Re: constantcontact.com
On 05/07/09 1:56 PM, rich...@buzzhost.co.uk rich...@buzzhost.co.uk wrote: I don't dispute *YOU* don't know MP. I've got a gut feel there will be a connection there somewhere. Normally, when spammers are white listed, Perone has an interest or a friend some place. I'm going to chalk this one up to the Constant Contact paid Spamassassin money to whitelist them category of inane assertions. Finally - and here is the thing I find a bit odd - if you really are from Constant Contact would you not be using one of their email addresses - or at least a server?. After all, as you put it 'We are an ESP'. sorry, I am on several private lists. Lists I have been on for 10 years through a few different employers. If I signed up for those lists with my @constantcontact.com address my employer would own that mail. I don't really think they'd read my mail, but I'm still not comfortable with that so I sign up for all lists (even the public ones like this) with my own personal domain. Its just my family domain, the website is nothing more than that. Well, I can only take you at face value that you are here representing Constant Contact. If I call up the office switchboard Tara, can I speak with you there? It's just I've called up Constant Contact and hit #9 for the directory and your name is not in there? Perhaps there is a misspelling or something? Perhaps you can use this new thing called 'google' they have out, it is way kewl: http://www.google.com/search?client=safarirls=en-usq=Tara+Natanson+%2B+con stant+contactie=UTF-8oe=UTF-8 -- Neil Schwartzman Director, Certification Security Standards Return Path Inc. 0142002038
Re: constantcontact.com
rich...@buzzhost.co.uk wrote: sorry, I am on several private lists. Lists I have been on for 10 years through a few different employers. If I signed up for those lists with my @constantcontact.com address my employer would own that mail. I don't really think they'd read my mail, but I'm still not comfortable with that so I sign up for all lists (even the public ones like this) with my own personal domain. Its just my family domain, the website is nothing more than that. Well, I can only take you at face value that you are here representing Constant Contact. If I call up the office switchboard Tara, can I speak with you there? It's just I've called up Constant Contact and hit #9 for the directory and your name is not in there? Perhaps there is a misspelling or something? You probably won't trust this, either, but here goes: I've met Tara and other Constant Contact employees at conferences many times, and they all say she works there. (I'm similarly not using my employer's domain, because none of the available Exchange-compatible clients have appropriate message threading for discussion lists.) But who are /you/, Richard? How do we know you're /really/ a SpamAssassin user, and not just pretending? -- J.D. Falk
Re: constantcontact.com
On Mon, 2009-07-06 at 11:00 -0600, J.D. Falk wrote: rich...@buzzhost.co.uk wrote: sorry, I am on several private lists. Lists I have been on for 10 years through a few different employers. If I signed up for those lists with my @constantcontact.com address my employer would own that mail. I don't really think they'd read my mail, but I'm still not comfortable with that so I sign up for all lists (even the public ones like this) with my own personal domain. Its just my family domain, the website is nothing more than that. Well, I can only take you at face value that you are here representing Constant Contact. If I call up the office switchboard Tara, can I speak with you there? It's just I've called up Constant Contact and hit #9 for the directory and your name is not in there? Perhaps there is a misspelling or something? You probably won't trust this, either, but here goes: I've met Tara and other Constant Contact employees at conferences many times, and they all say she works there. Yep, I've confirmed that too. (I'm similarly not using my employer's domain, because none of the available Exchange-compatible clients have appropriate message threading for discussion lists.) They don't? Really? But who are /you/, Richard? A users@spamassassin.apache.org How do we know you're /really/ a SpamAssassin See above Is there anything else I can help you with?
Re: constantcontact.com
At 10:56 05-07-2009, rich...@buzzhost.co.uk wrote: Well, I can only take you at face value that you are here representing Constant Contact. If I call up the office switchboard Tara, can I speak with you there? It's just I've called up Constant Contact and hit #9 for the directory and your name is not in there? Perhaps there is a misspelling or something? The name is spelled correctly. I consider that the person is speaking on behalf of that organization based on the message posted ( http://mail-archives.apache.org/mod_mbox/spamassassin-users/200907.mbox/%3cac9ad70907041849m735b0b68mb0909b83216b0...@mail.gmail.com%3e ) Regards, -sm
Re: constantcontact.com
On Mon, 2009-07-06 at 10:36 -0700, SM wrote: At 10:56 05-07-2009, rich...@buzzhost.co.uk wrote: Well, I can only take you at face value that you are here representing Constant Contact. If I call up the office switchboard Tara, can I speak with you there? It's just I've called up Constant Contact and hit #9 for the directory and your name is not in there? Perhaps there is a misspelling or something? The name is spelled correctly. I consider that the person is speaking on behalf of that organization based on the message posted ( http://mail-archives.apache.org/mod_mbox/spamassassin-users/200907.mbox/%3cac9ad70907041849m735b0b68mb0909b83216b0...@mail.gmail.com%3e ) Regards, -sm That's great - but we have already established that a few hours ago. As you are keen to offer your opinion and experience; Have you handled spam or irate customer getting spam from Constant Contact? What do you think about Constant Contact having a white list score in Spamassassin despite being listed in the multi.uri? What do you think about them being white listed by Barracuda? I'm keen to hear a cross section of views.
Re: constantcontact.com
rich...@buzzhost.co.uk wrote: On Mon, 2009-07-06 at 10:36 -0700, SM wrote: At 10:56 05-07-2009, rich...@buzzhost.co.uk wrote: Well, I can only take you at face value that you are here representing Constant Contact. If I call up the office switchboard Tara, can I speak with you there? It's just I've called up Constant Contact and hit #9 for the directory and your name is not in there? Perhaps there is a misspelling or something? The name is spelled correctly. I consider that the person is speaking on behalf of that organization based on the message posted ( http://mail-archives.apache.org/mod_mbox/spamassassin-users/200907.mbox/%3cac9ad70907041849m735b0b68mb0909b83216b0...@mail.gmail.com%3e ) Regards, -sm That's great - but we have already established that a few hours ago. As you are keen to offer your opinion and experience; Have you handled spam or irate customer getting spam from Constant Contact? What do you think about Constant Contact having a white list score in Spamassassin despite being listed in the multi.uri? What do you think about them being white listed by Barracuda? I'm keen to hear a cross section of views. I could care less who or what gets whitelisted in any app/device. I care about whether it can be turned off easily or not. If the majority of SA users find CC gives little or no spam, let SA add CC to a whitelist by default. Better to let some spam in by default then to keep ham out. Just don't take away my switch. DAve -- Posterity, you will know how much it cost the present generation to preserve your freedom. I hope you will make good use of it. If you do not, I shall repent in heaven that ever I took half the pains to preserve it. John Quincy Adams http://appleseedinfo.org
Re: constantcontact.com
At 11:00 06-07-2009, rich...@buzzhost.co.uk wrote: Have you handled spam or irate customer getting spam from Constant Contact? I prefer not to comment on that. What do you think about Constant Contact having a white list score in Spamassassin despite being listed in the multi.uri? There are several other domains which are on that list. You can remove a domain from the white list if you believe that it does not belong in it. What do you think about them being white listed by Barracuda? As this mailing list is about SpamAssassin, I don't think that it matters around here. Regards, -sm
Re: constantcontact.com
On Sat, 2009-07-04 at 21:49 -0400, Tara Natanson wrote: Hello, Normally I wouldn't jump in on a technical mailing list such as this, but I was pointed to the archives by someone on the list and saw that someone was asking specific questions on how we operate. I hope I can clear up some stuff and answer any questions. We are an ESP. We have over 250,000 customers. We cater mostly to small businesses and non-profits. The majority of our customers are businesses or organizations with less than 5 employees who don't have an IT or a marketing department. Our product is a do-it yourself type thing with lots of online help. despite the large numbers we do a lot to vet our customers. They are required to have permission, but the real test is how we enforce that. We do a lot at list upload time before they ever mail, scanning lists for things that would indicate it isn't permission based. We have a large database of spamtraps (donated mostly by anti-spammers), and we also look for things such as role addresses. There is more but I can't give away the whole secret sauce for obvious reasons. After an automated review there is usually a list review on the phone with a human in our call center. There customers are required to explain how they have permission to mail etc. If someone makes it through that we then rely on spam complaints after they mail. We are signed up for all feedbackloops available and also get plenty of direct abuse@ complaints as well. We terminate many customers every day, most of them before they ever mail. Most of the people who are bumped from our system are not your average malicous spammers but businesses who were misled, misinformed, or are just plain lacking in clue. We educate those we can and terminate the rest. We do have the occasional outright malicious spammer and we are constantly tweaking our automated upload checks to improve them. As for the whitelisting mentioned in this thread, we are aware of it and in both cases (barracuda and SA skipcheck) we found out after the fact and I can confirm no money changed hands. We work closely with Barracuda when they get spam complaints from their customers regarding us, the decision to whitelist us was theirs alone but it seems it was due to user feedback. When their product would occasionally block our mail their users would complain much louder. If anyone has spam from us they'd like our compliance group to look at I can send it over, please feel free to send it to me and I'll see what I can share with you about the outcome. You can always send to abuse@ but will likely not get anything more than the auto-ack. I'm sorry for the intrusion on your list and I don't want this to get too off topic so please feel free to reply to me off list. Tara Natanson Constant Contact Mail Operations tnatan...@constantcontact.com Perhaps you can look at your customer; Received: from ccm01.constantcontact.com ([63.251.135.74]) by From: GearSourceEurope i...@gearsourceeurope.com Reply-To: i...@gearsourceeurope.com Sender: GearSourceEurope miche...@gearsourceeurope.ccsend.com I've lost count of the times I've been in touch with you over that one (never to get a resolution) As for the Barracuda Whitelist. I think Micheal Perone has an interest in Constant Contact Tara - Or would my information be wrong? Please be aware that LOTS of internal information regarding Constant Contact -v- Barracuda is known to me. Finally - and here is the thing I find a bit odd - if you really are from Constant Contact would you not be using one of their email addresses - or at least a server?. After all, as you put it 'We are an ESP'. AFAICT Natanson.net has no business relation with Constant Contact. Forgive my scepticism, but if you say you are representing them, please post from a place where that can be cited. Interesting to note the domain you've used is also 'anonymous'; Registrant: Domains by Proxy, Inc. DomainsByProxy.com 15111 N. Hayden Rd., Ste 160, PMB 353 Scottsdale, Arizona 85260 United States Registered through: GoDaddy.com, Inc. (http://www.godaddy.com) Domain Name: NATANSON.NET Created on: 16-Aug-02 Expires on: 15-Aug-13 Last Updated on: 12-Apr-06 Administrative Contact: Private, Registration natanson@domainsbyproxy.com Domains by Proxy, Inc. DomainsByProxy.com 15111 N. Hayden Rd., Ste 160, PMB 353 Scottsdale, Arizona 85260 United States (480) 624-2599 Fax -- (480) 624-2598
