Re: [mailop] Ex-post-facto spam complaints, a possible UI problem / other mitigation
> I wonder if anyone has done an actual analysis of what people are > thinking when they do this. Is it an accident? Is it not understanding > what the "Report spam" button means or is for? Impatience and a just > "get these emails out of my sight" type mentality? Just general > confusion? Or just simple errors? I personally made such an error a couple of days ago (slightly different setup, but still similar enough): Scanning through a spam folder for false positives, marking true spam in bulk with the intent to remove them. Instead of „Really Delete“, I click on „Not Spam“, and *poosh* I have ~150 spams in my Inbox. I sincerely hope that the spam filter does not learn from my „not spam“ actions… What this should show: Even people who should know what they are doing make the occasional mistake. Multiply by a couple of 100k users - and you realize that maybe you should only use a log function of user input to finetune your filters. — Matthias smime.p7s Description: S/MIME cryptographic signature ___ mailop mailing list mailop@mailop.org http://chilli.nosignal.org/mailman/listinfo/mailop
Re: [mailop] Ex-post-facto spam complaints, a possible UI problem / other mitigation
On Thu, Sep 24, 2015 at 10:40 PM, Michael Wise wrote: > Ignore any reports where the email was received by the recipient beyond a > certain window. > > > These usually come with at least 1 genuine complaint. we unsubscribe them anyway, we don't want to risk it. In particular I cannot trust automated systems not to treat it as a 'send after complaint' which ostensibly could be more severely penalized. > 24 hours is probably too soon. > > 1 week may very well be the sweet spot, because … if it really **IS** a > campaign, chances are you dealt with it well within the 24 hour window. 1 > month is way too late. > > > It's not even a campaign, it's transactional emails which have been acted upon by the client. > Condense volume of complaints from the same recipient about the same > sender down to a single cluster…. > > > That's what I am looking for. With lack of transparency on filtering, I can't say this is what's happening and I suspect it's not. > Other guidelines will present themselves I’m sure. > > > > Oh, and a bunch of False Positive complaints from a given sender to > similar recipients (ie, all to the same or a small number of domains) …? If > the sender domain and the recipient domain are siblings somehow, mark the > sender as abusive and discard. Or send a nasty note… or fire the customer. > YMMV. > > > We already follow practice and unsubscribe them. now hopefully, since we see a relative few FBL complaints in total, it means the entire thing has little effect on our sending. But we simply don't know and we have good reason to suspect otherwise, across all 3 largest providers. > Aloha, > > Michael. > > -- > > *Michael J Wise* | Microsoft | Spam Analysis | "Your Spam Specimen Has > Been Processed." | Got the Junk Mail Reporting Tool > <http://www.microsoft.com/en-us/download/details.aspx?id=18275> ? > > > > *From:* mailop [mailto:mailop-boun...@mailop.org] *On Behalf Of *Gil Bahat > *Sent:* Thursday, September 24, 2015 8:04 AM > *To:* mailop@mailop.org > *Subject:* [mailop] Ex-post-facto spam complaints, a possible UI problem > / other mitigation > > > > Hi, > > > > Carefully observing our FBL complaints one by one, I see a disturbing > phenomena: users marking swaths of email, sometimes received over a month > ago as spam, accounting for a significant volume of complaints. > > > > I have good reason to believe this does not represent actual spam > reporting, but rather an easy to perform what would have been a more > complex (UI wise) task, tandem delete and unsubscribe. > > > > Users do this to emails which they clearly read and found useful (e.g. the > welcome or email verification emails, emails which they opened, clicked and > even forwarded at times, etc etc). > > > > I would like to request all providers to (A) consider changing their UI to > account for this option / suggest unsubscription and deletion instead and > (B) mitigate the impact of multiple consecutive reports. I am not able to > quantify how this exactly affects our service but I have good reason to > believe these are counted to full effect as much as any other spam > complaint (e.g. from sources like return path senderscore). > > > > Feedback (outside the loop, snicker snicker) would be most welcome. > > > > Regards, > > > > Gil Bahat, > > DevOps/Postmaster, > > Magisto Ltd. > ___ mailop mailing list mailop@mailop.org http://chilli.nosignal.org/mailman/listinfo/mailop
Re: [mailop] Ex-post-facto spam complaints, a possible UI problem / other mitigation
