I find myself having a difference of opinion with Spamhaus about a certain type of RBL listing, and I'm wondering what others think.
The situation is that the Reply-To email address of a public library's "your book is due in five days" reminder system is listed in the Spamhaus HBL <https://docs.spamhaus.com/datasets/docs/source/10-data-type-documentation/datasets/030-datasets.html#hbl>, which Spamhaus says is because messages involving that address are hitting spamtraps. (That sounds plausible: Maybe some library users don't update their email addresses, then the library unwisely doesn't remove bouncing messages to discontinued domain names, and the addresses eventually get repurposed as spamtraps. Or maybe the library isn't properly verifying the user-supplied addresses to start with. If people want to check their own logs, the listed Reply-To email address is mcpldpubserv at gmail dot com, with an envelope sender of sierranot at marmot dot org.) Anyway: One of my customers complained that this listing is causing SpamAssassin to block their library reminder messages. I "whitelisted" the address on our end, but in an attempt to be helpful, I also reported it to Spamhaus as a false positive, because it's affecting messages that are requested by recipients and transactional. Spamhaus says they don't remove such listings, though, because by their definition, it's not a false positive if some of the messages are reaching spamtraps -- in other words, that addresses sending to spamtraps are correctly listed as "This email address is used for malicious activities" in the HBL description solely because of the spamtraps. I'm a little surprised by that. The sender is of course engaging in poor list hygiene, and it's reasonable for an automated RBL process to initially list an address that is sending to spamtraps. But I've always thought that trusted RBLs should have a policy of "if it turns out that a listing is also affecting user-requested, non-malicious, transactional messages, that's not okay". Am I off base with that expectation? (I've also contacted the library, who I have no connection to, but this has been happening for months, so... <shrug>) -- Robert L Mathews
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