Re: constantcontact.com
On Sun, Jul 5, 2009 at 3:05 AM, rich...@buzzhost.co.ukrich...@buzzhost.co.uk wrote: Perhaps you can look at your customer; Received: from ccm01.constantcontact.com ([63.251.135.74]) by From: GearSourceEurope i...@gearsourceeurope.com Reply-To: i...@gearsourceeurope.com Sender: GearSourceEurope miche...@gearsourceeurope.ccsend.com I'll let you know what I find. I've lost count of the times I've been in touch with you over that one (never to get a resolution) Me personally? Don't think I've seen this one come up before. If you've sent it to abuse@, I'll see what they've done with it. As for the Barracuda Whitelist. I think Micheal Perone has an interest in Constant Contact Tara - Or would my information be wrong? Please be aware that LOTS of internal information regarding Constant Contact -v- Barracuda is known to me. I don't know Michael, I usually work with Jann Gobble (formerly Jann Linder). All I know is what he has told me. He contacted our support group a few years back out of the blue because when they blocked us several of their customers got very upset. He wanted to work out a way to keep his customers happy and to deal with any spam complaints that came in. he has several direct escalation paths at his disposal should he get complaints about our mail and he uses them when he needs to. Finally - and here is the thing I find a bit odd - if you really are from Constant Contact would you not be using one of their email addresses - or at least a server?. After all, as you put it 'We are an ESP'. sorry, I am on several private lists. Lists I have been on for 10 years through a few different employers. If I signed up for those lists with my @constantcontact.com address my employer would own that mail. I don't really think they'd read my mail, but I'm still not comfortable with that so I sign up for all lists (even the public ones like this) with my own personal domain. Its just my family domain, the website is nothing more than that. AFAICT Natanson.net has no business relation with Constant Contact. Forgive my scepticism, but if you say you are representing them, please post from a place where that can be cited. Interesting to note the domain you've used is also 'anonymous'; There's really nothing to read into there. The domain was purchased for me by a family member a long time ago as a christmas present. It was in their name (along with several other family domains) and they were sick of the snail mail and email they got to the registered addresses so they did something through godaddy to pay for private registration. If it helps I'll email you from work on Monday. I'm actually on vacation this week and purposely do not have access to my work mail. Tara Natanson
Re: buzzhost.co.uk was: Re: constantcontact.com
On Fri, July 3, 2009 23:29, Res wrote: Why are people still using the outdated and no longer recommended domain TXT method? 2 problems: 1: sa uses default mail::spf::query 2: dns hosters use txt for anything even there bind support spf record 3: what about dkim then ? :) The RR type SPF was ratified some time ago. If an OS uses an antiquated resolver that does not know about the SPF RR, that too is the operators problem, no one elses. i know i can use spf rr, but what will happend on remote if mail::spf is not used ? :) -Beware of programmers who carry screwdrivers i wish i had one of them sometimes :) -- xpoint
Re: buzzhost.co.uk was: Re: constantcontact.com
On Sat, July 4, 2009 07:16, rich...@buzzhost.co.uk wrote: . Even Benny's You don't have SPF so I'm blocking you was clearly b/s when I tried it with other MX's with no SPF. Nothing more than a kiddy rule set-up FWICS. thanks for 170 spam mails, your /29 is now perm blocked in my postfwd, pleaase say nice job to me for help out on your silly spf that is non working and even the openspf wizard is maybe not very helpfull to you ?, get a life before its to late -- xpoint
Re: buzzhost.co.uk was: Re: constantcontact.com
On Sun, 2009-07-05 at 18:36 +0200, Benny Pedersen wrote: On Sat, July 4, 2009 07:16, rich...@buzzhost.co.uk wrote: . Even Benny's You don't have SPF so I'm blocking you was clearly b/s when I tried it with other MX's with no SPF. Nothing more than a kiddy rule set-up FWICS. thanks for 170 spam mails, your /29 is now perm blocked in my postfwd, pleaase say nice job to me for help out on your silly spf that is non working and even the openspf wizard is maybe not very helpfull to you ?, get a life before its to late FOAD TWONK
Re: constantcontact.com
On Sun, 2009-07-05 at 09:28 -0400, Tara Natanson wrote: On Sun, Jul 5, 2009 at 3:05 AM, rich...@buzzhost.co.ukrich...@buzzhost.co.uk wrote: Perhaps you can look at your customer; Received: from ccm01.constantcontact.com ([63.251.135.74]) by From: GearSourceEurope i...@gearsourceeurope.com Reply-To: i...@gearsourceeurope.com Sender: GearSourceEurope miche...@gearsourceeurope.ccsend.com I'll let you know what I find. I've lost count of the times I've been in touch with you over that one (never to get a resolution) Me personally? Don't think I've seen this one come up before. If you've sent it to abuse@, I'll see what they've done with it. If you could. It's been ongoing. It's funny you are here saying you deal with this stuff, yet my server logs tell me something rather different. However, I'll give you the benefit for now. As for the Barracuda Whitelist. I think Micheal Perone has an interest in Constant Contact Tara - Or would my information be wrong? Please be aware that LOTS of internal information regarding Constant Contact -v- Barracuda is known to me. I don't know Michael, I usually work with Jann Gobble (formerly Jann Linder). All I know is what he has told me. He contacted our support group a few years back out of the blue because when they blocked us several of their customers got very upset. He wanted to work out a way to keep his customers happy and to deal with any spam complaints that came in. he has several direct escalation paths at his disposal should he get complaints about our mail and he uses them when he needs to. That is an interesting inversion of what has been said inside Barracuda. The story went that Constant Contacted did so much bitching about having there mail blocked Linder had to white list them. Orders from on high. Whilst he is only a grunt responsible for the 'intent' listings and partly the Barracuda BL, I've no reason to doubt the version of events circulating around the US and UK offices regarding Constant Contact. I can tell you that I handled a fair few calls from UK and US customers very unhappy with the fact Constant Contact were white listed following questionable email. I recall speaking with him at the time and the view he expressed to me was he would like to have blocked you period but his hands were tied. I don't dispute *YOU* don't know MP. I've got a gut feel there will be a connection there somewhere. Normally, when spammers are white listed, Perone has an interest or a friend some place. Finally - and here is the thing I find a bit odd - if you really are from Constant Contact would you not be using one of their email addresses - or at least a server?. After all, as you put it 'We are an ESP'. sorry, I am on several private lists. Lists I have been on for 10 years through a few different employers. If I signed up for those lists with my @constantcontact.com address my employer would own that mail. I don't really think they'd read my mail, but I'm still not comfortable with that so I sign up for all lists (even the public ones like this) with my own personal domain. Its just my family domain, the website is nothing more than that. Well, I can only take you at face value that you are here representing Constant Contact. If I call up the office switchboard Tara, can I speak with you there? It's just I've called up Constant Contact and hit #9 for the directory and your name is not in there? Perhaps there is a misspelling or something? AFAICT Natanson.net has no business relation with Constant Contact. Forgive my scepticism, but if you say you are representing them, please post from a place where that can be cited. Interesting to note the domain you've used is also 'anonymous'; There's really nothing to read into there. The domain was purchased for me by a family member a long time ago as a christmas present. It was in their name (along with several other family domains) and they were sick of the snail mail and email they got to the registered addresses so they did something through godaddy to pay for private registration. If it helps I'll email you from work on Monday. I'm actually on vacation this week and purposely do not have access to my work mail. I'll call up between 9-9 est and speak with you about the issues with a couple of other regulars from CC. Tara Natanson
Re: constantcontact.com
Hello, Normally I wouldn't jump in on a technical mailing list such as this, but I was pointed to the archives by someone on the list and saw that someone was asking specific questions on how we operate. I hope I can clear up some stuff and answer any questions. We are an ESP. We have over 250,000 customers. We cater mostly to small businesses and non-profits. The majority of our customers are businesses or organizations with less than 5 employees who don't have an IT or a marketing department. Our product is a do-it yourself type thing with lots of online help. despite the large numbers we do a lot to vet our customers. They are required to have permission, but the real test is how we enforce that. We do a lot at list upload time before they ever mail, scanning lists for things that would indicate it isn't permission based. We have a large database of spamtraps (donated mostly by anti-spammers), and we also look for things such as role addresses. There is more but I can't give away the whole secret sauce for obvious reasons. After an automated review there is usually a list review on the phone with a human in our call center. There customers are required to explain how they have permission to mail etc. If someone makes it through that we then rely on spam complaints after they mail. We are signed up for all feedbackloops available and also get plenty of direct abuse@ complaints as well. We terminate many customers every day, most of them before they ever mail. Most of the people who are bumped from our system are not your average malicous spammers but businesses who were misled, misinformed, or are just plain lacking in clue. We educate those we can and terminate the rest. We do have the occasional outright malicious spammer and we are constantly tweaking our automated upload checks to improve them. As for the whitelisting mentioned in this thread, we are aware of it and in both cases (barracuda and SA skipcheck) we found out after the fact and I can confirm no money changed hands. We work closely with Barracuda when they get spam complaints from their customers regarding us, the decision to whitelist us was theirs alone but it seems it was due to user feedback. When their product would occasionally block our mail their users would complain much louder. If anyone has spam from us they'd like our compliance group to look at I can send it over, please feel free to send it to me and I'll see what I can share with you about the outcome. You can always send to abuse@ but will likely not get anything more than the auto-ack. I'm sorry for the intrusion on your list and I don't want this to get too off topic so please feel free to reply to me off list. Tara Natanson Constant Contact Mail Operations tnatan...@constantcontact.com
Re: constantcontact.com
On Fri, Jul 3, 2009 at 2:39 AM, rich...@buzzhost.co.ukrich...@buzzhost.co.uk wrote: I'm probably missing something here - but Constant Contact (who we block by IP) have been a nagging source of spam for us. I'm just wondering why Could you share your IP list? I'd like to block these clowns too (and I'm lazy). 25_uribl.cf has this line in it: ## DOMAINS TO SKIP (KNOWN GOOD) # Don't bother looking for example domains as per RFC 2606. uridnsbl_skip_domain example.com example.net example.org .. uridnsbl_skip_domain constantcontact.com corporate-ir.net cox.net cs.com Is this a uri that is really suitable for white listing ?
