Sounds like the beginning of ePending. And I have a crawly feeling about this, because it reminds me of an experience we had with someone who wanted a dedicated /24 for their own use, but all the rDNS was in like groups of 12 domains at a time, but all sending the same traffic. AOL sent us LOTS of complaints, but finally we had a SpamCop complaint that we could start a conversation with, and …
“ I need to know the history of this email address, how did it sign up… * I asked my boss and he said yup, that street address in Las Vegas exists … “ But it doesn’t belong to the owner of this email address, who says that they have never lived in Las Vegas. Ever. * … /me calls the NOC, “Brad, pull the ethernet for X. * Done. Aloha, Michael. -- Michael J Wise Microsoft Corporation| Spam Analysis "Your Spam Specimen Has Been Processed." Got the Junk Mail Reporting Tool<http://www.microsoft.com/en-us/download/details.aspx?id=18275> ? From: mailop <mailop-boun...@mailop.org> On Behalf Of Laura Atkins Sent: Wednesday, August 29, 2018 10:00 AM To: David Hofstee <opentext.dhofs...@gmail.com> Cc: mailop <mailop@mailop.org> Subject: Re: [mailop] Gmail - Anybody out there from Gmail, willing to assist with strange reputation issue On Aug 29, 2018, at 2:35 AM, David Hofstee <opentext.dhofs...@gmail.com<mailto:opentext.dhofs...@gmail.com>> wrote: > Without confirmed opt-in, you're at the mercy of what random junk people > happen to stick in there True, but then the real problem is that the opt-in is invalid. As an ESP you should evaluate these lists beforehand and monitor for signs of a lack of opt-in (e.g. high complaint rates by FBL or unsubscribes). Having these typo's are often good indicators for me to start looking further beforehand. E.g. a...@hotmail.com<mailto:a...@hotmail.com> is the perfect example of people not wanting to provide their real email address. There is an entire segment of the legitimate email industry that provides list cleaning services for a fee to anyone with cash. A significant portion of the time a non-opt-in list will pass all of the tests (and dozens more) that you mention above.There’s also vast amounts of work and products in the spammer end of the email industry that folks like me never see, but are also designed to prevent ESPs from identifying spammers. Back in 2002, I was investigating a list of addresses. The question was are these addresses opt in? I had a sample of addresses from the list, don’t remember how many. Included in the data was signup IPs, home addresses, phone numbers and zip codes. I ran buckets of tests. I did reverse lookups, I mapped IPs to locations, I did everything I could think of to identify if this address list was opt-in. The data was clean. Very clean. Zip codes matched IP locations. rDNS was accurate between the signup IP and the address signed up. At the time there were no such things as FBLs, so I had no complaint levels. I didn’t have access to unsubscribe data. But nothing about the data I had looked, in any way, like it was collected in any way other than an opt-in fashion. I would have even believed it was double opt-in. Until. I ran one final test. I searched for a local part I use at some freemail providers. And my address was on the list, with a totally fake name, IP address somewhere in Texas and matching zip code and phone data. The only way I was able to identify that list was a problem was because one of my own addresses was on there. Had they grabbed a different subset of the list, I would have never been able to ID the list as problematic. Had I not thought to look for my own addresses, I would have never caught the problem. That was 16+ years ago. The ability of spammers to create plausible looking data has only increased. The services I mentioned above, the ones that are used by the legitimate folks? They will test your list for deliverability before you send your first mail. They’ll clean off the typos. They’ll clean off (some of) the spamtraps. They’ll remove anything that will give an ESP insight into the list. There’s one service that has purchased every email address list they can find, and sells that to ESPs so they can detect purchased lists. The services on the spammer end of the industry? They’re even better and more dodgy. They include shared lists of address that complain, or shared lists of addresses that regularly open. The whole business A naive scanning like you suggest wasn’t sufficient for the spammers of 16 years ago. It’s certainly not going to catch anything actual spammer today. A double-optin only confirms there was a relationship with some sender at some point in time. It avoids typo's. However, it does not state with who the opt-in was, when it was provided, for what content, for what frequency, under what circumstances and for how long that is valid. It is not watertight at all. Exactly. Which is why there are other / better ways to manage a subscription process and address collection process. Mapping out the "attack tree” (it’s not really attack, but more vulnerability tree) lets the address collector manage the threats to their list in a way that limits the friction for recipients that want to receive their mail while providing the right friction to ward off fake addresses in their mailing lists. laura -- Having an Email Crisis? We can help! 800 823-9674 Laura Atkins Word to the Wise la...@wordtothewise.com<mailto:la...@wordtothewise.com> (650) 437-0741 Email Delivery Blog: https://wordtothewise.com/blog<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwordtothewise.com%2Fblog&data=02%7C01%7Cmichael.wise%40microsoft.com%7C1344e6a8f591412c288308d60dd222fb%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636711593511087501&sdata=%2Bl5wEJS97fx3WD1F2fW2pLlEJ4vMwtKOHSoiIkXXC7I%3D&reserved=0>
_______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