> Back when I was running the mailfilters for a major state government > agency, I regularly saw users reporting as spam things like: > * Turnpike billing and account balance notices; > * Time-to-renew notices for all manner of different licences and > registrations: MDs and DOs, dentists, other practitioners, > beauticians, drivers of all classes, liquor licenses, you name it; > * Inquiries and responses from the Tax Commission and other state > agencies. > > Clearly all these were things that the recipient had requested, and > equally clearly they were being marked as spam. I don't know why. We see this quite regularly as well. I wonder if anyone has done an actual analysis of what people are thinking when they do this. Is it an accident? Is it not understanding what the "Report spam" button means or is for? Impatience and a just "get these emails out of my sight" type mentality? Just general confusion? I would have thought one of the big providers (e.g. Yahoo, Microsoft, Google) would have done user testing at some point on their UIs and have seen this happen, and thus would have some actual data on why people were doing it (or at least, people's own explanations of why they were doing it). Anyone? -- Rob Mueller r...@fastmail.fm ___ mailop mailing list mailop@mailop.org http://chilli.nosignal.org/mailman/listinfo/mailop
Re: [mailop] Ex-post-facto spam complaints, a possible UI problem / other mitigation
On Thu, Sep 24, 2015 at 06:04:11PM +0300, Gil Bahat wrote: > I have good reason to believe this does not represent actual spam > reporting [...] Of course it doesn't. Users are...well they're not at all competent. Not even remotely close. They routinely mark ordinary mailing list traffic (such as that found on this one) as spam, they mark monthly Mailman-generated reminders as spam, they mark personal correspondence as spam, they even mark subscription confirmation requests (that they initiated) as spam. Dave Crocker put it more gently than me, but he was right when he said (on NANOG, I believe): The best model to invoke, with respect to the idea of recruiting end users to be active participants in abuse detection or prevention is mostly: Don't. Under NO circumstances should users be permitted to directly affect any anti-spam policy (or any other defensive policy, e.g., firewall rules). It is clearly unprofessional, unethical, and irresponsible to let them anywhere near the dials and knobs that control that machinery. It's like letting crack monkeys hyper up on Red Bull loose in the control room of a nuclear reactor. I find it best to require that users who wish to report spam be told to forward it -- with full headers -- to the appropriate local "abuse" address. This serves as a useful clue level test and tends to result in vastly higher quality reporting than giving them a button -- which of course, they will push randomly. I also see that all such reports are individually reviewed -- and expect exactly the same of others. Accusing someone of spamming (whether directly or indirectly via mail system policy modification) is a serious matter, and should not be done without careful and manual expert-level review. ---rsk ___ mailop mailing list mailop@mailop.org http://chilli.nosignal.org/mailman/listinfo/mailop
Re: [mailop] Ex-post-facto spam complaints, a possible UI problem / other mitigation
“waiting” … it happens, no worries. Mailinglists … sometimes even the Opt-in process can be abusive. We’ve seen customers get mailbombed with Subscription confirmations. At some point, mailing list software vendors need to find a way to address this. Exactly what that might be, I have no idea. Mark all subscription confirmations as junk (or suspect) by default? Would be sad, but … perhaps unavoidable. At some point, perhaps the mail server infrastructure needs to manage sub/unsub events, and enforce them? Aloha, Michael. -- Michael J Wise | Microsoft | Spam Analysis | "Your Spam Specimen Has Been Processed." | Got the Junk Mail Reporting Tool<http://www.microsoft.com/en-us/download/details.aspx?id=18275> ? From: Mark Foster [mailto:blak...@blakjak.net] Sent: Thursday, September 24, 2015 1:30 PM To: Michael Wise Cc: Gil Bahat ; mailop@mailop.org Subject: Re: [mailop] Ex-post-facto spam complaints, a possible UI problem / other mitigation Re "waiting" - no problems, I misunderstood. I don't care if your mailing list has valid and working in subscription processes or not - if I didn't opt-in, it is spam and will be reported as such. (I'm sure that much spam reported as such is likely the result of laziness on he part of the receiver (out of sight, out of mind) and negatively impacts legit mailing lists, but (for example) I've never lived in the USA and have never opted into mailing lists relating to university alma mater or dodge dealerships, so why would I unsubscribe from what is clearly maliciously delivered to me at least at some level? -- Mark. Sent from a mobile device. On 25/09/2015, at 08:07, Michael Wise mailto:michael.w...@microsoft.com>> wrote: Who said anything about *waiting* 24 hours? My point was, if the report is more than 24 hours old, its Real Time value has been completely lost and the sample is at best of historical value. Also, if the traffic is from a mailinglist and there is no working unsub, we really need some way of noticing that. If the traffic has been reported, and the unsub procedure has been invoked, and the traffic continues (after … 24 hours? Some demand at least a week to unsub, and that’s obscene IMHO), the sender should be banned completely. Aloha, Michael. -- Michael J Wise | Microsoft | Spam Analysis | "Your Spam Specimen Has Been Processed." | Got the Junk Mail Reporting Tool<https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fwww.microsoft.com%2fen-us%2fdownload%2fdetails.aspx%3fid%3d18275&data=01%7c01%7cMichael.Wise%40microsoft.com%7c53c555676a0d4256d26208d2c51eea5a%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=4Zga4%2fLhzxcQXTudegyOr4%2fjnXch7mNrtkTISzANGmc%3d> ? From: Mark Foster [mailto:blak...