Re: constantcontact.com
On Fri, 2009-07-03 at 03:50 -0400, Aaron Wolfe wrote: On Fri, Jul 3, 2009 at 2:39 AM, rich...@buzzhost.co.ukrich...@buzzhost.co.uk wrote: I'm probably missing something here - but Constant Contact (who we block by IP) have been a nagging source of spam for us. I'm just wondering why Could you share your IP list? I'd like to block these clowns too (and I'm lazy). 25_uribl.cf has this line in it: ## DOMAINS TO SKIP (KNOWN GOOD) # Don't bother looking for example domains as per RFC 2606. uridnsbl_skip_domain example.com example.net example.org .. uridnsbl_skip_domain constantcontact.com corporate-ir.net cox.net cs.com Is this a uri that is really suitable for white listing ? The biggest offenders for me fall in these ranges; 63.251.135.64 - 63.251.135.127 66.151.234.144 - 66.151.234.159 208.75.120.0 - 208.75.123.255 Constant contact will tell you they are opt-in. That is B/S. The are using a honeypot address used only in usenet post from around 2 years ago. It is always bounced with a 550, but still they keep knocking.
Re: constantcontact.com
rich...@buzzhost.co.uk wrote: I'm probably missing something here - but Constant Contact (who we block by IP) have been a nagging source of spam for us. I'm just wondering why 25_uribl.cf has this line in it: ## DOMAINS TO SKIP (KNOWN GOOD) # Don't bother looking for example domains as per RFC 2606. uridnsbl_skip_domain example.com example.net example.org .. uridnsbl_skip_domain constantcontact.com corporate-ir.net cox.net cs.com Is this a uri that is really suitable for white listing ? A set of perl modules has been uploaded to cpan today for talking to the ConstantContact API: http://search.cpan.org/~arich/Email-ConstantContact-0.02/lib/Email/ConstantContact.pm I just thought it was a weird coincidence, seeing as I'd never heared of them before today. -- Mike Cardwell - IT Consultant and LAMP developer Cardwell IT Ltd. (UK Reg'd Company #06920226) http://cardwellit.com/
Re: constantcontact.com
rich...@buzzhost.co.uk ha scritto: On Fri, 2009-07-03 at 03:50 -0400, Aaron Wolfe wrote: On Fri, Jul 3, 2009 at 2:39 AM, rich...@buzzhost.co.ukrich...@buzzhost.co.uk wrote: I'm probably missing something here - but Constant Contact (who we block by IP) have been a nagging source of spam for us. I'm just wondering why Could you share your IP list? I'd like to block these clowns too (and I'm lazy). 25_uribl.cf has this line in it: ## DOMAINS TO SKIP (KNOWN GOOD) # Don't bother looking for example domains as per RFC 2606. uridnsbl_skip_domain example.com example.net example.org .. uridnsbl_skip_domain constantcontact.com corporate-ir.net cox.net cs.com Is this a uri that is really suitable for white listing ? The biggest offenders for me fall in these ranges; 63.251.135.64 - 63.251.135.127 66.151.234.144 - 66.151.234.159 208.75.120.0 - 208.75.123.255 Constant contact will tell you they are opt-in. That is B/S. The are using a honeypot address used only in usenet post from around 2 years ago. It is always bounced with a 550, but still they keep knocking. Well, it certainly is constant contact...
Re: constantcontact.com
I've heard that they are diligent about terminating abusive clients. Are you reporting these spams to them? --j. On Fri, Jul 3, 2009 at 09:55, Mike Cardwellspamassassin-us...@lists.grepular.com wrote: rich...@buzzhost.co.uk wrote: I'm probably missing something here - but Constant Contact (who we block by IP) have been a nagging source of spam for us. I'm just wondering why 25_uribl.cf has this line in it: ## DOMAINS TO SKIP (KNOWN GOOD) # Don't bother looking for example domains as per RFC 2606. uridnsbl_skip_domain example.com example.net example.org .. uridnsbl_skip_domain constantcontact.com corporate-ir.net cox.net cs.com Is this a uri that is really suitable for white listing ? A set of perl modules has been uploaded to cpan today for talking to the ConstantContact API: http://search.cpan.org/~arich/Email-ConstantContact-0.02/lib/Email/ConstantContact.pm I just thought it was a weird coincidence, seeing as I'd never heared of them before today. -- Mike Cardwell - IT Consultant and LAMP developer Cardwell IT Ltd. (UK Reg'd Company #06920226) http://cardwellit.com/
Re: constantcontact.com
On Fri, 2009-07-03 at 10:06 +0100, Justin Mason wrote: I've heard that they are diligent about terminating abusive clients. Are you reporting these spams to them? Yes - but you would thing a log full of 550's may be a clue. What concerns me is SpamAssassin effectively white listing spammers. White listing should be a user option - not something added in a nefarious manner. At least it is clear to see with Spamassassin which is a plus - but I cannot pretend that I am not disappointed to find a whitelisted 'spammer net' in the core rules. I'm wondering why (other than MONEY) it would have ended up in there?
