On 1 Mar 2018, at 10:29, Sebastian Arcus wrote:
I know I have brought up this issue on this list before, and sorry for
the persistence, but having 7 different rules adding scores for the
IADB whitelist still seems either ridiculous, or outright suspect:
(Disclaimer, I have inner visibility into IADB and its processes)
I'm sorry, but it only seems "ridiculous" if you don't know how IADB
works. Hopefully the details below will be helpful to assuage your
worries.
-0.2 RCVD_IN_IADB_RDNS RBL: IADB: Sender has reverse DNS record
[199.127.240.84 listed in iadb.isipp.com]
-0.1 RCVD_IN_IADB_SPF RBL: IADB: Sender publishes SPF record
-0.1 RCVD_IN_IADB_OPTIN RBL: IADB: All mailing list mail is opt-in
-0.0 RCVD_IN_IADB_SENDERID RBL: IADB: Sender publishes Sender ID
record
-0.0 RCVD_IN_IADB_LISTED RBL: Participates in the IADB system
-0.1 RCVD_IN_IADB_DK RBL: IADB: Sender publishes Domain Keys
record
-0.1 RCVD_IN_IADB_VOUCHED RBL: ISIPP IADB lists as vouched-for
sender
It really raises some very uncomfortable questions regarding the
impartiality of SA and/or its anti-spam capabilities.
IADB provides a number of "signals" associated with the (vetted)
practices of senders participating in its certification program. The
purpose of the DNS data is to allow receivers to use those signals to
augment their local anti-spam systems or to tweak the rules that are
applied for filtering.
Claiming that IADB is an "anti-spam" resource is inaccurate, as this is
not its intended purpose.
Rather, IADB allows for more precise filtering. Something that is also
indirectly achieved, is that complaints sent to IADB's administration
are escalated, researched and tracked until resolution, which can (and
has!) include termination of the accreditation in the IADB.
And by the way, this message is definitely unsolicited, and in now way
we gave any sort of permission or consent to this company or its
"affiliates" to email us - so the whole "All mailing list mail is
opt-in" is nonsense.
Then by all means, include ab...@isipp.com in your complaint -- They'll
follow up with their customer and if applicable revoke their IADB
membership. This is no different from an ESP sending to an "imported"
email address. A complaint would be more helpful than this posting, as
it would provide for more data to track the actual campaign that caused
the issue, again, much like in the case of an ESP.
From memory, I haven't seen a single complaint against the organization
199.127.240.84 is accredited under in more than two years.
And why have "Sender has reverse DNS record" and "Sender publishes SPF
record" as separate IADB rules - when SA itself already checks for
these? Isn't this just a glaring way of pumping up SA scores for the
IADB subscribers?
In this case the IADB is confirming that at the time of their customer's
accreditation, he claimed that his IP address should always have a valid
rDNS and be covered by a valid SPF record. I happen to know of receivers
that use lack of SPF/rDNS + these IADB records to bounce email.
As I'm sure it was mentioned before, the default scores are (or try to
be) a balance useful for general cases. I've been running with defaults
for these particular rules for years with no ill effect.
Best regards
-lem
