> On Wed, Nov 6, 2013 at 1:30 PM, Landon <landonstew...@gmail.com> wrote:
>> How much trouble does your abuse department go to in order to obfuscate
>> headers when providing evidence of spamming activity regardless of if it?s
>> intentional/professional spammer activity or some kind of malware infection
>> allowing a third party to spam. Especially for the pro spammers, we don?t
>> want them list washing anything or worse yet becoming privy to spamtrap
>> data if the reporting party wasn?t smart enough to obfuscate their own data
>> before sending in the report.
>
> Howdy,
>
> It depends on the exact situation, but the general-purpose answer is:
> none. zero. zip.
>
> The customer usually can't act on your information unless he can line
> it up with an entry in his own logs. He needs lots of details in the
> headers to figure out which computer or which of his users the message
> came from. And he needs that information to determine whether the
> message really came from his system -- headers get forged, you know.
Because this is an issue inherent primarily with bulk mail, we remove all
identifying information *except* the unsub link, which *should* have a unique
identifying token embedded within, from which the sender *should* be able to
determine the complainant's email address. And, if there is no such link, we
use that as an opportunity to educate them as to *why* they need to include
such a link (mind you, in order to be accredited with us the sender has to have
already demonstrated that they comply with including an unsub link, but because
many of our accreditation customers are ESPs, their customers may sometimes not
be modelling 100% of best practices).
Regardless of unsub link, or anything else, if we get a spam complaint against
one of our customers, we hold their feet to the fire, and require them to
explain exactly how the particular list was built, how the address was
acquired, etc.. Failure to do so can (and usually does) result in termination
of their accreditation - in the case of an ESP, they have to take corrective
measures against their spamming customer or the ESP will lose their
accreditation.
Anne
Anne P. Mitchell, Esq.
Author: Section 6 of the CAN-SPAM Act of 2003
CEO/President
Institute for Social Internet Public Policy
http://www.ISIPP.com
Member, Cal. Bar Cyberspace Law Committee
How do you get to the inbox instead of the spam filter? SuretyMail!
Helping businesses keep their email out of the junk folder since 1998
http://www.isipp.com/SuretyMail
