PS: I have to correct myself – T-Online is not (yet?) participating in the CSA, but the remaining information is still true 😉
The list of participants can be checked here: https://certified-senders.org/participants/ Sorry for the confusion. [signature_1395543467]<http://www.mapp.com/> Florian Vierke | Senior Manager, Deliverability Services t: +49 89 12009765 e: florian.vie...@mapp.com<mailto:florian.vie...@mapp.com> Von: mailop <mailop-boun...@mailop.org> Im Auftrag von Florian Vierke via mailop Gesendet: Freitag, 28. August 2020 09:29 An: Mailop Mailinglist (mailop@mailop.org) <mailop@mailop.org> Betreff: Re: [mailop] Deutsche Telekom rejects connections because of missing "provider identification" This email has reached Mapp via an external source Hi everybody, the requirement for having an imprint in advertising mails is not limited to T-Online. It’s a legal requirement and also criteria for the Certified Senders Alliance (CSA) which is at least relevant in Germany. For those not having heard of it – it’s a whitelisting project originally from Germany, but going more and more international. In Germany pretty much every ISP and ESP are participating and therefore sticking to the rules. The rules (https://certified-senders.org/wp-content/uploads/2017/07/CSA_Admission_Criteria.pdf) explicitly require imprints and (you know Germans 😉 also define how exactly this have to look like): [cid:image003.png@01D67D20.AAF9EE60] CSA is actively checking if participants follow the rules, otherwise senders get excluded from the Whitelist. And to close the circle – T-Online is members of the CSA as well, so they don’t necessarily have to check everything themselves – they can also rely on the CSA whitelist. Cheers, [signature_1395543467]<http://www.mapp.com/> Florian Vierke | Senior Manager, Deliverability Services t: +49 89 12009765 e: florian.vie...@mapp.com<mailto:florian.vie...@mapp.com> Von: mailop <mailop-boun...@mailop.org<mailto:mailop-boun...@mailop.org>> Im Auftrag von Hans-Martin Mosner via mailop Gesendet: Freitag, 28. August 2020 08:51 An: mailop@mailop.org<mailto:mailop@mailop.org> Betreff: Re: [mailop] Deutsche Telekom rejects connections because of missing "provider identification" This email has reached Mapp via an external source Am 26.08.20 um 19:36 schrieb flo via mailop: Hi there Have any of you had any bad experiences with Deutsche Telekom lately? They put one of my servers on their blacklist after an IP change with the reason that I have to provide an imprint on that machine. Have I missed something? Is this how it is done now? Without wanting to defend DT and the details of their policy, I do see understandable reasons for this policy, and I'm applying a somewhat similar strategy with pretty good success. Note that the presumed goal is to defend against spam, not to bother innocent senders, but in border cases that still happens (just as it happens with other mechanisms such as SPF etc.) A significant percentage of spam that still gets through after blocking dynamic IP addresses and known spam sending networks comes from * anonymous domains * hacked mail accounts or servers * misconfigured servers (web sites sending replies to mail-addresses entered via web forms) The second and third variant can only be handled on a case-by-case basis, I typically inform the admins through spamcop (of course that only works if they have a working abuse contact) and block the source because the sad experience is that admins of an already badly managed service likely don't react to abuse reports either. The first variant is more or less what you have. With the (IMHO stupid) decision to handle whois data as GDPR protected spammers have pumped up the volume of spam sent through domains whose registries hide whois data because that allows them to register their domains with fake information (the registries and registrars don't check, they happily take the fees and don't care otherwise). The net effect is that anonymous domain registration together with hosting with a "we don't care" hoster is a pretty good predictor for spamminess. Checking for an imprint is a strategy that works in Germany for many cases due to the legal requirement to have an imprint on web sites intended for the general public. I don't know how DT checks that, they probably use automated tools plus some human augmentation. In any case, this would enable them to whitelist a good percentage of domains that would otherwise be considered anonymous. I have to deal with much lower volumes of mail, so I have decided to "permanently greylist" domains of this kind and to add exemptions after a short manual check whether the domain can be assumed to be legit. In addition, all of our rejection messages contain a link to a web page where we can be contacted in case of an erroneous block (false positives happen with every spam blocking policy). I do not put any demands on blocked senders except to contact us, so the simple act of using the web form is enough to be unblocked. Of course, a sufficiently motivated spammer might try that as well, might get a free pass for a day, and be added to the "never unblock these crooks" list quickly. Cheers, Hans-Martin Mapp Digital Germany GmbH with registered offices at Dachauer, Str. 63, 80335 München. Registered with the District Court München HRB 226181 Managing Directors: Frasier, Christopher & Warren, Steve This e-mail is from Mapp Digital and its international legal entities and may contain information that is confidential or proprietary. If you are not the intended recipient, do not read, copy or distribute the e-mail or any attachments. Instead, please notify the sender and delete the e-mail and any attachments. Please consider the environment before printing. Thank you. Mapp Digital Germany GmbH with registered offices at Dachauer, Str. 63, 80335 München. Registered with the District Court München HRB 226181 Managing Directors: Frasier, Christopher & Warren, Steve This e-mail is from Mapp Digital and its international legal entities and may contain information that is confidential or proprietary. If you are not the intended recipient, do not read, copy or distribute the e-mail or any attachments. Instead, please notify the sender and delete the e-mail and any attachments. Please consider the environment before printing. Thank you.
_______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