@blakjak.net] Sent: Thursday, September 24, 2015 12:53 PM To: Michael Wise mailto:michael.w...@microsoft.com>> Cc: Gil Bahat mailto:g...@magisto.com>>; mailop@mailop.org<mailto:mailop@mailop.org> Subject: Re: [mailop] Ex-post-facto spam complaints, a possible UI problem / other mitigation One of my email addresses gets what look like legit mailing list emails constantly. I opted into none of them so they all get spam-reported despite valid unsub processes. If the "valid" list doesn't use double-opt-in and uses addresses harvested by other means, this is a hard ask. Also waiting 24 hours has almost no real-time value - fast reports will let vendors actually block spam as it is still being delivered. Finally, reports may still be valid when "late" as some people don't constantly watch their email. -- Mark. Sent from a mobile device. On 25/09/2015, at 07:40, Michael Wise mailto:michael.w...@microsoft.com>> wrote: Ignore any reports where the email was received by the recipient beyond a certain window. 24 hours is probably too soon. 1 week may very well be the sweet spot, because … if it really *IS* a campaign, chances are you dealt with it well within the 24 hour window. 1 month is way too late. Condense volume of complaints from the same recipient about the same sender down to a single cluster…. Other guidelines will present themselves I’m sure. Oh, and a bunch of False Positive complaints from a given sender to similar recipients (ie, all to the same or a small number of domains) …? If the sender domain and the recipient domain are siblings somehow, mark the sender as abusive and discard. Or send a nasty note… or fire the customer. YMMV. Aloha, Michael. -- Michael J Wise | Microsoft | Spam Analysis | "Your Spam Specimen Has Been Processed." | Got the Junk Mail Reporting Tool<https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fwww.microsoft.com%2fen-us%2fdownload%2fdetails.aspx%3fid%3d18275&data=01%7c01%7cMichael.Wise%40microsoft.com%7c41984e91ba2e46407fb508d2c519ceff%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=TZdHgIEm53aTY1qgZXbCCYCuT
Re: [mailop] Ex-post-facto spam complaints, a possible UI problem / other mitigation
Re "waiting" - no problems, I misunderstood. I don't care if your mailing list has valid and working in subscription processes or not - if I didn't opt-in, it is spam and will be reported as such. (I'm sure that much spam reported as such is likely the result of laziness on he part of the receiver (out of sight, out of mind) and negatively impacts legit mailing lists, but (for example) I've never lived in the USA and have never opted into mailing lists relating to university alma mater or dodge dealerships, so why would I unsubscribe from what is clearly maliciously delivered to me at least at some level? -- Mark. Sent from a mobile device. > On 25/09/2015, at 08:07, Michael Wise wrote: > > Who said anything about *waiting* 24 hours? > > My point was, if the report is more than 24 hours old, its Real Time value > has been completely lost and the sample is at best of historical value. > > Also, if the traffic is from a mailinglist and there is no working unsub, we > really need some way of noticing that. > If the traffic has been reported, and the unsub procedure has been invoked, > and the traffic continues (after … 24 hours? Some demand at least a week to > unsub, and that’s obscene IMHO), the sender should be banned completely. > > Aloha, > Michael. > -- > Michael J Wise | Microsoft | Spam Analysis | "Your Spam Specimen Has Been > Processed." | Got the Junk Mail Reporting Tool ? > > From: Mark Foster [mailto:blak...@blakjak.net] > Sent: Thursday, September 24, 2015 12:53 PM > To: Michael Wise > Cc: Gil Bahat ; mailop@mailop.org > Subject: Re: [mailop] Ex-post-facto spam complaints, a possible UI problem / > other mitigation > > One of my email addresses gets what look like legit mailing list emails > constantly. I opted into none of them so they all get spam-reported despite > valid unsub processes. > > If the "valid" list doesn't use double-opt-in and uses addresses harvested by > other means, this is a hard ask. > > Also waiting 24 hours has almost no real-time value - fast reports will let > vendors actually block spam as it is still being delivered. > > Finally, reports may still be valid when "late" as some people don't > constantly watch their email. > > -- > Mark. > > Sent from a mobile device. > > On 25/09/2015, at 07:40, Michael Wise wrote: > > Ignore any reports where the email was received by the recipient beyond a > certain window. > > 24 hours is probably too soon. > 1 week may very well be the sweet spot, because … if it really *IS* a > campaign, chances are you dealt with it well within the 24 hour window. 