Hi all, we received few automated abuse reports from Simply.com.
The abuse report is an email from "Simply.com abuse team < abuse-rep...@robot.simply.com>" with subject "Abuse report for #IPredacted# (#Providername# / #ASNUMBER#)" > Hi > > This is a complaint regarding spam received from #IPredacted# / #hostredacted#. > Mail originating from this IP, has actively been marked as spam/junk by the receiver. > > We ask that you take immediate action against the offending IP-address. > > For forensic purposes, the offending email is attached to this mail (along with other > report > formats). Below are some key headers from the mail: > > Date: #redacted# > Message-Id: <#redacted#> > From: <#redacted#> > Return-path: <#redacted#> > > #IPredacted# has received degraded delivery-reputation as a result of the report. In one case the message terminated with a > For good meassure, the List-Unsubscribe URL in the mail has already been triggered by us. The "weird" things are 2: 1) at least 2 abuses have been sent also to the abuse desk of a different datacenter from the one from which the email have been sent. I'm not sure but it seems they got in touch with the abuse desk of the datacenter hosting the website connected to the return-path of the email (not even it's MX, but the IN A, but maybe something else, I only have a couple of sample to make my guess). 2) one of the abuses was reporting the transactional email confirming to the recipient his unsubscription was completed, but the unsubscription have been triggered programmatically by them: I guess that their user that didn't unsubscribe from the email is surprised by the "unsubscription confirmation" and report it as abusive. I checked the logs and sounds like they automatically did a GET request to the List-Unsubscribe url and the a POST request to the List-Unsubscribe url via the "List-Unsubscribe-Post" protocol we support. I understand the ratio of a similar behaviour but I was not expecting the list-unsubscribe or the list-unsubscribe-post could be triggered without the recipient asking explicitly from unsubscription. Of course their server their rules, but I'd like to know if other abuse desks started receiving this kind of automated simply.com reports and what's your opinion about this practice. In the end for (still under investigation) 2 emails sent to their users we received like 8 abuse reports, some directly, some through the abusedesks of our datacenter, some for the original email and some more for the unsubscription confirmation email, so I'm guessing if your abuse desks are flooded by this or there's something so bad about those 2 emails (again, under investigation, I can't tell by looking at the content and I'm waiting for answers from the sender). Sounds like this kind of automation belongs to FBL streams, but I'm here to hear your opinions! Stefano -- Stefano Bagnara Apache James/jDKIM/jSPF VOXmail/Mosaico.io/VoidLabs
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
