The issue is that big name mail service providers, like Gmail, Microsoft, Yahoo - do not offer a way to get effective feedback loops. Again, this is why I say the AOL feedback loop system of the 2000's was so great. I've NEVER gotten anything from Gmail's Postmaster tools for any of the servers (which asks for a domain name and not an IP address). Once in a blue moon I get something from Microsoft's JMRP, but they still block IPs with out any reports. Yahoo's FBL is based on DomainKeys.
The oft rumor with Gmail's Postmaster tools is that you have to reach a certain mail sending limit for Google to generate reports, I suspect that our servers all fall below that threshold. I suspect it's the same or similar thing with Microsoft's JMRP. But both services block our IPs from time to time. How - pray, tell - am I supposed to know that these services are seeing bad things or abuse from our IPs if they don't tell me? Look, I get it. It's difficult to justify expending resources generating feedback reports for IPs that don't really send a lot of mail. But that doesn't mean that those IPs can't be sending out unwanted emails. So I can understand why these providers don't send out reports for IPs that fall under a certain threshold. BUT - that's got to work both ways. You can't expect me to know that you're receiving unwanted emails from my server's IP if you do not tell me. If I can understand your reasons for not sending out all feedback reports then you have to understand why small mail server operators get upset when you suddenly block our IPs and then give us the runaround to get the IP unblocked. If you think it's completely unreasonable for us small time mail server operators to get upset when you block an IP without giving us any feedback - that's where you've lost touch with reality. On Thu, Jan 13, 2022 at 9:13 PM Jay Hennigan via mailop <mailop@mailop.org> wrote: > On 1/13/22 16:08, Scott Mutter via mailop wrote: > > I'm not sure what value of Recipients is really referring to - but I > > think this is kind of the question that needs to be asked. Should the > > administrator of a sending server (the IP address) be responsible for > > removing addresses from a mailing list? Probably. > > Absolutely. Not specifically removing addresses from mailing lists, but > ensuring that the server associated with that IP address doesn't send > UBE. If abuse originates from that IP address, the administrator of the > machine bound to that IP is responsible for stopping it whether the > abuse is spam, brute-force SSH attacks, viruses, SIP attacks, ping > floods, or any other form of abuse. > > > But in order for the > > administrator of the sending server to know about this, reports are > > going to have to come to the administrator of the sending server based > > on it's IP address. > > Yes, and that is accomplished by parsing headers, WHOIS, and having a > working and responsive abuse contact. > > > I'm an administrator of a mail server (many mail servers). > > Then you should have a vested interest in running a clean shop. > > > I (personally) don't really send out emails through these servers. > > Most administrators of multi-user mail servers don't personally send > much mail through them on a percentage basis. > > > We sell a service to customers that allows them to use the server to > > send out emails. > > In other words, you profit from allowing others to use your server. You > charge for the service of delivering mail on behalf of your customers. > > > It's those customers that are sending out mailing lists and/or > > questionable marketing messages, etc. > > Then you need to fire the customers who you are presently allowing to > abuse the Internet. "I don't personally robocall people to pitch car > warranty scams. I sell phone service to customers. It's those customers > that are placing the robocalls, etc. I just take their money and enable > them to annoy people." Whose facility do you think is going to get > blocked by other carriers and tracked down by the FTC/FCC? You or your > customers? > > > When those customers send messages to Yahoo or any other email service > > ... they really don't care if the individual recipient at Yahoo or > > whoever flags that message as spam. Is this wrong? Absolutely! But > > this is the disconnect from reality that I think a lot of Mailops seem > > to discount. > > Where's the disconnect? You profit by sending mail on behalf of > customers. Those customers don't care if they are spamming. They aren't > going to stop spamming because it's profitable for them. You may choose > not to police your customers because it's profitable for you. The > victims of the abuse don't know of or care about your relationship with > your customers. They can easily find you by your IP, however. By > blocking your IP they avoid abuse from any and all of your customers. It > sounds like this has gotten your attention and you now realize that > there is a problem. > > > We've reached a point in society where individuals can't > > read and can't be expected to take the 90 seconds it takes to read and > > understand something, they want to be spoon fed information. ... If an > > individual in the general public gets a feedback loop report about a > > message being spam... they're not going to read it... they're not going > > to take the time to understand it... they're just going to keep sending > > out to their list just ignoring that report > > But you're not the general public. You operate a mail server. Maybe you > should ensure that the feedback loop reports come to you as the operator > of the mail server that's originating the abuse. You are a professional > generating revenue by sending mail on behalf of others. When you get a > feedback loop report, wouldn't it be a good idea to take the 90 seconds > to read, understand, and actually act on it? > > > Now, eventually, Yahoo or whatever mail service, will say that the mail > > server that I'm an administrator to has sent them too much spam and they > > start to block/blacklist/throttle mail from the server. > > Indeed. Hopefully that will get your attention and cause you to reduce > the spam that the server that you administer is sending. This may > require you to fire your bad customers and take steps to ensure that any > new customers you acquire aren't bad actors. > > > I'm left out in the cold because 1) I'm not the one sending out the > > mailing list messages > > Yes. You. Are. Technically, the server that you administer is, but you > are in control of that server and thus the messages that it sends. You > are in control of who you take on as a customer. > > > 2) I have no way of getting feedback loop messages > > from Yahoo or whatever mail service for this sending IP > > Why not? Have you tried? FBLs are generally tied to IPs, not domains. Is > your sending IP associated with you in WHOIS? Do you have a working > abuse contact listed for it? If so, do you monitor it? > > > 3) there's a > > severe lack of ways to get in touch with a human person at Yahoo or > > whatever mail service to discuss the situation. > > What is there to discuss? You operate a mail server that generates > abuse. The rest of the Internet doesn't want to be abused. Don't do > that, then. > > > Some people seem to assume that 1 IP address = 1 domain sending out mail > > = 1 person responsible for managing that. > > The domain isn't even slightly relevant here. 1 IP address sending out > mail = 1 person responsible for managing that. > > > And that is just simply not > > true. 1 IP address may have 1000s of domains sending out emails, which > > may refer to 1000s of different individuals. The common denominator is > > the sending IP address and that's why abuse reports, feedback loops, and > > all discussion about the quality/quantity of mail coming from that IP > > address needs to refer to the individual that is managing the SMTP > > service at that IP address. > > Yes, and that individual needs to operate the SMTP service at that IP > address in a non-abusive manner. > > > If a service is going to block/blacklist/throttle messages by the > > sending IP, then what good does it do to base feedback loops and spam > > reports on a domain basis? > > Little to none. That's why RBL-style blocklists and major mailbox hosts > (Yahoo, etc.) filter based on IP address. Recently, some means have been > introduced to limit the ability of bad actors to forge domains, but the > originating IP address is the primary key for tracking down abuse. > > > A sending IP could have 1000 domains sending > > from it and only 1 of those domains is sending spam or sending to a list > > that is being flagged as spam, but the recipient server isn't going to > > block based on domain, it's going to block based on IP. > > Then the operator of the server on that IP only needs to fire one > customer and can keep the other 999. > > The Internet has discovered that blocking spammy IP addresses is > reliable and effective. Sending domains are still mostly easily spoofed. > Filtering by domain is far less reliable than filtering by IP. > -- > Jay Hennigan - j...@west.net > Network Engineering - CCIE #7880 > 503 897-8550 - WB6RDV > _______________________________________________ > mailop mailing list > mailop@mailop.org > https://list.mailop.org/listinfo/mailop >
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
