Also, often, the Return Path certified sender is an ESP who sends for a
variety of customers. There is not always an absolute guarantee that
every one of that ESP's customer is ethical and truthful. A good ESP
will quickly fire such any such "bad apple" customer... but some do a
much better job than others. Some spend endless amounts of time telling
blacklists, "we're Return Path certified... and we had this bad
customer... but we're working with that customer to purge their lists of
complainers and bad addresses". (iow, help them listwash, keeping them
on as customers)
ESPs are economically incentivized to keep marginal customers (or
"pretenders"), and Return Path is economically incentivized to keep
those grayhat-ESPs.
Yes, at the extremes, customers will be fired in both situations. But
there is a lot of gray before those extremes trigger a firing. And there
are many situations where those limits are pushed.
Having said that, those ESPs who choose to push those limits hurt
themselves in the long run as their domains/IPs start getting dragged
further and further down in various reputation and anti-spam filtering
systems. But some of these are managed by 20-something-year old punk
"kids" who haven't thought that far ahead.
I'm sure Return Path stops lots of this stuff.... but certainly, a
significant amount of unsolicited messages can "slip through the cracks".
Meanwhile, in contrast, DNSWL is NOT economically incentivized to go
easy on gray senders. And some on this thread are not realizing that
DNSWL has various LEVELS in its ratings of senders... where senders of
BOTH legit mail and spam are marked accordingly. That way, you know to
not outright block messages from certain "mixed ham/spam" sender's
IPs... but you shouldn't treat them as fully whitelisted either. That is
a big difference... therefore, most of the time that a virus-sent spam
is sent from an IP in DNSWL, it is from an IP that is marked by DNSWL as
a mixed source.
--
Rob McEwen
http://www.invaluement.com/
+1 478-475-9032