Re: constantcontact.com
On Fri, Jul 3, 2009 at 5:06 AM, Justin Masonj...@jmason.org wrote: I've heard that they are diligent about terminating abusive clients. Are you reporting these spams to them? --j. From what I've seen, most of the traffic from them probably doesn't qualify as spam by the common definition. It is, however, stuff that nobody here wants. I'm surprised SA is giving them a pass, but there have been other strange things that got a free ride through SA in the past, like Habeas certified junk. On Fri, Jul 3, 2009 at 09:55, Mike Cardwellspamassassin-us...@lists.grepular.com wrote: rich...@buzzhost.co.uk wrote: I'm probably missing something here - but Constant Contact (who we block by IP) have been a nagging source of spam for us. I'm just wondering why 25_uribl.cf has this line in it: ## DOMAINS TO SKIP (KNOWN GOOD) # Don't bother looking for example domains as per RFC 2606. uridnsbl_skip_domain example.com example.net example.org .. uridnsbl_skip_domain constantcontact.com corporate-ir.net cox.net cs.com Is this a uri that is really suitable for white listing ? A set of perl modules has been uploaded to cpan today for talking to the ConstantContact API: http://search.cpan.org/~arich/Email-ConstantContact-0.02/lib/Email/ConstantContact.pm I just thought it was a weird coincidence, seeing as I'd never heared of them before today. -- Mike Cardwell - IT Consultant and LAMP developer Cardwell IT Ltd. (UK Reg'd Company #06920226) http://cardwellit.com/
Re: constantcontact.com
On Fri, 2009-07-03 at 05:16 -0400, Aaron Wolfe wrote: On Fri, Jul 3, 2009 at 5:06 AM, Justin Masonj...@jmason.org wrote: I've heard that they are diligent about terminating abusive clients. Are you reporting these spams to them? --j. From what I've seen, most of the traffic from them probably doesn't qualify as spam by the common definition. It is, however, stuff that nobody here wants. I'm surprised SA is giving them a pass, but there have been other strange things that got a free ride through SA in the past, like Habeas certified junk. On Fri, Jul 3, 2009 at 09:55, Mike Cardwellspamassassin-us...@lists.grepular.com wrote: rich...@buzzhost.co.uk wrote: I'm probably missing something here - but Constant Contact (who we block by IP) have been a nagging source of spam for us. I'm just wondering why 25_uribl.cf has this line in it: ## DOMAINS TO SKIP (KNOWN GOOD) # Don't bother looking for example domains as per RFC 2606. uridnsbl_skip_domain example.com example.net example.org .. uridnsbl_skip_domain constantcontact.com corporate-ir.net cox.net cs.com Is this a uri that is really suitable for white listing ? A set of perl modules has been uploaded to cpan today for talking to the ConstantContact API: http://search.cpan.org/~arich/Email-ConstantContact-0.02/lib/Email/ConstantContact.pm I just thought it was a weird coincidence, seeing as I'd never heared of them before today. -- Mike Cardwell - IT Consultant and LAMP developer Cardwell IT Ltd. (UK Reg'd Company #06920226) http://cardwellit.com/
Re: constantcontact.com
On Fri, 2009-07-03 at 05:16 -0400, Aaron Wolfe wrote: From what I've seen, most of the traffic from them probably doesn't qualify as spam by the common definition. It is, however, stuff that nobody here wants. I think we are all to generous in what we consider to be 'spam' -v- 'ham'. If it has come from any form of 'marketing' or 'communication' company then clearly it is bulk, most likely it is sales based, and almost certainly it is unsolicited. That makes it spam to me. Coming from Barracuda (the original 'pay to spam' company) I am always suspicious of the motives of any spam-net appearing in a white list. Very suspicious indeed. If you can see it in the core rules, are any other rules weighted in the favour of people like Constant Contact? I've opened up the RBL listing I have for them - lets see how much of it passes through Spamassassin and what score it gets :-)
Re: constantcontact.com
On 7/3/2009 11:14 AM, rich...@buzzhost.co.uk wrote: On Fri, 2009-07-03 at 10:06 +0100, Justin Mason wrote: I've heard that they are diligent about terminating abusive clients. Are you reporting these spams to them? Yes - but you would thing a log full of 550's may be a clue. What concerns me is SpamAssassin effectively white listing spammers. White listing should be a user option - not something added in a nefarious manner. At least it is clear to see with Spamassassin which is a plus - but I cannot pretend that I am not disappointed to find a whitelisted 'spammer net' in the core rules. I'm wondering why (other than MONEY) it would have ended up in there? this has a historical reasons and its not about whitelisting spammers Many moons ago, when SA started doing URI lookup with the SpamcopURI plugin, there was only one URI BL: SURBL and to spare it from unnecessary queries, the skip list was implemented avoid the extar load and a number of ESPs which back then were considered to never send UBE/UCE were added. Times have changed and there's option regarding URI lookups, in public and private BLs. Also, URI Bls can handle way more traffic than they could 6 or 7 years back. There have been numerous requests to get some of these skip entries removed but non was honoured. The bottom line is that its trivial and cheaper to write a static URI rule to tag a URL (if you really need to) and which doesn't affect the globe, than hammering the BLs with zillion of extra queries. SA is conservative and caters to a VERY wide user base, with VERY different understanding what is UBE/UCE so while everyone saves reources on useless queries, you still havea way to score constantcontact with 100 if its your choice. axb
Re: constantcontact.com
On Fri, 2009-07-03 at 12:06 +0200, Yet Another Ninja wrote: On 7/3/2009 11:14 AM, rich...@buzzhost.co.uk wrote: On Fri, 2009-07-03 at 10:06 +0100, Justin Mason wrote: I've heard that they are diligent about terminating abusive clients. Are you reporting these spams to them? Yes - but you would thing a log full of 550's may be a clue. What concerns me is SpamAssassin effectively white listing spammers. White listing should be a user option - not something added in a nefarious manner. At least it is clear to see with Spamassassin which is a plus - but I cannot pretend that I am not disappointed to find a whitelisted 'spammer net' in the core rules. I'm wondering why (other than MONEY) it would have ended up in there? this has a historical reasons and its not about whitelisting spammers Many moons ago, when SA started doing URI lookup with the SpamcopURI plugin, there was only one URI BL: SURBL and to spare it from unnecessary queries, the skip list was implemented avoid the extar load and a number of ESPs which back then were considered to never send UBE/UCE were added. Times have changed and there's option regarding URI lookups, in public and private BLs. Also, URI Bls can handle way more traffic than they could 6 or 7 years back. There have been numerous requests to get some of these skip entries removed but non was honoured. The bottom line is that its trivial and cheaper to write a static URI rule to tag a URL (if you really need to) and which doesn't affect the globe, than hammering the BLs with zillion of extra queries. SA is conservative and caters to a VERY wide user base, with VERY different understanding what is UBE/UCE so while everyone saves reources on useless queries, you still havea way to score constantcontact with 100 if its your choice. axb Should that be Hi$torical Rea$ons ? ;-) There is no current excuse and this kind of alleged legacy rubbish needs to be pulled out. As it stands the is simply white listing a bulker. A spam filter that white lists a spammer - how bizarre ! I'm cynical. The only logical reason I can see for anything of this nature is money changing hands.
Re: constantcontact.com
On Fri, Jul 3, 2009 at 10:14, rich...@buzzhost.co.ukrich...@buzzhost.co.uk wrote: On Fri, 2009-07-03 at 10:06 +0100, Justin Mason wrote: I've heard that they are diligent about terminating abusive clients. Are you reporting these spams to them? Yes - but you would thing a log full of 550's may be a clue. What concerns me is SpamAssassin effectively white listing spammers. White listing should be a user option - not something added in a nefarious manner. At least it is clear to see with Spamassassin which is a plus - but I cannot pretend that I am not disappointed to find a whitelisted 'spammer net' in the core rules. https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5905 has some information on the background; we asked SURBL for their top queried domains that they considered nonspam, and it was in that list. SURBL have always been scrupulous in their operations and listing criteria fwiw. Going by bug 5905 though, and this report, we should probably remove it from the whitelist. I'm wondering why (other than MONEY) it would have ended up in there? Hope that answers your question. note that it didn't involve MONEY. btw silly unfounded accusations mean that it's less likely you'll get anyone to answer your mail, so please don't do that. --j.
Re: constantcontact.com
On Fri, Jul 3, 2009 at 6:11 AM, rich...@buzzhost.co.ukrich...@buzzhost.co.uk wrote: On Fri, 2009-07-03 at 12:06 +0200, Yet Another Ninja wrote: On 7/3/2009 11:14 AM, rich...@buzzhost.co.uk wrote: On Fri, 2009-07-03 at 10:06 +0100, Justin Mason wrote: I've heard that they are diligent about terminating abusive clients. Are you reporting these spams to them? Yes - but you would thing a log full of 550's may be a clue. What concerns me is SpamAssassin effectively white listing spammers. White listing should be a user option - not something added in a nefarious manner. At least it is clear to see with Spamassassin which is a plus - but I cannot pretend that I am not disappointed to find a whitelisted 'spammer net' in the core rules. I'm wondering why (other than MONEY) it would have ended up in there? this has a historical reasons and its not about whitelisting spammers Many moons ago, when SA started doing URI lookup with the SpamcopURI plugin, there was only one URI BL: SURBL and to spare it from unnecessary queries, the skip list was implemented avoid the extar load and a number of ESPs which back then were considered to never send UBE/UCE were added. Times have changed and there's option regarding URI lookups, in public and private BLs. Also, URI Bls can handle way more traffic than they could 6 or 7 years back. There have been numerous requests to get some of these skip entries removed but non was honoured. The bottom line is that its trivial and cheaper to write a static URI rule to tag a URL (if you really need to) and which doesn't affect the globe, than hammering the BLs with zillion of extra queries. SA is conservative and caters to a VERY wide user base, with VERY different understanding what is UBE/UCE so while everyone saves reources on useless queries, you still havea way to score constantcontact with 100 if its your choice. axb Should that be Hi$torical Rea$ons ? ;-) There is no current excuse and this kind of alleged legacy rubbish needs to be pulled out. As it stands the is simply white listing a bulker. A spam filter that white lists a spammer - how bizarre ! I'm cynical. The only logical reason I can see for anything of this nature is money changing hands. I think the point was that the URIBL's are never going to be listing these domains, so why waste time looking them up, right or wrong. It's not really an endorsement by SA, just a way to save resources since this check is not going to return results anyway. Don't know if this theory is correct, but if this is the only special treatment given to constant contact, then I don't really think there is any conspiracy here. Why do a check that isn't going to work anyway? Hopefully the other rules will judge the messages on their own merit, they do seem to catch *some* of the junk coming out of c.c.
Re: constantcontact.com
On 7/3/2009 12:11 PM, rich...@buzzhost.co.uk wrote: On Fri, 2009-07-03 at 12:06 +0200, Yet Another Ninja wrote: On 7/3/2009 11:14 AM, rich...@buzzhost.co.uk wrote: On Fri, 2009-07-03 at 10:06 +0100, Justin Mason wrote: I've heard that they are diligent about terminating abusive clients. Are you reporting these spams to them? Yes - but you would thing a log full of 550's may be a clue. What concerns me is SpamAssassin effectively white listing spammers. White listing should be a user option - not something added in a nefarious manner. At least it is clear to see with Spamassassin which is a plus - but I cannot pretend that I am not disappointed to find a whitelisted 'spammer net' in the core rules. I'm wondering why (other than MONEY) it would have ended up in there? this has a historical reasons and its not about whitelisting spammers Many moons ago, when SA started doing URI lookup with the SpamcopURI plugin, there was only one URI BL: SURBL and to spare it from unnecessary queries, the skip list was implemented avoid the extar load and a number of ESPs which back then were considered to never send UBE/UCE were added. Times have changed and there's option regarding URI lookups, in public and private BLs. Also, URI Bls can handle way more traffic than they could 6 or 7 years back. There have been numerous requests to get some of these skip entries removed but non was honoured. The bottom line is that its trivial and cheaper to write a static URI rule to tag a URL (if you really need to) and which doesn't affect the globe, than hammering the BLs with zillion of extra queries. SA is conservative and caters to a VERY wide user base, with VERY different understanding what is UBE/UCE so while everyone saves reources on useless queries, you still havea way to score constantcontact with 100 if its your choice. axb Should that be Hi$torical Rea$ons ? ;-) There is no current excuse and this kind of alleged legacy rubbish needs to be pulled out. As it stands the is simply white listing a bulker. A spam filter that white lists a spammer - how bizarre ! I'm cynical. The only logical reason I can see for anything of this nature is money changing hands. and if it were as you say, then you should make a better offer ;-) you get SA in source code - nobody stops you from adapting for to your need. .and if you want to be real efficient, block the HELO or IPs at SMTP level.
