On 8 March 2018 at 02:43, Steve Atkins <st...@blighty.com> wrote: >> On Mar 7, 2018, at 4:38 PM, Stefano Bagnara <mai...@bago.org> wrote: >> Let's take into consideration that spamtrap network have to do their >> homework to avoid being identified easily, so if they never do >> opens/clicks they already put a big flash on them. So I think it is OK >> for a spamtrap to open/click or even reply to an email, but it is >> important that the email address has been in a "user unknown" state >> for at least 1 year (or something similar). > > No. Never. If you do that then the address is tainted and you > *cannot* legitimately use information as it as evidence that mail > sent to it was unwanted.
This is not the place, but I strongly disagree (but is something very subjective, I admit). Opening a message is not a proof of consent or anything else: it is just something used by marketers to track performances. If you have COI then, every few months you sent emails with unsubscribe links and without bounces, then you have the proof and the spamtrap would be not legitimate. But if there is no COI or you have a big 1 year hole in your sends since you had your COI then you lost your consent.. fake opens are not a "renew of consent". I don't run spamtraps (I have no current relationship with people that do), now, but I see opens and clicks from spamtraps operated by very serious people and I don't think they are wrong with that. > You can still use it for quite a few > interesting things, but you can't use it as a spamtrap (unless > you want to spend another year rejecting everything). Why? I hear your strong on your opinion, but I don't get why you think it is wrong and that an open should invalidate a spamtrap. So, if I send a sample message received to a spamtrap and reviewing that message I look at images, then I have to invalidate a spamtrap? > I talked about this at some length about six and a half > years ago. It wasn't a new problem then. > > https://wordtothewise.com/2011/08/a-disturbing-trend/ Clicking a confirmation link is different from doing some fake opens and some fake click: so, if they clicked a confirmation link then I agree it is bad and not legitimate. But opens or other clicks are not controversial, they are simply legitimate fake behaviour. BTW there are antivirus that will click every link they found, so tools that rely on one-time-link-clicks sent via email to do confirmations (see also the list-unsubscribe issue in another thread) should take one more step on the resulting website in order to complete the confirmation. Otherwise some antivirus/antispam will confirm opt-ins without user-consent (and this is an issue, bigger than the bad spamtrap issue). About Trendmicro I never saw them clicking a confirmation link, but I confirm I saw them using expired domains without the 6-12 months reject period. Well, trendmicro (at least in past) listed you even if it received only the COI request email to some of their spamtraps. PS: that trendmicro article is a bit the opposit of Laura answer I got yesterday about "dealing with it offline because making it public is not the way to fix the issue" ;-) I liked that article in 2011. So, given clicks are controversial: can we agree that a good spamtrap is safe to emulate opens? Or do you see issues with that too? Stefano _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
