Signed by whom? First off, this would require that sign-ups be transferred
from web to email. Secondly, I can see how it could easily be forged. All
I'd have to do is set up a mail server to send DKIM-signed email for each
"opt-in" request, each with a different DKIM domain out of a set of
pre-registered rotating domains. Bingo! "proof" of opt-in. Spammers have
been doing this for years w/ IP-based date/time/IP-formatted opt-in proof
requests.
-Tim

On Fri, Jun 10, 2016 at 12:32 PM, Michael Wise <michael.w...@microsoft.com>
wrote:

> A DKIM-signed submission request?
>
> With IP, time stamp, and such like would be pretty undeniable intent to
> subscribe, IMHO.
>
> Or provide plenty of fodder for the sysadmin of the domain in question to
> track down the imposter.
>
>
>
> Aloha,
>
> Michael.
>
> --
>
> *Michael J Wise* | Microsoft | Spam Analysis | "Your Spam Specimen Has
> Been Processed." | Got the Junk Mail Reporting Tool
> <http://www.microsoft.com/en-us/download/details.aspx?id=18275> ?
>
>
>
> *From:* mailop [mailto:mailop-boun...@mailop.org] *On Behalf Of *Tim Starr
> *Sent:* Friday, June 10, 2016 11:14 AM
> *To:* mailop@mailop.org
> *Subject:* Re: [mailop] Mailchimp / Mandrill App: European VS US Privacy
> Laws
>
>
>
> Rule #1: Spammers lie. What sort of "proof of opt-in" could they provide
> that can't be forged? Also, it does not follow from that requirement that
> senders must be "identifiable." That may be a separate legal requirement,
> but it doesn't logically follow from the opt-in proof requirement.
>
>
>
> I also do not see how this matters when it comes to blacklist operations.
> "Tell me who your customer is so legal action can be taken against them" is
> what the law you cite seems to amount to. You are perfectly to block or
> blocklist anyone you want no matter what the law says.
>
>
>
> Tim Starr
>
>
>
> On Fri, Jun 10, 2016 at 2:50 AM, Benoit Panizzon <benoit.paniz...@imp.ch>
> wrote:
>
> Hi Suresh
>
> > They aren’t under any obligation to reveal customer identity to you
> > and would potentially face legal liability for doing so.
>
> This is exactly the problem.
>
> Privacy Laws in Switzerland (and most other countires I know) states,
> that the sender must provide proof of opt-in.
>
> Therefore, the sender must be identifiable. If the sender is not
> identifiable, the ISP of the sender must provide the identity of the
> sender.
>
> So an ISP does not face any legal liability on providing the identity
> of the sender as this is a legal requirement and the ISP acts according
> the law.
>
> There are court cases confirming this procedure.
>
> If this procedure and priority of privacy requirements is not observed,
> a spamer can never be prosecuted or blocked. The spamer can just
> pretend, that all his addresses are opt-in and that he acts legally but
> never has to prove it. Therefore Mailchimp cannot block him, or he can
> request to be unblocked because he claims towards mailchimp, that the
> spam reports are wrong and he has proof of opt-in from the recipients,
> which he never has to show anyone.
>
> The spamer could probably even prosecute mailchimp for blocking him or
> canceling his services.
>
> The users of our Blacklist request that we block mailchimp for not
> respecting privacy laws and not providing the legal identity of the
> spamers so they can provide a proof of opt-in or be made liable for not
> respecting the mass advertising law.
>
> So, do you have any suggestions on how to solve this issue?
>
> Legal References:
>
> Art. 8 Right to information
> https://www.admin.ch/opc/en/classified-compilation/19920153/index.html#a8
> <https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fwww.admin.ch%2fopc%2fen%2fclassified-compilation%2f19920153%2findex.html%23a8&data=01%7c01%7cmichael.wise%40microsoft.com%7c48b91e0665e546c77d9d08d3915bba9f%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=ZpGFu3qWItPwow8WXAZu4rPhu7VSH%2foL4GqMOoqxzbU%3d>
>
> Art. 82 Communication of data to identify nuisance calls and unfair
> mass advertising
> https://www.admin.ch/opc/en/classified-compilation/20063267/index.html#a82
> <https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fwww.admin.ch%2fopc%2fen%2fclassified-compilation%2f20063267%2findex.html%23a82&data=01%7c01%7cmichael.wise%40microsoft.com%7c48b91e0665e546c77d9d08d3915bba9f%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=9DONBln1QKev3dAyS2Kq3h64xwH0vdMa5JEr1yDbRqE%3d>
>
> Bundesgesetz gegen den unlauteren Wettbewerb (unfortunately not
> translated by admin.ch
> <https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fadmin.ch&data=01%7c01%7cmichael.wise%40microsoft.com%7c48b91e0665e546c77d9d08d3915bba9f%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=QQrBwhHA%2f9%2bwmi%2fTBVgpOoCtS13CfblYjNFk6XX0%2bZA%3d>
> )
> https://www.admin.ch/opc/de/classified-compilation/19860391/index.html
> <https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fwww.admin.ch%2fopc%2fde%2fclassified-compilation%2f19860391%2findex.html&data=01%7c01%7cmichael.wise%40microsoft.com%7c48b91e0665e546c77d9d08d3915bba9f%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=w%2btWSiBOIud2wDmjI13WsNIeNJlxYRRoRD7HMiuqpQM%3d>
>
> -Benoît Panizzon-
> --
> I m p r o W a r e   A G    -    Leiter Commerce Kunden
> ______________________________________________________
>
> Zurlindenstrasse 29             Tel  +41 61 826 93 00
> CH-4133 Pratteln                Fax  +41 61 826 93 01
> Schweiz                         Web  http://www.imp.ch
> <https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fwww.imp.ch&data=01%7c01%7cmichael.wise%40microsoft.com%7c48b91e0665e546c77d9d08d3915bba9f%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=s%2bXfm3eTStD0SNnhWCQ%2f%2fhmWskyGIk2K9%2bi9iqEd1wE%3d>
> ______________________________________________________
>
> _______________________________________________
> mailop mailing list
> mailop@mailop.org
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
> <https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fchilli.nosignal.org%2fcgi-bin%2fmailman%2flistinfo%2fmailop&data=01%7c01%7cmichael.wise%40microsoft.com%7c48b91e0665e546c77d9d08d3915bba9f%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=0SfoFKj4HjjWx5QFf2aJjM9F7rC2NpIDwiviExiCUjs%3d>
>
>
>
_______________________________________________
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Reply via email to