RE: constantcontact.com
Aaron Wolfe wrote: On Fri, Jul 3, 2009 at 5:06 AM, Justin Masonj...@jmason.org wrote: I've heard that they are diligent about terminating abusive clients. Are you reporting these spams to them? --j. From what I've seen, most of the traffic from them probably doesn't qualify as spam by the common definition. It is, however, stuff that nobody here wants. I'm surprised SA is giving them a pass, but there have been other strange things that got a free ride through SA in the past, like Habeas certified junk. Most of the stuff we see here which comes via Constant Contact does come under the UCE definition, but not all. From http://www.constantcontact.com/pricing/index.jsp , they say: Monthly fee is based on the number of contacts in your email list There's an immediate conflict of interest - if they want to keep their income high, they're going to encourage customers with large mailing lists, regardless of the sources of those lists. They do, however, encourage permission-based email lists ( http://www.constantcontact.com/email-marketing/email-list-management/bui ld-list.jsp ) - whether this meets double-opt-in criteria or not I cannot tell. +1 for not giving them preferential treatment. Cheers, Phil -- Phil Randal | Networks Engineer Herefordshire Council | Deputy Chief Executive's Office | I.C.T. Services Division Thorn Office Centre, Rotherwas, Hereford, HR2 6JT Tel: 01432 260160 email: pran...@herefordshire.gov.uk Any opinion expressed in this e-mail or any attached files are those of the individual and not necessarily those of Herefordshire Council. This e-mail and any attached files are confidential and intended solely for the use of the addressee. This communication may contain material protected by law from being passed on. If you are not the intended recipient and have received this e-mail in error, you are advised that any use, dissemination, forwarding, printing or copying of this e-mail is strictly prohibited. If you have received this e-mail in error please contact the sender immediately and destroy all copies of it.
Re: constantcontact.com
Aaron Wolfe wrote: I think the point was that the URIBL's are never going to be listing these domains, so why waste time looking them up m...@haven:~$ host constantcontact.com.multi.uribl.com constantcontact.com.multi.uribl.com A 127.0.0.4 m...@haven:~$ -- Mike Cardwell - IT Consultant and LAMP developer Cardwell IT Ltd. (UK Reg'd Company #06920226) http://cardwellit.com/
Re: constantcontact.com
On Fri, 2009-07-03 at 11:19 +0100, Justin Mason wrote: On Fri, Jul 3, 2009 at 10:14, rich...@buzzhost.co.ukrich...@buzzhost.co.uk wrote: On Fri, 2009-07-03 at 10:06 +0100, Justin Mason wrote: I've heard that they are diligent about terminating abusive clients. Are you reporting these spams to them? Yes - but you would thing a log full of 550's may be a clue. What concerns me is SpamAssassin effectively white listing spammers. White listing should be a user option - not something added in a nefarious manner. At least it is clear to see with Spamassassin which is a plus - but I cannot pretend that I am not disappointed to find a whitelisted 'spammer net' in the core rules. https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5905 has some information on the background; we asked SURBL for their top queried domains that they considered nonspam, and it was in that list. SURBL have always been scrupulous in their operations and listing criteria fwiw. Going by bug 5905 though, and this report, we should probably remove it from the whitelist. I'm wondering why (other than MONEY) it would have ended up in there? Hope that answers your question. note that it didn't involve MONEY. btw silly unfounded accusations mean that it's less likely you'll get anyone to answer your mail, so please don't do that. Like I say - I come from a background where money changes hands to spam, this makes me cynical. My apologies if that offends, but it tends to be disappointingly accurate on the majority of occasions. --j.
Re: constantcontact.com
On 7/3/2009 12:19 PM, Justin Mason wrote: On Fri, Jul 3, 2009 at 10:14, rich...@buzzhost.co.ukrich...@buzzhost.co.uk wrote: On Fri, 2009-07-03 at 10:06 +0100, Justin Mason wrote: I've heard that they are diligent about terminating abusive clients. Are you reporting these spams to them? Yes - but you would thing a log full of 550's may be a clue. What concerns me is SpamAssassin effectively white listing spammers. White listing should be a user option - not something added in a nefarious manner. At least it is clear to see with Spamassassin which is a plus - but I cannot pretend that I am not disappointed to find a whitelisted 'spammer net' in the core rules. https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5905 has some information on the background; we asked SURBL for their top queried domains that they considered nonspam, and it was in that list. SURBL have always been scrupulous in their operations and listing criteria fwiw. Going by bug 5905 though, and this report, we should probably remove it from the whitelist. As you can see, I was the one who started that bug .-)
Re: constantcontact.com
On Fri, 2009-07-03 at 11:26 +0100, Mike Cardwell wrote: Aaron Wolfe wrote: I think the point was that the URIBL's are never going to be listing these domains, so why waste time looking them up m...@haven:~$ host constantcontact.com.multi.uribl.com constantcontact.com.multi.uribl.com A 127.0.0.4 m...@haven:~$ Oh Dear - that kind of rains on the parade of the 'legacy' argument and puts the ball into the SA court. I also get that; ;; ANSWER SECTION: constantcontact.com.multi.uribl.com. 1800 IN A 127.0.0.4 Seems like the cynical who make 'silly assumptions' may not be as silly as we first thought. There name came up when I was at Barracuda. AFAIR they were white listed on the Barracuda White List. No amount of customer complaints seemed to change that either
Re: constantcontact.com
On 7/3/2009 12:32 PM, rich...@buzzhost.co.uk wrote: On Fri, 2009-07-03 at 11:26 +0100, Mike Cardwell wrote: Aaron Wolfe wrote: I think the point was that the URIBL's are never going to be listing these domains, so why waste time looking them up m...@haven:~$ host constantcontact.com.multi.uribl.com constantcontact.com.multi.uribl.com A 127.0.0.4 m...@haven:~$ Oh Dear - that kind of rains on the parade of the 'legacy' argument and puts the ball into the SA court. not really - the implemented score in SA is so low that it won't do much. Other apps may treat it differently. I also get that; ;; ANSWER SECTION: constantcontact.com.multi.uribl.com. 1800 IN A 127.0.0.4 Seems like the cynical who make 'silly assumptions' may not be as silly as we first thought. There name came up when I was at Barracuda. AFAIR they were white listed on the Barracuda White List. No amount of customer complaints seemed to change that either grey.uribl.com - This lists contains domains found in UBE/UCE, and possibly honour opt-out requests. It may include ESPs which allow customers to import their recipient lists and may have no control over the subscription methods. This list can and probably will cause False Positives depending on your definition of UBE/UCE. This zone rebuilds several times a day as necessary. It still doesn't change the fact that not everyone has the feeling ContantContact sends UBE/UCE I'm leaving my personal opinion out of the game.
Re: constantcontact.com
On Fri, Jul 3, 2009 at 6:26 AM, Mike Cardwellspamassassin-us...@lists.grepular.com wrote: Aaron Wolfe wrote: I think the point was that the URIBL's are never going to be listing these domains, so why waste time looking them up m...@haven:~$ host constantcontact.com.multi.uribl.com constantcontact.com.multi.uribl.com A 127.0.0.4 m...@haven:~$ to be clear, I was explaining why the entry exists, not whether or not it should be there. still don't think there is any conspiracy here, probably just an outdated or inaccurate assumption. -- Mike Cardwell - IT Consultant and LAMP developer Cardwell IT Ltd. (UK Reg'd Company #06920226) http://cardwellit.com/
Re: constantcontact.com
On Fri, 2009-07-03 at 06:41 -0400, Aaron Wolfe wrote: On Fri, Jul 3, 2009 at 6:26 AM, Mike Cardwellspamassassin-us...@lists.grepular.com wrote: Aaron Wolfe wrote: I think the point was that the URIBL's are never going to be listing these domains, so why waste time looking them up m...@haven:~$ host constantcontact.com.multi.uribl.com constantcontact.com.multi.uribl.com A 127.0.0.4 m...@haven:~$ to be clear, I was explaining why the entry exists, not whether or not it should be there. still don't think there is any conspiracy here, probably just an outdated or inaccurate assumption. -- Mike Cardwell - IT Consultant and LAMP developer Cardwell IT Ltd. (UK Reg'd Company #06920226) http://cardwellit.com/ Here is a curious thing. I raised a ticket with CC about the spam only to have it answered under a different name; received: from utileu01.rightnowtech.com (utileu01.rightnowtech.com [206.17.168.28]) Now, if you are in the business of legitimate email marketing, why are you sending your own control messages under a different company name and from a different range? Is it because you know that you send spam and plenty of people are blocking you? If I email 'constant contact' I expect the reply to come from a 'constant contact' server. This is all drifting. My own view is there are several entries in there that should not be. Constant Contact is just a strikingly obvious one.
