Am 26.08.20 um 19:36 schrieb flo via mailop: > Hi there > > Have any of you had any bad experiences with Deutsche Telekom lately? > They put one of my servers on their blacklist after an IP change with > the reason that I have to provide an imprint on that machine. > Have I missed something? Is this how it is done now?
Without wanting to defend DT and the details of their policy, I do see understandable reasons for this policy, and I'm applying a somewhat similar strategy with pretty good success. Note that the presumed goal is to defend against spam, not to bother innocent senders, but in border cases that still happens (just as it happens with other mechanisms such as SPF etc.) A significant percentage of spam that still gets through after blocking dynamic IP addresses and known spam sending networks comes from * anonymous domains * hacked mail accounts or servers * misconfigured servers (web sites sending replies to mail-addresses entered via web forms) The second and third variant can only be handled on a case-by-case basis, I typically inform the admins through spamcop (of course that only works if they have a working abuse contact) and block the source because the sad experience is that admins of an already badly managed service likely don't react to abuse reports either. The first variant is more or less what you have. With the (IMHO stupid) decision to handle whois data as GDPR protected spammers have pumped up the volume of spam sent through domains whose registries hide whois data because that allows them to register their domains with fake information (the registries and registrars don't check, they happily take the fees and don't care otherwise). The net effect is that anonymous domain registration together with hosting with a "we don't care" hoster is a pretty good predictor for spamminess. Checking for an imprint is a strategy that works in Germany for many cases due to the legal requirement to have an imprint on web sites intended for the general public. I don't know how DT checks that, they probably use automated tools plus some human augmentation. In any case, this would enable them to whitelist a good percentage of domains that would otherwise be considered anonymous. I have to deal with much lower volumes of mail, so I have decided to "permanently greylist" domains of this kind and to add exemptions after a short manual check whether the domain can be assumed to be legit. In addition, all of our rejection messages contain a link to a web page where we can be contacted in case of an erroneous block (false positives happen with every spam blocking policy). I do not put any demands on blocked senders except to contact us, so the simple act of using the web form is enough to be unblocked. Of course, a sufficiently motivated spammer might try that as well, might get a free pass for a day, and be added to the "never unblock these crooks" list quickly. Cheers, Hans-Martin
_______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
