then "invite" users to see this content, in an unsolicited fashion, using the built-in content invite mechanism. even if they incorporate it outside the invite mechanism, magisto still serves as a "hosting server" for their content. Ideally, internal user reporting would be sufficient to combat it, but in reality it isn't: both because users submit many false reports and because such a system doesn't scale. DMARC can't help with regards - the messages are either entirely 'valid' invite messages, or otherwise do not involve our domain. FBL data can help, to an extent - but is again not relevant for the second use case or for users spamming a provider which has no FBL offered, or gmail who provide aggregate data only. Spamtrap data is generally out of reach for us - so I can't estimate its suitability to hunt these down. I suspect it will help somewhat, but not by much. Services such as spamcop will not provide data to us, for the concern that we may listwash since we are not netblock owners. but again this will only give partial coverage. outbound mail filters are also at a loss to detect these, as the spam part is in the destination page and specifically is a video in the case of magisto. they also don't apply to the second use case. in short - recommendations are most welcome, reference to best practices or case studies from applicable examples. it's even hard to map properly, but I suspect it's happening already as i'm seeing a tad higher rejection rate on invites to watch content. Regards, Gil Bahat, Devops/Postmaster, Magisto Ltd.
_______________________________________________ mailop mailing list mailop@mailop.org http://chilli.nosignal.org/mailman/listinfo/mailop
