What if you have a secret, pretty much foolproof test, but you don't want to reveal that you know it's spam...?
I think it would be good to put some descriptive (to the Abuse desk, at least) code in the reject message, and get the senders to contact the desk and request for clarification. Most bad guys won't bother, and will try Black Box Analysis, others will just go elsewhere. And no, we don't have enough DNSBLs (RBL is a trademark, after all). We could use one to call out the location of colo servers that should never be connecting on port 443, for instance. And many other things. And we should also not stop evaluating a connection just based on the first hit. We should distinguish between an IP block and a content block in the message, though. Some people go off on the second thinking it's the first. Aloha, Michael. -- Michael J Wise | Microsoft | Spam Analysis | "Your Spam Specimen Has Been Processed." | Got the Junk Mail Reporting Tool ? -----Original Message----- From: mailop [mailto:mailop-boun...@mailop.org] On Behalf Of David Hofstee Sent: Tuesday, August 30, 2016 12:18 AM To: mailop <mailop@mailop.org> Subject: Re: [mailop] How many more RBL's do we really need? I for one welcome the explicit blocks of email. They tell me simply what is wrong so I can (let people) fix things. What I really hate is the "possible spam detected"-like messages. I don't have time to check all 40 domains in the email and all IPs involved for those domains (and then usually not finding badness). I like to nitpick and find bad stuff, but that stretches it. Explicit blocks make my life easier. So even if you weigh RBLs it would be nice to see the most important reason stated in the smtp reply. You could even change that behaviour given the reputation of the sender. Met vriendelijke groet, David Hofstee Deliverability Management MailPlus B.V. Netherlands (ESP) ----- Oorspronkelijk bericht ----- Van: "Anne P. Mitchell" <amitch...@isipp.com> Aan: "Michael Wise via mailop" <mailop@mailop.org> Verzonden: Maandag 29 augustus 2016 19:08:58 Onderwerp: Re: [mailop] How many more RBL's do we really need? > using Barracuda's RBL for high scoring, and not for outright blocking. I think that in this day and age, this is true for *any* list - black-, white-, reputation- (yes, even ours). Whitelists can also have false positives - even pay for play ones, because while full-on spammers may not pay to be on a whitelist, or for reputation certification, etc...., organizations that are whitehat can experience personnel changes in their email and marketing departments, and an organization can go from blindingly white to a shade of grey overnight. Plus, even more now than ever, what one receiving system may think of as 'spam' another may think of as 'legitimate email our users just didn't know they wanted'. In fact, that's why we take pains to make a point that our lists are *not* whitelists - they are lists where receivers can get information about the specific practices of the senders - so, like Rob said - use them for scoring, not for outright blocking (well, accepting, in our case). Anne Anne P. Mitchell, Attorney at Law Legislative Consultant CEO/President, SuretyMail Email Reputation Certification and Inbox Delivery Assistance https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fwww.SuretyMail.com%2f&data=02%7c01%7cmichael.wise%40microsoft.com%7c0e083a89b84749b7d0bc08d3d0a6fb96%7c72f988bf86f141af91ab2d7cd011db47%7c1%7c0%7c636081388002068480&sdata=72BiVxdFgBniaaiRZBoC15Uwd73HE6kF9URWSr9mW38%3d https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fwww.SuretyMail.eu%2f&data=02%7c01%7cmichael.wise%40microsoft.com%7c0e083a89b84749b7d0bc08d3d0a6fb96%7c72f988bf86f141af91ab2d7cd011db47%7c1%7c0%7c636081388002068480&sdata=kyyKMI6khHq%2fOzMoOzc%2fQMllBgbMUFJrA9LpaR8oaS8%3d Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law) Member, California Bar Cyberspace Law Committee Member, Colorado Cybersecurity Consortium Member, Asilomar Microcomputer Workshop Committee Ret. Professor of Law, Lincoln Law School of San Jose Ret. Chair, Asilomar Microcomputer Workshop amitch...@isipp.com | @AnnePMitchell Facebook/AnnePMitchell | LinkedIn/in/annemitchell _______________________________________________ mailop mailing list mailop@mailop.org https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fchilli.nosignal.org%2fcgi-bin%2fmailman%2flistinfo%2fmailop&data=02%7c01%7cmichael.wise%40microsoft.com%7c0e083a89b84749b7d0bc08d3d0a6fb96%7c72f988bf86f141af91ab2d7cd011db47%7c1%7c0%7c636081388002068480&sdata=Pk5lwBprxtESL67zlgS4Z5KpAEWrVGHQ%2b%2b533s1viaU%3d _______________________________________________ mailop mailing list mailop@mailop.org https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fchilli.nosignal.org%2fcgi-bin%2fmailman%2flistinfo%2fmailop&data=02%7c01%7cmichael.wise%40microsoft.com%7c0e083a89b84749b7d0bc08d3d0a6fb96%7c72f988bf86f141af91ab2d7cd011db47%7c1%7c0%7c636081388002068480&sdata=Pk5lwBprxtESL67zlgS4Z5KpAEWrVGHQ%2b%2b533s1viaU%3d _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
