On 21 April 2018 at 18:24, John Levine <jo...@taugh.com> wrote: > In article <a234556d-6b7f-220b-7825-2133f6734...@thedave.ca> you write: >>Am I missing a case where there is a negative outcome to a legitimate, >>by-the-book sender? > > Spammer forges header with address of unrelated network, that network > gets listed even though it has never sent spam and has no relation to > the spammer.
This already happens very often with CloudMark Authority and their "fingerprints" based blocks (and I think the Vipul's Razor fingerprints too). For each domain referenced in the email they compute a fingerprint. If they get spamreports they may list that specific fingerprint. The owner of the domain have no way to control or limit the usage of the domain in other emails, but still his domain can be blocked by cloudmark because it was referenced in a spam email. Let's say you add a <!-- http://mailop.org --> comment to your spam email, then CloudMark Authority will block the fingerprint for mailop.org and every email from this mailing list will start being blocked by CloudMark Authority because of the block. The fingerprint will become "controversial" if they also measure an high number of people moving the email from the spam back to the inbox, but in the mean time you get them in spam. So this is very prone to black-hat abuses, but given how popular is Cloudmark Authority today I'd say the abuses have not been so problematic and black-hats put their efforts elsewhere. Domains are only one of many things being fingerprinted by Cloudmark Authority and you recognize them as being postfixed by ":8" in the X-CNFS-Analysis header (or similar). In Italy Cloudmark Authority affect an average of 30% of recipients, much more than Hotmail and Yahoo filters, comparable to Gmail filter. As we get used to this behaviour the "arguments" in this thread are not so weird as one may guess. Stefano _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
