On 02/08/18 16:23, David Jones wrote:
> On 02/07/2018 06:28 PM, Dave Warren wrote:
>> On Wed, Feb 7, 2018, at 15:52, Martin Gregorie wrote:
>>>> Technically, you asked for the email and they have a valid opt-out
>>>> process that will stop sending you email. Yes, the site has scummy
>>>> practices but that is not spam by my definition.
>>>>
>>> Yes, under EU/UK that counts as spam because the regulations say that
>>> the signer-upper must explicitly choose to receive e-mail from the
>>> site, and by-default sign-in doesn't count as 'informed sign-in'.
>>
>> Canadian law is the same, this is absolutely spam without any ambiguity.
>>
>
> But how can you tell the difference based on content then? You can't. Two
> different senders could send the exact same email and one could be spam from
> tricking the recipient to opt-in and another could be ham the recipient
> consciously opted into.
>
> This would have to be blocked or allowed based on reputation. One would
> train the message as spam in their Bayes database and allow trusted senders
> via something like a domain whitelist, URI whitelist, or a whitelist_auth
> entry.
>
> We are back to needing a curated WL based on something like DKIM. Alex just
> made me aware of http://dkimwl.org/ which looks brilliant. Exactly lines up
> with how I filter and what I have been wanted to do for a couple of years
> now. A community-driven clearing house for trusted senders.
>
dkimwl.org looks promising, but tell them their https cert has expired.
Giovanni