1 > month is way too late. > > Condense volume of complaints from the same recipient about the same sender > down to a single cluster…. > > Other guidelines will present themselves I’m sure. > > Oh, and a bunch of False Positive complaints from a given sender to similar > recipients (ie, all to the same or a small number of domains) …? If the > sender domain and the recipient domain are siblings somehow, mark the sender > as abusive and discard. Or send a nasty note… or fire the customer. YMMV. > > Aloha, > Michael. > -- > Michael J Wise | Microsoft | Spam Analysis | "Your Spam Specimen Has Been > Processed." | Got the Junk Mail Reporting Tool ? > > From: mailop [mailto:mailop-boun...@mailop.org] On Behalf Of Gil Bahat > Sent: Thursday, September 24, 2015 8:04 AM > To: mailop@mailop.org > Subject: [mailop] Ex-post-facto spam complaints, a possible UI problem / > other mitigation > > Hi, > > Carefully observing our FBL complaints one by one, I see a disturbing > phenomena: users marking swaths of email, sometimes received over a month ago > as spam, accounting for a significant volume of complaints. > > I have good reason to believe this does not represent actual spam reporting, > but rather an easy to perform what would have been a more complex (UI wise) > task, tandem delete and unsubscribe. > > Users do this to emails which they clearly read and found useful (e.g. the > welcome or email verification emails, emails which they opened, clicked and > even forwarded at times, etc etc). > > I would like to request all providers to (A) consider changing their UI to > account for this option / suggest unsubscription and deletion instead and (B) > mitigate the impact of multiple consecutive reports. I am not able to > quantify how this exactly affects our service but I have good reason to > believe these are counted to full effect as much as any other spam complaint > (e.g. from sources like return path senderscore). > > Feedb
Re: [mailop] Ex-post-facto spam complaints, a possible UI problem / other mitigation
Who said anything about *waiting* 24 hours? My point was, if the report is more than 24 hours old, its Real Time value has been completely lost and the sample is at best of historical value. Also, if the traffic is from a mailinglist and there is no working unsub, we really need some way of noticing that. If the traffic has been reported, and the unsub procedure has been invoked, and the traffic continues (after … 24 hours? Some demand at least a week to unsub, and that’s obscene IMHO), the sender should be banned completely. Aloha, Michael. -- Michael J Wise | Microsoft | Spam Analysis | "Your Spam Specimen Has Been Processed." | Got the Junk Mail Reporting Tool<http://www.microsoft.com/en-us/download/details.aspx?id=18275> ? From: Mark Foster [mailto:blak...@blakjak.net] Sent: Thursday, September 24, 2015 12:53 PM To: Michael Wise Cc: Gil Bahat ; mailop@mailop.org Subject: Re: [mailop] Ex-post-facto spam complaints, a possible UI problem / other mitigation One of my email addresses gets what look like legit mailing list emails constantly. I opted into none of them so they all get spam-reported despite valid unsub processes. If the "valid" list doesn't use double-opt-in and uses addresses harvested by other means, this is a hard ask. Also waiting 24 hours has almost no real-time value - fast reports will let vendors actually block spam as it is still being delivered. Finally, reports may still be valid when "late" as some people don't constantly watch their email. -- Mark. Sent from a mobile device. On 25/09/2015, at 07:40, Michael Wise mailto:michael.w...@microsoft.com>> wrote: Ignore any reports where the email was received by the recipient beyond a certain window. 24 hours is probably too soon. 1 week may very well be the sweet spot, because … if it really *IS* a campaign, chances are you dealt with it well within the 24 hour window. 1 month is way too late. Condense volume of complaints from the same recipient about the same sender down to a single cluster…. Other guidelines will present themselves I’m sure. Oh, and a bunch of False Positive complaints from a given sender to similar recipients (ie, all to the same or a small number of domains) …? If the sender domain and the recipient domain are siblings somehow, mark the sender as abusive and discard. Or send a nasty note… or fire the customer. YMMV. Aloha, Michael. -- Michael J Wise | Microsoft | Spam Analysis | "Your Spam Specimen Has Been Processed." | Got the Junk Mail Reporting Tool<https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fwww.microsoft.com%2fen-us%2fdownload%2fdetails.aspx%3fid%3d18275&data=01%7c01%7cMichael.Wise%40microsoft.com%7c41984e91ba2e46407fb508d2c519ceff%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=TZdHgIEm53aTY1qgZXbCCYCuTVFn0ZQaw39T5zlMqn4%3d> ? From: mailop [mailto:mailop-boun...