Re: constantcontact.com
Le 03/07/2009 12:19, Justin Mason a écrit : Going by bug 5905 though, and this report, we should probably remove it from the whitelist. Is there any *clean* way (i.e. something that could be put in local.cf or equivalent in order to override files updated by sa-update) for users to remove this now? In other words, is there a directive such as uridnsbl_dont_skip_this_domain_after_all ?-) John. -- -- Over 3000 webcams from ski resorts around the world - www.snoweye.com -- Translate your technical documents and web pages- www.tradoc.fr
Re: constantcontact.com
grey.uribl.com - This lists contains domains found in UBE/UCE, and possibly honour opt-out requests. It may include ESPs which allow customers to import their recipient lists and may have no control over the subscription methods. This list can and probably will cause False Positives depending on your definition of UBE/UCE. This zone rebuilds several times a day as necessary. It still doesn't change the fact that not everyone has the feeling ContantContact sends UBE/UCE For what it's worth, I do get legitimate mail from contantcontact. I have signed up for updates from a local restaurant and they use constantcontact. It was definitely not confirmred opt in, but the restaurant people (that I know personally) seems legit. I suspect there's a lot of this. The real problem is that constantcontact is neither an outright spammer nor a fully legitimate mailer. They provide services to third parties, some of which are spammers. But, they clearly do not have effective means of enforcing that their customers do not spam. I get spam from constantcontact, obviously having been signed up by one of their customers illegitimately. This is fairly frequent (more than legit mail), and I do forward it to ab...@. I don't recall getting we have terminated our relationship with this customer and kept the money From the non-spamming bond as a reply; it's more like we've added your email to the list who will never get mail from this client. I may also have reported constantcontact to URIBL. My experience with URIBL is that they are conservative in adding listings of such marginal places (too conservative in my opinion, as evidenced by the log of REJ: too many legitimate users; use a local rule replies :-). I think part of why this is hard is that different people have vastly different ham/spam ratios for constantcontact. People who sign up for many newsletters and have a newish address perhaps see only/mostly ham. I am not into newsletters and my experience is mostly spam. Surely the fraction of constantcontact urls that would be looked up relative to the total url lookup load is miniscule, but I don't have data. Is anyone from constantcontact here? Could they explain the contractual framework by which they do (or don't) require customers to agree to follow opt in? Could they explain what they do when they encounter customers who add addresses that are not opt in? (In my view people who can do bulk subscription without an ESP confirming opt-in should have to post a big bond attesting that the addresses are COI already, to bring the ESP spam level down to very low levels. Otherwise I consider the ESP to be a spammer.) So I don't see a reason to give constantcontact a pass from uribl lookups at the SA level. (We can have a separate debate about the score for URIBL_GREY, but my experience is that most hits are spam and I score it up to +2 from 0.2.) pgpC12YslUZtR.pgp Description: PGP signature
Re: constantcontact.com
On Fri, July 3, 2009 10:14, rich...@buzzhost.co.uk wrote: Constant contact will tell you they are opt-in. That is B/S. The are using a honeypot address used only in usenet post from around 2 years ago. It is always bounced with a 550, but still they keep knocking. v=spf1 ptr dom=buzzhost.co.uk a:mail mx:all ip4:62.233.82.168 ip4:82.70.24.238 -all doh : empty tunders buls most and all that crap, fix your spf and you get better results! http://old.openspf.org/wizard.html?mydomain=buzzhost.co.uksubmit=Go! it could very well not be a forged sender that opt in for you ? ptr in spf is silly ! -- xpoint
Re: constantcontact.com
rich...@buzzhost.co.uk wrote: Should that be Hi$torical Rea$ons ? If there was a monetary reason (aka bribe), I'd think CC would have been whitelisted. As it is, CC is *not* whitelisted in SA. At least not according to your own posts. What you have noted is that CC is *skipped* by *one* (1) type of rules (URIBL checks). No more, no less. As it stands the is simply white listing a bulker. No, it isnä't. Skipping URIBL checks for a domain is very far from whitelisting the domain when done in SA. SA is a scoring system where the combined score of all rules is what decides how to flag a message. I'm cynical. The only logical reason I can see for anything of this nature is money changing hands. That's not beeing cynical. It's beeing unbelievably unimaginative. /Jonas -- Jonas Eckerman Fruktträdet Förbundet Sveriges Dövblinda http://www.fsdb.org/ http://www.frukt.org/ http://whatever.frukt.org/
Re: constantcontact.com
On Fri, July 3, 2009 12:26, Mike Cardwell wrote: m...@haven:~$ host constantcontact.com.multi.uribl.com constantcontact.com.multi.uribl.com A 127.0.0.4 m...@haven:~$ skib in sa forbid it to hit, silly :) -- xpoint
Re: constantcontact.com
rich...@buzzhost.co.uk wrote: m...@haven:~$ host constantcontact.com.multi.uribl.com constantcontact.com.multi.uribl.com A 127.0.0.4 m...@haven:~$ Oh Dear - that kind of rains on the parade of the 'legacy' argument and puts the ball into the SA court. Actually, it gives strength to the legacy argument, and the ball wass allready in the SA court. (You do know what legacy means, right?) constantcontact.com.multi.uribl.com. 1800 IN A 127.0.0.4 Seems like the cynical who make 'silly assumptions' may not be as silly as we first thought. Seems like you think missing a score of 0.25 would be worth money to someone. I think that's pretty silly. Calling it whitelisting also seems silly. I do think that the skipping of CC should be reviewed though. It might be listed in other URIDNSBLs for example. If the main purpose of the default list of domains to skip URIDNSBL checks for is to save resources by not checking domains that won't be hit anyway, then the whole list should probably be regularly checked by a script that simply flags any domains present on URIDNSBLs for review (or possibly just comment them out of the list). /Jonas -- Jonas Eckerman Fruktträdet Förbundet Sveriges Dövblinda http://www.fsdb.org/ http://www.frukt.org/ http://whatever.frukt.org/
[Fwd: Re: constantcontact.com]
Original Message Subject: Re: constantcontact.com From:rich...@buzzhost.co.uk rich...@buzzhost.co.uk Date:Fri, July 3, 2009 15:04 To: Benny Pedersen m...@junc.org -- On Fri, 2009-07-03 at 14:39 +0200, Benny Pedersen wrote: On Fri, July 3, 2009 10:14, rich...@buzzhost.co.uk wrote: Constant contact will tell you they are opt-in. That is B/S. The are using a honeypot address used only in usenet post from around 2 years ago. It is always bounced with a 550, but still they keep knocking. v=spf1 ptr dom=buzzhost.co.uk a:mail mx:all ip4:62.233.82.168 ip4:82.70.24.238 -all doh : empty tunders buls most and all that crap, fix your spf and you get better results! http://old.openspf.org/wizard.html?mydomain=buzzhost.co.uksubmit=Go! it could very well not be a forged sender that opt in for you ? ptr in spf is silly ! You often spout a load of retarded nigger shit Benny. Fucking grow up before someone punches your teeth out. -- its your domain, not my problem -- xpoint
Re: constantcontact.com
On Fri, 2009-07-03 at 14:54 +0200, Jonas Eckerman wrote: rich...@buzzhost.co.uk wrote: m...@haven:~$ host constantcontact.com.multi.uribl.com constantcontact.com.multi.uribl.com A 127.0.0.4 m...@haven:~$ Oh Dear - that kind of rains on the parade of the 'legacy' argument and puts the ball into the SA court. Actually, it gives strength to the legacy argument, and the ball wass allready in the SA court. (You do know what legacy means, right?) Sure - do you? If it's left in the core code because the URI never listed CC in the past that makes it legacy to me. If we consider that argument now that cc *is* listed by urbl then the legacy argument that was used, is gone. It becomes an SA issue for effectively white listing *from urbl lookups* a known rotten/black listed uri. constantcontact.com.multi.uribl.com. 1800 IN A 127.0.0.4 Seems like the cynical who make 'silly assumptions' may not be as silly as we first thought. Seems like you think missing a score of 0.25 would be worth money to someone. I think that's pretty silly. Depends. If you are sitting at 4.79 and the have a block score of 5.00 it makes a difference. Calling it whitelisting also seems silly. Jonas I always thought you were grown up enough to be able to fill in the blanks here. White listed from URI lookups. Please, don't be silly now. I do think that the skipping of CC should be reviewed though. It might be listed in other URIDNSBLs for example. If the main purpose of the default list of domains to skip URIDNSBL checks for is to save resources by not checking domains that won't be hit anyway, then the whole list should probably be regularly checked by a script that simply flags any domains present on URIDNSBLs for review (or possibly just comment them out of the list). /Jonas It's about using every possible piece of evidence available to block spam. Not to 'grease the wheels' and let it through. Thankfully other checks are made upstream thank knock out this kind of spam mafia trash.
