[SpamCop-List] Re: OT nanae SC/IronPort threads
John E. Malmberg
wb8tyw at qsl.network
Thu Feb 17 07:36:44 EST 2005
> I do recall a thread here, some time ago about bonded sender spam, IIRC
> Ellen said they go in the block list like any others. I may have received
> one also once. But if SC users were regularly being spammed by Ironport
> BSers I'm sure we'd be hearing about it. Anti spammers tend to be a rather
> cranky lot you know.
A lot of speculation in the thread with no one quoting what Ellen said.
Their main gripe are apparently:
1. There are allegedly bonded senders that keep the bonded I.P. address
clean, but run opt-out and other spamming on their other addresses.
2. Apparently a bonded sender I.P. address hit a SORBS spamtrap, which
is very suspicious.
3. They claim that spamcop.net does not list or report bonded-senders,
but have not produced any examples of this.
Add to that all the common and untrue spamcop.net myths are being
reported over and over again, with no one pointing out the actual policies.
As I do not know what is in the SORBS spamtrap, and I do not know if
anyone in commenting in the thread does either. I also do not know if
SORBS spamtraps list anything that falls into them.
The SORBS spamtraps tend to list a lot of multi-hop spam sources, so if
a bonded sender had any security hole on their network, it would be
quite easy for them to get listed with out the actual owner intending on
As such, they are not suitable for blocking unless you do not want to
get e-mail from most large networks. So it may be a long time before
someone notices an e-mail rejected for that reason.
The main purpose of the bonded sender program is to go with policies
similar to the apparent one of a large company I know of.
Anything that even slightly smells of spam is silently deleted with out
notice. Outgoing e-mail automatically whitelists incoming mail from
that destination from that check. Whitelisting is also silently done in
response to trouble tickets, and the tickets get closed by stating the
problem could not be reproduced. No one at the company operating the
mail server admits to that policy, it was determined by experimentation.
While some may think that is a bad policy, it works. It keeps the
people who think they want an uncensored feed happy because there is no
evidence that is available to most people that the e-mail even reached
the company. It keeps company management happy because almost 0 spam
reaches anyone's inbox. And the auto-whitelisting really prevents most
real e-mail from being blocked.
Oh, and the company prohibits non-business use of it's e-mail, so no one
can complain if a non-business related item fails to reach them.
wb8tyw at qsl.network
Personal Opinion Only
More information about the SpamCop-List