@mailop.org] On Behalf Of Gil Bahat Sent: Thursday, September 24, 2015 8:04 AM To: mailop@mailop.org<mailto:mailop@mailop.org> Subject: [mailop] Ex-post-facto spam complaints, a possible UI problem / other mitigation Hi, Carefully observing our FBL complaints one by one, I see a disturbing phenomena: users marking swaths of email, sometimes received over a month ago as spam, accounting for a significant volume of complaints. I have good reason to believe this does not represent actual spam reporting, but rather an easy to perform what would have been a more complex (UI wise) task, tandem delete and unsubscribe. Users do this to emails which they clearly read and found useful (e.g. the welcome or email verification emails, emails which they opened, clicked and even forwarded at times, etc etc). I would like to request all providers to (A) consider changing their UI to account for this option / suggest unsubscription and deletion instead and (B) mitigate the impact of multiple consecutive reports. I am not able to quantify how this exactly affects our service but I have good reason to believe these are counted to full effect as much as any other spam complaint (e.g. from sources like return path senderscore). Feedback (outside the loop, snicker snicker) would be most welcome. Regards, Gil Bahat, DevOps/Postmaster, Magisto Ltd. ___ mailop mailing list mailop@mailop.org<mailto:mailop@mailop.org> http://chilli.nosignal.org/mailman/listinfo/mailop<https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fchilli.nosignal.org%2fmailman%2flistinfo%2fmailop&data=01%7c01%7cMichael.Wise%40microsoft.com%7c41984e91ba2e46407fb508d2c519ceff%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=%2bKD6w%2fzKOkoSbiRmIbh38KKBv2iosXrJy7kN34BtnhM%3d> ___ mailop mailing list mailop@mailop.org http://chilli.nosignal.org/mailman/listinfo/mailop
Re: [mailop] Ex-post-facto spam complaints, a possible UI problem / other mitigation
One of my email addresses gets what look like legit mailing list emails constantly. I opted into none of them so they all get spam-reported despite valid unsub processes. If the "valid" list doesn't use double-opt-in and uses addresses harvested by other means, this is a hard ask. Also waiting 24 hours has almost no real-time value - fast reports will let vendors actually block spam as it is still being delivered. Finally, reports may still be valid when "late" as some people don't constantly watch their email. -- Mark. Sent from a mobile device. > On 25/09/2015, at 07:40, Michael Wise wrote: > > Ignore any reports where the email was received by the recipient beyond a > certain window. > > 24 hours is probably too soon. > 1 week may very well be the sweet spot, because … if it really *IS* a > campaign, chances are you dealt with it well within the 24 hour window. 1 > month is way too late. > > Condense volume of complaints from the same recipient about the same sender > down to a single cluster…. > > Other guidelines will present themselves I’m sure. > > Oh, and a bunch of False Positive complaints from a given sender to similar > recipients (ie, all to the same or a small number of domains) …? If the > sender domain and the recipient domain are siblings somehow, mark the sender > as abusive and discard. Or send a nasty note… or fire the customer. YMMV. > > Aloha, > Michael. > -- > Michael J Wise | Microsoft | Spam Analysis | "Your Spam Specimen Has Been > Processed." | Got the Junk Mail Reporting Tool ? > > From: mailop [mailto:mailop-boun...@mailop.org] On Behalf Of Gil Bahat > Sent: Thursday, September 24, 2015 8:04 AM > To: mailop@mailop.org > Subject: [mailop] Ex-post-facto spam complaints, a possible UI problem / > other mitigation > > Hi, > > Carefully observing our FBL complaints one by one, I see a disturbing > phenomena: users marking swaths of email, sometimes received over a month ago > as spam, accounting for a significant volume of complaints. > > I have good reason to believe this does not represent actual spam reporting, > but rather an easy to perform what would have been a more complex (UI wise) > task, tandem delete and unsubscribe. > > Users do this to emails which they clearly read and found useful (e.g. the > welcome or email verification emails, emails which they opened, clicked and > even forwarded at times, etc etc). > > I would like to request all providers to (A) consider changing their UI to > account for this option / suggest unsubscription and deletion instead and (B) > mitigate the impact of multiple consecutive reports. I am not able to > quantify how this exactly affects our service but I have good reason to > believe these are counted to full effect as much as any other spam complaint > (e.g. from sources like return path senderscore). > > Feedback (outside the loop, snicker snicker) would be most welcome. > > Regards, > > Gil Bahat, > DevOps/Postmaster, > Magisto Ltd. > ___ > mailop mailing list > mailop@mailop.org > http://chilli.nosignal.org/mailman/listinfo/mailop ___ mailop mailing list mailop@mailop.org http://chilli.nosignal.org/mailman/listinfo/mailop
Re: [mailop] Ex-post-facto spam complaints, a possible UI problem / other mitigation