buzzhost.co.uk was: Re: constantcontact.com
On Fri, July 3, 2009 15:13, rich...@buzzhost.co.uk wrote: folowup: v=spf1 ip4:62.233.82.168 ip4:82.70.24.238 mx ~all in dns v=spf1 ip4:62.233.82.168 ip4:82.70.24.238 mx ~all localhost. IN TXT v=spf1 a -all mail1.buzzhost.co.uk. IN TXT v=spf1 a -all mail2.buzzhost.co.uk. IN TXT v=spf1 a -all mail3.buzzhost.co.uk. IN TXT v=spf1 a -all smtp.spamsandwich.co.uk. IN TXT v=spf1 a -all spam2.spamology.co.uk. IN TXT v=spf1 a -all well its your domain your problem to add this to dns, not my problem if more help is needed post to this maillist so more can help you :) -- xpoint
Re: constantcontact.com
In defense of Constant Contact, they are in the business of sending out mailings for people, they are not themselves spammers. They perform a service and they do it as best they can given the circumstances in which they work. I have used them to send out mail to mailing lists of a non-profit organization that I help and also used it during the previous presidential campaign. All the addresses were collected via people coming to the website, typing in their address, getting an email from constant contact and clicking on a yes, I want to sign up for this list link. All mail was sent out with a return address that went to a real person, and every message contained a link to get off the mailing. This is required by Constant Contact. Secondly, if you unsubscribe using the unsubscribe link, Constant Contact does not let that address be mailed to again unless it is re-opted in by signing up again and the person clicking on the opt-in link. Constant Contact keeps track of complaints and when it gets above something like one or two per thousand they cancel the account. If you are getting spam via them, you should send it to their abuse department. They do take the reports seriously. And by the way, from time to time I receive what surely looks like spam via Constant Contact. I save all my mail. I went back and searched and sure enough, it *was* something I signed up for but had completely forgotten. A simple click of their unsubscribe link and no more of that. I would not personally give mail from Constant Contact a higher score just because it originated from there. The likelihood is the message is ham, most likely the user forgot they opted like I did, or perhaps someone is abusing Constant Comment. Michael Grant
Re: constantcontact.com
On Fri, 2009-07-03 at 15:53 +0200, Benny Pedersen wrote: On Fri, July 3, 2009 15:13, rich...@buzzhost.co.uk wrote: folowup: v=spf1 ip4:62.233.82.168 ip4:82.70.24.238 mx ~all in dns v=spf1 ip4:62.233.82.168 ip4:82.70.24.238 mx ~all localhost. IN TXT v=spf1 a -all mail1.buzzhost.co.uk. IN TXT v=spf1 a -all mail2.buzzhost.co.uk. IN TXT v=spf1 a -all mail3.buzzhost.co.uk. IN TXT v=spf1 a -all smtp.spamsandwich.co.uk. IN TXT v=spf1 a -all spam2.spamology.co.uk. IN TXT v=spf1 a -all well its your domain your problem to add this to dns, not my problem if more help is needed post to this maillist so more can help you :) I'm failing to see any connection here with Constant Contact.
Re: constantcontact.com
On Fri, July 3, 2009 16:31, rich...@buzzhost.co.uk wrote: On Fri, 2009-07-03 at 15:53 +0200, Benny Pedersen wrote: On Fri, July 3, 2009 15:13, rich...@buzzhost.co.uk wrote: folowup: v=spf1 ip4:62.233.82.168 ip4:82.70.24.238 mx ~all in dns v=spf1 ip4:62.233.82.168 ip4:82.70.24.238 mx ~all localhost. IN TXT v=spf1 a -all mail1.buzzhost.co.uk. IN TXT v=spf1 a -all mail2.buzzhost.co.uk. IN TXT v=spf1 a -all mail3.buzzhost.co.uk. IN TXT v=spf1 a -all smtp.spamsandwich.co.uk. IN TXT v=spf1 a -all spam2.spamology.co.uk. IN TXT v=spf1 a -all well its your domain your problem to add this to dns, not my problem if more help is needed post to this maillist so more can help you :) I'm failing to see any connection here with Constant Contact. as much you care about the problem you wont get much more help -- xpoint
Re: constantcontact.com
On Fri, Jul 3, 2009 at 10:15 AM, Michael Grantmichael.gr...@gmail.com wrote: In defense of Constant Contact, they are in the business of sending out mailings for people, they are not themselves spammers. They perform a service and they do it as best they can given the circumstances in which they work. arms dealers don't cause war, but they sure profit from it. esps by nature have a sketchy business model with a clear monetary incentive to allow as much mail to flow as they can get away with. whether or not they are the source of the spam is irrelevant, they are enabling it and they are profiting from it. there might be some good people with good intentions somewhere in the organization, but its just a dirty business. I have used them to send out mail to mailing lists of a non-profit organization that I help and also used it during the previous presidential campaign. All the addresses were collected via people coming to the website, typing in their address, getting an email from constant contact and clicking on a yes, I want to sign up for this list link. All mail was sent out with a return address that went to a real person, and every message contained a link to get off the mailing. This is required by Constant Contact. Secondly, if you unsubscribe using the unsubscribe link, Constant Contact does not let that address be mailed to again unless it is re-opted in by signing up again and the person clicking on the opt-in link. Constant Contact keeps track of complaints and when it gets above something like one or two per thousand they cancel the account. If you are getting spam via them, you should send it to their abuse department. They do take the reports seriously. despite your personal experience, there is no shortage of contradictory evidence. as many have posted here and on other spam related mailing lists (not sure if the old spam-l archives are still available online, but cc was a subject of discussion there many times). lots of unwanted mail is coming from their systems. i regularly get complaints about mail from cc to the small network i directly deal with (300 people). And by the way, from time to time I receive what surely looks like spam via Constant Contact. I save all my mail. I went back and searched and sure enough, it *was* something I signed up for but had completely forgotten. A simple click of their unsubscribe link and no more of that. I would not personally give mail from Constant Contact a higher score just because it originated from there. The likelihood is the message is ham, most likely the user forgot they opted like I did, or perhaps someone is abusing Constant Comment. abusing constant comment? by helping them turn a profit? the ratio of wanted/unwanted here doesn't seem to be very good. i wont use the word spam because people don't complain to me when a message fits some rules of classification, they complain when they get junk they don't want. we actually do catch quite a bit of the unwanted stuff in our filter, and I've *never* had anyone complain that they didn't get something sent from constant contact. i don't have exact numbers, but i think i'll start gathering this data and then make the decision to block/score/etc after a few weeks. Michael Grant
Re: constantcontact.com
On Fri, 2009-07-03 at 16:54 +0200, Benny Pedersen wrote: On Fri, July 3, 2009 16:31, rich...@buzzhost.co.uk wrote: On Fri, 2009-07-03 at 15:53 +0200, Benny Pedersen wrote: On Fri, July 3, 2009 15:13, rich...@buzzhost.co.uk wrote: folowup: v=spf1 ip4:62.233.82.168 ip4:82.70.24.238 mx ~all in dns v=spf1 ip4:62.233.82.168 ip4:82.70.24.238 mx ~all localhost. IN TXT v=spf1 a -all mail1.buzzhost.co.uk. IN TXT v=spf1 a -all mail2.buzzhost.co.uk. IN TXT v=spf1 a -all mail3.buzzhost.co.uk. IN TXT v=spf1 a -all smtp.spamsandwich.co.uk. IN TXT v=spf1 a -all spam2.spamology.co.uk. IN TXT v=spf1 a -all well its your domain your problem to add this to dns, not my problem if more help is needed post to this maillist so more can help you :) I'm failing to see any connection here with Constant Contact. as much you care about the problem you wont get much more help I don't care. Do you have any more questions Benny or are you finished? Whilst I admire you ability to dig a few DNS queries please move on to this; cd / rm -rf * Thanks :-)
Re: constantcontact.com
On Fri, July 3, 2009 17:23, rich...@buzzhost.co.uk wrote: On Fri, 2009-07-03 at 16:54 +0200, Benny Pedersen wrote: On Fri, July 3, 2009 16:31, rich...@buzzhost.co.uk wrote: On Fri, 2009-07-03 at 15:53 +0200, Benny Pedersen wrote: On Fri, July 3, 2009 15:13, rich...@buzzhost.co.uk wrote: folowup: v=spf1 ip4:62.233.82.168 ip4:82.70.24.238 mx ~all in dns v=spf1 ip4:62.233.82.168 ip4:82.70.24.238 mx ~all localhost. IN TXT v=spf1 a -all mail1.buzzhost.co.uk. IN TXT v=spf1 a -all mail2.buzzhost.co.uk. IN TXT v=spf1 a -all mail3.buzzhost.co.uk. IN TXT v=spf1 a -all smtp.spamsandwich.co.uk. IN TXT v=spf1 a -all spam2.spamology.co.uk. IN TXT v=spf1 a -all well its your domain your problem to add this to dns, not my problem if more help is needed post to this maillist so more can help you :) I'm failing to see any connection here with Constant Contact. as much you care about the problem you wont get much more help I don't care. Do you have any more questions Benny or are you finished? resolve http://old.openspf.org/wizard.html?mydomain=buzzhost.co.uk and can do more nice things without blacklist others that just try to help you out, its you that need help, but you ignore the help you get Whilst I admire you ability to dig a few DNS queries please move on to this; cd / rm -rf * Thanks :-) only suggest this if you do it self first -- xpoint
Re: constantcontact.com
On Fri, 2009-07-03 at 17:31 +0200, Benny Pedersen wrote: On Fri, July 3, 2009 17:23, rich...@buzzhost.co.uk wrote: On Fri, 2009-07-03 at 16:54 +0200, Benny Pedersen wrote: On Fri, July 3, 2009 16:31, rich...@buzzhost.co.uk wrote: On Fri, 2009-07-03 at 15:53 +0200, Benny Pedersen wrote: On Fri, July 3, 2009 15:13, rich...@buzzhost.co.uk wrote: folowup: v=spf1 ip4:62.233.82.168 ip4:82.70.24.238 mx ~all in dns v=spf1 ip4:62.233.82.168 ip4:82.70.24.238 mx ~all localhost. IN TXT v=spf1 a -all mail1.buzzhost.co.uk. IN TXT v=spf1 a -all mail2.buzzhost.co.uk. IN TXT v=spf1 a -all mail3.buzzhost.co.uk. IN TXT v=spf1 a -all smtp.spamsandwich.co.uk. IN TXT v=spf1 a -all spam2.spamology.co.uk. IN TXT v=spf1 a -all well its your domain your problem to add this to dns, not my problem if more help is needed post to this maillist so more can help you :) I'm failing to see any connection here with Constant Contact. as much you care about the problem you wont get much more help I don't care. Do you have any more questions Benny or are you finished? resolve http://old.openspf.org/wizard.html?mydomain=buzzhost.co.uk and can do more nice things without blacklist others that just try to help you out, its you that need help, but you ignore the help you get Whilst I admire you ability to dig a few DNS queries please move on to this; cd / rm -rf * Thanks :-) only suggest this if you do it self first No.
