On 1/13/22 16:08, Scott Mutter via mailop wrote:
I'm not sure what value of Recipients is really referring to - but I think this is kind of the question that needs to be asked. Should the administrator of a sending server (the IP address) be responsible for removing addresses from a mailing list? Probably.
Absolutely. Not specifically removing addresses from mailing lists, but ensuring that the server associated with that IP address doesn't send UBE. If abuse originates from that IP address, the administrator of the machine bound to that IP is responsible for stopping it whether the abuse is spam, brute-force SSH attacks, viruses, SIP attacks, ping floods, or any other form of abuse.
But in order for the administrator of the sending server to know about this, reports are going to have to come to the administrator of the sending server based on it's IP address.
Yes, and that is accomplished by parsing headers, WHOIS, and having a working and responsive abuse contact.
I'm an administrator of a mail server (many mail servers).
Then you should have a vested interest in running a clean shop.
I (personally) don't really send out emails through these servers.
Most administrators of multi-user mail servers don't personally send much mail through them on a percentage basis.
We sell a service to customers that allows them to use the server to send out emails.
In other words, you profit from allowing others to use your server. You charge for the service of delivering mail on behalf of your customers.
It's those customers that are sending out mailing lists and/or questionable marketing messages, etc.
Then you need to fire the customers who you are presently allowing to abuse the Internet. "I don't personally robocall people to pitch car warranty scams. I sell phone service to customers. It's those customers that are placing the robocalls, etc. I just take their money and enable them to annoy people." Whose facility do you think is going to get blocked by other carriers and tracked down by the FTC/FCC? You or your customers?
When those customers send messages to Yahoo or any other email service ... they really don't care if the individual recipient at Yahoo or whoever flags that message as spam. Is this wrong? Absolutely! But this is the disconnect from reality that I think a lot of Mailops seem to discount.
Where's the disconnect? You profit by sending mail on behalf of customers. Those customers don't care if they are spamming. They aren't going to stop spamming because it's profitable for them. You may choose not to police your customers because it's profitable for you. The victims of the abuse don't know of or care about your relationship with your customers. They can easily find you by your IP, however. By blocking your IP they avoid abuse from any and all of your customers. It sounds like this has gotten your attention and you now realize that there is a problem.
We've reached a point in society where individuals can't read and can't be expected to take the 90 seconds it takes to read and understand something, they want to be spoon fed information. ... If an individual in the general public gets a feedback loop report about a message being spam... they're not going to read it... they're not going to take the time to understand it... they're just going to keep sending out to their list just ignoring that report
But you're not the general public. You operate a mail server. Maybe you should ensure that the feedback loop reports come to you as the operator of the mail server that's originating the abuse. You are a professional generating revenue by sending mail on behalf of others. When you get a feedback loop report, wouldn't it be a good idea to take the 90 seconds to read, understand, and actually act on it?
Now, eventually, Yahoo or whatever mail service, will say that the mail server that I'm an administrator to has sent them too much spam and they start to block/blacklist/throttle mail from the server.
Indeed. Hopefully that will get your attention and cause you to reduce the spam that the server that you administer is sending. This may require you to fire your bad customers and take steps to ensure that any new customers you acquire aren't bad actors.
I'm left out in the cold because 1) I'm not the one sending out the mailing list messages
Yes. You. Are. Technically, the server that you administer is, but you are in control of that server and thus the messages that it sends. You are in control of who you take on as a customer.
2) I have no way of getting feedback loop messages from Yahoo or whatever mail service for this sending IP
Why not? Have you tried? FBLs are generally tied to IPs, not domains. Is your sending IP associated with you in WHOIS? Do you have a working abuse contact listed for it? If so, do you monitor it?
3) there's a severe lack of ways to get in touch with a human person at Yahoo or whatever mail service to discuss the situation.
What is there to discuss? You operate a mail server that generates abuse. The rest of the Internet doesn't want to be abused. Don't do that, then.
Some people seem to assume that 1 IP address = 1 domain sending out mail = 1 person responsible for managing that.
The domain isn't even slightly relevant here. 1 IP address sending out mail = 1 person responsible for managing that.
And that is just simply not true. 1 IP address may have 1000s of domains sending out emails, which may refer to 1000s of different individuals. The common denominator is the sending IP address and that's why abuse reports, feedback loops, and all discussion about the quality/quantity of mail coming from that IP address needs to refer to the individual that is managing the SMTP service at that IP address.
Yes, and that individual needs to operate the SMTP service at that IP address in a non-abusive manner.
If a service is going to block/blacklist/throttle messages by the sending IP, then what good does it do to base feedback loops and spam reports on a domain basis?
Little to none. That's why RBL-style blocklists and major mailbox hosts (Yahoo, etc.) filter based on IP address. Recently, some means have been introduced to limit the ability of bad actors to forge domains, but the originating IP address is the primary key for tracking down abuse.
A sending IP could have 1000 domains sending from it and only 1 of those domains is sending spam or sending to a list that is being flagged as spam, but the recipient server isn't going to block based on domain, it's going to block based on IP.
Then the operator of the server on that IP only needs to fire one customer and can keep the other 999.
The Internet has discovered that blocking spammy IP addresses is reliable and effective. Sending domains are still mostly easily spoofed. Filtering by domain is far less reliable than filtering by IP.
-- Jay Hennigan - j...@west.net Network Engineering - CCIE #7880 503 897-8550 - WB6RDV _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
