John Hardin <jhar...@impsec.org> writes: > On Fri, 4 Dec 2009, Charles Gregory wrote: > >> 2) Perform their OWN 'opt-in' mailout to that list. >> "Hello, we at (company eg. Retunrpath) have contracted to operate a >> mailng list on behalf of (client name). They have provided your >> address as one that has *requested* advertising mailouts from their >> company. We respectfully request that you verify this >> subscription/request by replying to this e-mail. IF you do nothing, >> this will be your last mailing from this company." > > Both would have to be done any time a new address was added to the > mailing list. And there would have to be some watchdog ensuring the > MSP doesn't relax the policy over time. > > It's a great idea. The problem is, how do you get mail service > providers to do this? What causes them loss of revenue if they _don't_ > do it?
Perhaps SA could decline to offer negative points for other than actual COI? My own experience with HABEAS_ACCREDITED_SOI has been that it's caused spam to show up in my inbox instead of filtered like it should have been. Complaining in public seems to be the only thing that works. I somewhat understand the difficulties of running an accreditation service, but I think the expectation of the SA community should be that problems (accredited senders spamming) should be extremely rare. It's clearly not extremely rare. A problem with the spam%/ham% checking methodology is that it makes the accreditation look reasonable for corpuses that have lots of requested commercial mail. That's certainly fine for those people, but the outcomes seem very different for those that don't ask for such mail - they're left with only the spam. Whitelists that don't accept payment for listing should get treated as SA has done - estimate a proper score. Those that do accept payment are a more complicated case - I think it's reasonable to demand that infractions are highly rare and that non-public complaints are responded to promptly and appropriately. Probably "SOI" should be entirely dropped.
pgpGSHpRWD8Hw.pgp
Description: PGP signature