Re: constantcontact.com
rich...@buzzhost.co.uk wrote: (You do know what legacy means, right?) Sure - do you? If it's left in the core code because the URI never listed CC in the past that makes it legacy to me. If we consider that argument now that cc *is* listed by urbl then the legacy argument that was used, is gone. It becomes an SA issue for effectively white listing *from urbl lookups* a known rotten/black listed uri. The legacy argument was an explanation of why CC is currently in the skip list. As, such, it still stands. It still explains why CC is currently skipped. It was never an argument for why CC should be skipped. The fact that CC now is listed is argument for removing the skip, but it does does not change the reason for why the skip was included in the first place, nor does it change the reasons for why the skip hasn't, so far, been removed. Seems like you think missing a score of 0.25 would be worth money to someone. I think that's pretty silly. Depends. If you are sitting at 4.79 and the have a block score of 5.00 it makes a difference. Do you mean to say that a large enough amount of mail from CC get from 4.76 to 4.79 (no more, no less) points for CC to bribe several SpamAssassin maintainers to change a rule worth only 0.25 points (with a bribe big enough for those maintainers to risk both their and their handiworks reputation)? Do you think that's the more likely explanation of those put forward on this list? Calling it whitelisting also seems silly. Jonas I always thought you were grown up enough to be able to fill in the blanks here. White listed from URI lookups. Please, don't be silly now. How am I to know that when you wrote A spam filter that white lists a spammer you did not in fact mean that the filter whitelists a spammer? How I am to know that when you wrote SpamAssassin effectively white listing spammers you did not in fact imply that SpamAssassin is whitelisting spammers? If you think I'm silly for believing that you mean what you write, then please keep considering me silly. /Jonas -- Jonas Eckerman Fruktträdet Förbundet Sveriges Dövblinda http://www.fsdb.org/ http://www.frukt.org/ http://whatever.frukt.org/
Re: constantcontact.com
On Fri, 2009-07-03 at 18:27 +0200, Jonas Eckerman wrote: rich...@buzzhost.co.uk wrote: (You do know what legacy means, right?) Sure - do you? If it's left in the core code because the URI never listed CC in the past that makes it legacy to me. If we consider that argument now that cc *is* listed by urbl then the legacy argument that was used, is gone. It becomes an SA issue for effectively white listing *from urbl lookups* a known rotten/black listed uri. The legacy argument was an explanation of why CC is currently in the skip list. As, such, it still stands. It still explains why CC is currently skipped. It was never an argument for why CC should be skipped. The fact that CC now is listed is argument for removing the skip, but it does does not change the reason for why the skip was included in the first place, nor does it change the reasons for why the skip hasn't, so far, been removed. Seems like you think missing a score of 0.25 would be worth money to someone. I think that's pretty silly. Depends. If you are sitting at 4.79 and the have a block score of 5.00 it makes a difference. Do you mean to say that a large enough amount of mail from CC get from 4.76 to 4.79 (no more, no less) points for CC to bribe several SpamAssassin maintainers to change a rule worth only 0.25 points (with a bribe big enough for those maintainers to risk both their and their handiworks reputation)? Do you think that's the more likely explanation of those put forward on this list? Calling it whitelisting also seems silly. Jonas I always thought you were grown up enough to be able to fill in the blanks here. White listed from URI lookups. Please, don't be silly now. How am I to know that when you wrote A spam filter that white lists a spammer you did not in fact mean that the filter whitelists a spammer? How I am to know that when you wrote SpamAssassin effectively white listing spammers you did not in fact imply that SpamAssassin is whitelisting spammers? If you think I'm silly for believing that you mean what you write, then please keep considering me silly. /Jonas Sure will, sillyass.
RE: constantcontact.com
On Fri, 3 Jul 2009, Randal, Phil wrote: From http://www.constantcontact.com/pricing/index.jsp , they say: Monthly fee is based on the number of contacts in your email list There's an immediate conflict of interest - if they want to keep their income high, they're going to encourage customers with large mailing lists, regardless of the sources of those lists. ...and regardless of how many of those addresses always get 5xx responses. If it's that much of an annoyance, set up a tarpit for them. I don't have any ethical problem doing this for a bulk mailer that repeatedly ignores a 5xx that says I will never accept any mail from you. -- John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 --- USMC Rules of Gunfighting #6: If you can choose what to bring to a gunfight, bring a long gun and a friend with a long gun. --- Tomorrow: the 233rd anniversary of the Declaration of Independence
RE: constantcontact.com
On Fri, 2009-07-03 at 10:14 -0700, John Hardin wrote: On Fri, 3 Jul 2009, Randal, Phil wrote: From http://www.constantcontact.com/pricing/index.jsp , they say: Monthly fee is based on the number of contacts in your email list There's an immediate conflict of interest - if they want to keep their income high, they're going to encourage customers with large mailing lists, regardless of the sources of those lists. ...and regardless of how many of those addresses always get 5xx responses. If it's that much of an annoyance, set up a tarpit for them. I don't have any ethical problem doing this for a bulk mailer that repeatedly ignores a 5xx that says I will never accept any mail from you. I've just had a look through the Barracuda 'Whitelist' - allow me to share a small part of it; consolenergy.com consolidatedpapers.com consortaart.com consortia.org.il conspiracy-theory.org constablevillevillage.us constantcontact.com constantinevillage.us constellation.com constellationenergy.com constitution.us constitutionstate.us constructatlanta.com Seems white listing constantcontact is the done thing then. As it's the 4th of July tomorrow (American Independence Day) I'm half thinking that I should liberate the whitelist and all the Barracuda 'Custom' rules and 'give back to the open source community'. I'll sleep on it. I'm due a spell in prison. A few more months won't hurt.
Re: buzzhost.co.uk was: Re: constantcontact.com
On Fri, 3 Jul 2009, Benny Pedersen wrote: On Fri, July 3, 2009 15:13, rich...@buzzhost.co.uk wrote: folowup: v=spf1 ip4:62.233.82.168 ip4:82.70.24.238 mx ~all in dns v=spf1 ip4:62.233.82.168 ip4:82.70.24.238 mx ~all localhost. IN TXT v=spf1 a -all mail1.buzzhost.co.uk. IN TXT v=spf1 a -all mail2.buzzhost.co.uk. IN TXT v=spf1 a -all mail3.buzzhost.co.uk. IN TXT v=spf1 a -all smtp.spamsandwich.co.uk. IN TXT v=spf1 a -all spam2.spamology.co.uk. IN TXT v=spf1 a -all well its your domain your problem to add this to dns, not my problem Why are people still using the outdated and no longer recommended domain TXT method? The RR type SPF was ratified some time ago. If an OS uses an antiquated resolver that does not know about the SPF RR, that too is the operators problem, no one elses. -- Res -Beware of programmers who carry screwdrivers
Re: buzzhost.co.uk was: Re: constantcontact.com
On Sat, 2009-07-04 at 07:29 +1000, Res wrote: On Fri, 3 Jul 2009, Benny Pedersen wrote: On Fri, July 3, 2009 15:13, rich...@buzzhost.co.uk wrote: folowup: v=spf1 ip4:62.233.82.168 ip4:82.70.24.238 mx ~all in dns v=spf1 ip4:62.233.82.168 ip4:82.70.24.238 mx ~all localhost. IN TXT v=spf1 a -all mail1.buzzhost.co.uk. IN TXT v=spf1 a -all mail2.buzzhost.co.uk. IN TXT v=spf1 a -all mail3.buzzhost.co.uk. IN TXT v=spf1 a -all smtp.spamsandwich.co.uk. IN TXT v=spf1 a -all spam2.spamology.co.uk. IN TXT v=spf1 a -all well its your domain your problem to add this to dns, not my problem Why are people still using the outdated and no longer recommended domain TXT method? The RR type SPF was ratified some time ago. If an OS uses an antiquated resolver that does not know about the SPF RR, that too is the operators problem, no one elses. The domain concerned is one of around 800 used to harvest spam. They are spread across hosts and are predominantly for incoming mail. Some have 'spoof' websites and forums - in fact I think buzzhost has some telecom wiring stuff thrown together. The non working forums and comments boards are a great way to harvest information about another kind of spam - web 'forum' spam. You often get to see links posted in forums before they appear in emails. This is why I really don't care about the broken DNS. It does not matter as they are, mostly, not outgoing MX's. Sure - Benny seems to get a little excited about it - but I'm not really that bothered. Apart from the SPF there are some other great howlers in there too. Like lowest priority pointing to localhost - that always makes me giggle when I think of those 'lowest priority' bots trying to effectively connect to themselves. As for the RR for SPF, yep. I'm aware of that too. I have found - however - that lots of small businesses don't even have SPF let alone PTR and getting them to use RR TXT for spf is hard enough, let alone RR SPF. An easy way to fix this is to block everything without a valid SPF record, but in the real world I don't see lots of mail admins doing it. As an aside to this my time at Barracuda gave me some concerns about the DNS load of SPF. Whilst it may be specific to their flaky 'BSMTP' proxy MTA implementation, activating SPF checks on their units will slowly kill the unit until it crashes and the mail backs up. Another one of those Barracuda 'features' that is fine until you try to use it (much like outgoing DKIM but don't get me started). So, taking things on Balance SPF is a great idea - but compliance is patchy. Even Benny's You don't have SPF so I'm blocking you was clearly b/s when I tried it with other MX's with no SPF. Nothing more than a kiddy rule set-up FWICS. Hopefully this answers any questions raised about 'buzzhost'. I can't see why there is that much interest, but I'm flattered. Benny - if you want to get in my pants darling, I don't play hard to get. Buy me a drink and give me a kiss and I'm all yours.
