spamassassin-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Peddemors <mich...@linuxmagic.com>
Subject Re: [Bug 5922] efx.com in def_whitelist used to send spam
Date Wed, 18 Jun 2008 04:48:49 GMT
On Tuesday 17 June 2008 19:44, Sidney Markowitz wrote:
> Michael Peddemors wrote, On 18/6/08 2:28 PM:
> > On Tuesday 17 June 2008 18:35, bugzilla-daemon@bugzilla.spamassassin.org
> >
> > wrote:
> >>> it still seems more likely that eFax.com is not spamming, but sends
> >>> what some people think is spam,
> >
> > I chuckle at this :) If they think it is Spam, it is spam for all intents
> > and purposes if you are the email administrator or ISP trying to keep
> > your cusomter, or trying to stop them from switching to your competitor..
>
> If you have to subscribe to get it, confirm your email address with
> double opt-in, agree to a terms of service that explicitly says that you
> agree that the cost of the service you are getting is receiving
> advertising email, each email contains instructions on how to
> unsubscribe by following a URL or sending an email, and the company
> really does stop sending the mail on receiving an unsubcribe request,
> then there is no reason for SpamAssassin to waste its time labeling that
> mail as spam.

Of course, not trying to start a flame war.. but that response isn't really 
formatted as a policy, or is it?  Even that would be a start.

But of course, (and we aren't talking about any one company here) a lot of 
companies make the claims that they conform to the above, and yet the same 
IP's are used to send email out under less than conforming circumstances.. 

Personally have been involved with companies that swore they followed the 
above, until the were provent that they weren't.. 

I think the most important item you mentioned is double opt-in, which is an 
entirely different kettle of fish, unless of course they send this is 'Just 
to confirm you wish to get Daily Horoscopes', with a tiny link to terms of 
service which noone reads.. Or social engineering to get people to agree.

But even then, it still doesn't establish a policy that SA is striving/aiming  
to uphold, which might be benificial to all to hear on this list.

Is the policy that SA will not check companies that claim to do:

o Subscribe
o Double Opt-in Confirmation
o Remove Link

How do you audit the above?
What about reselling of email addresses?
How does CAN Spam compliant fit in?
Do they promise that they wont send 'other offerings' after you unsubscribe to 
the first one?

There are many grey lines that might be helpful to make black.. And I don't 
think anyone on the SA team wants to start playing whack a mole with all the 
companies that can claim the same and that want preferential, (ie don't stop 
my mail) treatment..

What about compromised accounts on even the best servers?

I am trying not to take a position on this thread.. just want to open the 
floor to discussions on this issue, and let SA make their position known.

It is a controversially issue to say the least, and will get more 
controversial as time goes by.. 

-- 
--
"Catch the Magic of Linux..."
------------------------------------------------------------------------
Michael Peddemors - President/CEO - LinuxMagic
Products, Services, Support and Development
Visit us at http://www.linuxmagic.com
------------------------------------------------------------------------
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" is a Registered TradeMark of Wizard Tower TechnoServices Ltd.
------------------------------------------------------------------------
604-589-0037 Beautiful British Columbia, Canada

This email and any electronic data contained are confidential and intended 
solely for the use of the individual or entity to which they are addressed. 
Please note that any views or opinions presented in this email are solely 
those of the author and are not intended to  represent those of the company.

Mime
View raw message