Ignore any reports where the email was received by the recipient beyond a certain window. 24 hours is probably too soon. 1 week may very well be the sweet spot, because … if it really *IS* a campaign, chances are you dealt with it well within the 24 hour window. 1 month is way too late. Condense volume of complaints from the same recipient about the same sender down to a single cluster…. Other guidelines will present themselves I’m sure. Oh, and a bunch of False Positive complaints from a given sender to similar recipients (ie, all to the same or a small number of domains) …? If the sender domain and the recipient domain are siblings somehow, mark the sender as abusive and discard. Or send a nasty note… or fire the customer. YMMV. Aloha, Michael. -- Michael J Wise | Microsoft | Spam Analysis | "Your Spam Specimen Has Been Processed." | Got the Junk Mail Reporting Tool<http://www.microsoft.com/en-us/download/details.aspx?id=18275> ? From: mailop [mailto:mailop-boun...@mailop.org] On Behalf Of Gil Bahat Sent: Thursday, September 24, 2015 8:04 AM To: mailop@mailop.org Subject: [mailop] Ex-post-facto spam complaints, a possible UI problem / other mitigation Hi, Carefully observing our FBL complaints one by one, I see a disturbing phenomena: users marking swaths of email, sometimes received over a month ago as spam, accounting for a significant volume of complaints. I have good reason to believe this does not represent actual spam reporting, but rather an easy to perform what would have been a more complex (UI wise) task, tandem delete and unsubscribe. Users do this to emails which they clearly read and found useful (e.g. the welcome or email verification emails, emails which they opened, clicked and even forwarded at times, etc etc). I would like to request all providers to (A) consider changing their UI to account for this option / suggest unsubscription and deletion instead and (B) mitigate the impact of multiple consecutive reports. I am not able to quantify how this exactly affects our service but I have good reason to believe these are counted to full effect as much as any other spam complaint (e.g. from sources like return path senderscore). Feedback (outside the loop, snicker snicker) would be most welcome. Regards, Gil Bahat, DevOps/Postmaster, Magisto Ltd. ___ mailop mailing list mailop@mailop.org http://chilli.nosignal.org/mailman/listinfo/mailop
Re: [mailop] Ex-post-facto spam complaints, a possible UI problem / other mitigation
On Thu, Sep 24, 2015 at 11:28:35AM -0700, Dave Warren wrote: > I'm not sure what Gil is seeing, but I regularly see users reporting > user-to-user correspondence and other obviously solicited messages. I get > entire discussions about what restaurant, whether to attend a particular > seminar, etc, all coming in at once. > > Part of me really wants to respect the complainant's wishes and blacklist > all mail from that sender, but obviously this wasn't the intent, and > ultimately would only be satisfying on a short term basis. Back when I was running the mailfilters for a major state government agency, I regularly saw users reporting as spam things like: o Turnpike billing and account balance notices; o Time-to-renew notices for all manner of different licences and registrations: MDs and DOs, dentists, other practitioners, beauticians, drivers of all classes, liquor licenses, you name it; o Inquiries and responses from the Tax Commission and other state agencies. Clearly all these were things that the recipient had requested, and equally clearly they were being marked as spam. I don't know why. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin ___ mailop mailing list mailop@mailop.org http://chilli.nosignal.org/mailman/listinfo/mailop
Re: [mailop] Ex-post-facto spam complaints, a possible UI problem / other mitigation
On 9/24/15 11:28 AM, Dave Warren wrote: I'm not sure what Gil is seeing, but I regularly see users reporting user-to-user correspondence and other obviously solicited messages. I get entire discussions about what restaurant, whether to attend a particular seminar, etc, all coming in at once. Yes, we see that as well in our FBLs, again particularly AOL's. Part of me really wants to respect the complainant's wishes and blacklist all mail from that sender, but obviously this wasn't the intent, and ultimately would only be satisfying on a short term basis. It's part of training the clue-resistant. I'm not suggesting that the receiving ISP bounce/blacklist, just move it to the junk folder. Then after a few "Didn't you get my email?" queries from friends, the clue-deprived recipient will eventually find it, click the "Not junk" button and hopefully learn not to mark transactional mail as spam in the future. -- Jay Hennigan - CCIE #7880 - Network Engineering - j...@impulse.net Impulse Internet Service - http://www.impulse.net/ Your local telephone and internet company - 805 884-6323 - WB6RDV ___ mailop mailing list mailop@mailop.org http://chilli.nosignal.org/mailman/listinfo/mailop
Re: [mailop] Ex-post-facto spam complaints, a possible UI problem / other mitigation
Responses Inline On Thu, Sep 24, 2015 at 9:07 PM, Jay Hennigan wrote: > On 9/24/15 8:04 AM, Gil Bahat wrote: > >> Hi, >> >> Carefully observing our FBL complaints one by one, I see a disturbing >> phenomena: users marking swaths of email, sometimes received over a >> month ago as spam, accounting for a significant volume of complaints. >> > > I see a lot of this with AOL's FBL, very little with others. This may be > due to the wording or layout of their GUI, perhaps the "Spam" and "Delete" > buttons are close together or similar in appearance. These are typically > timely, but occasionally long-delayed. > > I suspect that the long-delayed bunches are "throwaway" email addresses > that are infrequently used and get a lot of spam. In fact, I personally am > "guilty" of this. I maintain a Hotmail account with a hard-to-guess > username that I use very rarely. It's only for one-off online purchases, > hotel reservations and similar very infrequent or one-time transactional > email. I only log in to read this mailbox when I expect email regarding a > recent transaction. > > Despite very conscientiously unchecking all of the pre-checked "Send me > offers" buttons and *every time* in the order comments putting "This email > address is to be used for correspondence regarding this transaction only, > no spam please", it gets a TON of spam from many of the companies with > which I have done business once as well as their "affiliates". It isn't > unusual for me to log in to the Hotmail account after a month or two to > find it full of spam from an outfit I once purchased from years ago, etc. > > I mark it as the spam that it is without opening it and thus triggering > the tracking bugs, but it doesn't seem to put a dent in the flood. > > I have good reason to believe this does not represent actual spam >> reporting, but rather an easy to perform what would have been a more >> complex (UI wise) task, tandem delete and unsubscribe. >> > > If the recipient never subscribed with closed-loop confirmation in the > first place then "Unsubscribe" should never be necessary if the sender is a > good actor, and is a bad idea for the recipient. Doing so confirms to an > abuser that the mailbox is active and that email is being read. None of the above seems to be the scenario. these are purely transactional emails coming from the use of our service: our welcome email, our 'your movie is ready' email, etc etc. I can easily see that these emails have been used, e.g. the welcome email used to verify your email to the service. > > Users do this to emails which they clearly read and found useful (e.g. >> the welcome or email verification emails, emails which they opened, >> clicked and even forwarded at times, etc etc). >> > > Tracking bugs may show if emails are opened, but they can't read the > user's mind as to whether or not they were found useful. And they only work > if the user loads remote images by default, a security risk. I can deduce this not by the virtue of open bugs, but rather by the virtue that the user used these: aside from the example above, e.g. they used the "movie is ready" email because they registered on it with the GA UTM source, or multiple hits because of forwarding of that email / multiple opens, etc. > > I would like to request all providers to (A) consider changing their UI >> to account for this option / suggest unsubscription and deletion instead >> and (B) mitigate the impact of multiple consecutive reports. >> > > An alternative would be a confirmation dialog box "This will send a report > to the sender's ISP that the email is abuse. Future email from this sender > will be routed to your "Junk" folder. Are you sure?" > > By the way, this isn't ex-post-facto. It's simply reported later than > expected. Ex-post-facto would be if the definition of "spam" changed > between when the mail was sent and when it was reported. > > As per the above, it is exactly ex-post-facto - the users used these emails and therefore did not consider them spam to begin with, and then a month later changed their mind (or possibly meant something a bit different, like trying to unregister from them in one fell swoop) > > ___ > mailop mailing list > mailop@mailop.org > http://chilli.nosignal.org/mailman/listinfo/mailop > ___ mailop mailing list mailop@mailop.org http://chilli.nosignal.org/mailman/listinfo/mailop
Re: [mailop] Ex-post-facto spam complaints, a possible UI problem / other mitigation
On 2015-09-24 11:07, Jay Hennigan wrote: I see a lot of this with AOL's FBL, very little with others. This may be due to the wording or layout of their GUI, perhaps the "Spam" and "Delete" buttons are close together or similar in appearance. These are typically timely, but occasionally long-delayed. I've looked at AOL's web interface, it doesn't seem any worse than Gmail or others. But perhaps it's the audience that it attracts (or rather, the audience that isn't repelled by @aol.com) I would like to request all providers to (A) consider changing their UI to account for this option / suggest unsubscription and deletion instead and (B) mitigate the impact of multiple consecutive reports. An alternative would be a confirmation dialog box "This will send a report to the sender's ISP that the email is abuse. Future email from this sender will be routed to your "Junk" folder. Are you sure?" This would be nice. Although I suspect users wouldn't read or pay attention to the warning anyway, at least past the first time it appeared, so I doubt much would really change from the warning itself -- But, if receiving ISP were to start junking that mail (regardless of other factors), it might help. By the way, this isn't ex-post-facto. It's simply reported later than expected. Ex-post-facto would be if the definition of "spam" changed between when the mail was sent and when it was reported. I'm not sure what Gil is seeing, but I regularly see users reporting user-to-user correspondence and other obviously solicited messages. I get entire discussions about what restaurant, whether to attend a particular seminar, etc, all coming in at once. Part of me really wants to respect the complainant's wishes and blacklist all mail from that sender, but obviously this wasn't the intent, and ultimately would only be satisfying on a short term basis. -- Dave Warren http://www.hireahit.com/ http://ca.linkedin.com/in/davejwarren ___ mailop mailing list mailop@mailop.org http://chilli.nosignal.org/mailman/listinfo/mailop
Re: [mailop] Ex-post-facto spam complaints, a possible UI problem / other mitigation
On 9/24/15 8:04 AM, Gil Bahat wrote: Hi, Carefully observing our FBL complaints one by one, I see a disturbing phenomena: users marking swaths of email, sometimes received over a month ago as spam, accounting for a significant volume of complaints. I see a lot of this with AOL's FBL, very little with others. This may be due to the wording or layout of their GUI, perhaps the "Spam" and "Delete" buttons are close together or similar in appearance. These are typically timely, but occasionally long-delayed. I suspect that the long-delayed bunches are "throwaway" email addresses that are infrequently used and get a lot of spam. In fact, I personally am "guilty" of this. I maintain a Hotmail account with a hard-to-guess username that I use very rarely. It's only for one-off online purchases, hotel reservations and similar very infrequent or one-time transactional email. I only log in to read this mailbox when I expect email regarding a recent transaction. Despite very conscientiously unchecking all of the pre-checked "Send me offers" buttons and *every time* in the order comments putting "This email address is to be used for correspondence regarding this transaction only, no spam please", it gets a TON of spam from many of the companies with which I have done business once as well as their "affiliates". It isn't unusual for me to log in to the Hotmail account after a month or two to find it full of spam from an outfit I once purchased from years ago, etc. I mark it as the spam that it is without opening it and thus triggering the tracking bugs, but it doesn't seem to put a dent in the flood. I have good reason to believe this does not represent actual spam reporting, but rather an easy to perform what would have been a more complex (UI wise) task, tandem delete and unsubscribe. If the recipient never subscribed with closed-loop confirmation in the first place then "Unsubscribe" should never be necessary if the sender is a good actor, and is a bad idea for the recipient. Doing so confirms to an abuser that the mailbox is active and that email is being read. Users do this to emails which they clearly read and found useful (e.g. the welcome or email verification emails, emails which they opened, clicked and even forwarded at times, etc etc). Tracking bugs may show if emails are opened, but they can't read the user's mind as to whether or not they were found useful. And they only work if the user loads remote images by default, a security risk. I would like to request all providers to (A) consider changing their UI to account for this option / suggest unsubscription and deletion instead and (B) mitigate the impact of multiple consecutive reports. An alternative would be a confirmation dialog box "This will send a report to the sender's ISP that the email is abuse. Future email from this sender will be routed to your "Junk" folder. Are you sure?" By the way, this isn't ex-post-facto. It's simply reported later than expected. Ex-post-facto would be if the definition of "spam" changed between when the mail was sent and when it was reported. ___ mailop mailing list mailop@mailop.org http://chilli.nosignal.org/mailman/listinfo/mailop
[mailop] Ex-post-facto spam complaints, a possible UI problem / other mitigation
Hi, Carefully observing our FBL complaints one by one, I see a disturbing phenomena: users marking swaths of email, sometimes received over a month ago as spam, accounting for a significant volume of complaints. I have good reason to believe this does not represent actual spam reporting, but rather an easy to perform what would have been a more complex (UI wise) task, tandem delete and unsubscribe. Users do this to emails which they clearly read and found useful (e.g. the welcome or email verification emails, emails which they opened, clicked and even forwarded at times, etc etc). I would like to request all providers to (A) consider changing their UI to account for this option / suggest unsubscription and deletion instead and (B) mitigate the impact of multiple consecutive reports. I am not able to quantify how this exactly affects our service but I have good reason to believe these are counted to full effect as much as any other spam complaint (e.g. from sources like return path senderscore). Feedback (outside the loop, snicker snicker) would be most welcome. Regards, Gil Bahat, DevOps/Postmaster, Magisto Ltd. ___ mailop mailing list mailop@mailop.org http://chilli.nosignal.org/mailman/listinfo/mailop
