[thelist] Spam Cop??

Jeroen Sangers evolt at jeroensangers.com
Thu Feb 13 11:08:01 CST 2003


Ben Dyer <ben_dyer at imaginuity.com> wrote:
> At 09:47 AM 2/13/2003, you wrote:
> But this is the inherent problem with blackhole lists.
>
> 1. People assume that they are permanently reliable.

That is because people are not reading. The SpamCop site explains their
reliability many times on their web:

"This blocking list is somewhat experimental and should not be used in a
production environment where legitimate email must be delivered. It is
growing more stable and is used by many large sites now. However, SpamCop is
aggressive and often errs on the side of blocking mail - users should be
warned and given information about how their mail is filtered. Ideally they
should have a choice of filtering options. Many mailservers can operate with
blacklists in a "tag only" mode, which is preferable in many situations."

> 2. SpamCop assumes that reports are true.

This is absolutely NOT true. In contradiction, SpamCop only talks about
SUBE - Supposed Unsolicited Bulk Mail. If you want to know more about how
SpamCop treats reports, gop and read
http://members.spamcop.net/fom-serve/cache/297.html


> And, yes, to a certain extent, they can test for that last one, but
> only
> for open relays.  They can't vouch for accuracy in spam submitted and
> it's very easy to doctor.

That is why they weigh all reports. One single report (made by mistake) has
almost no effect, but a lot of reports during a long time cannot be
considered a mistake anymore.

> Additionally, many decisions from SpamCop are not made from reports,
> but from overbroad IP- and host-based filters.

Again, read the page mentioned above...

> Ultimately, it *is* how people use the technology, not the technology
> itself, but that is of no consolation to the many innocent people who
> have their e-mail blocked.
>

> Well, when you're signing up for a hosting company, do you think they
> are advertising their status in various blackhole lists? :)

This is true, but the moment I find out my hosting provider is sponsoring
(actively or passively) spammers, I am gone.

> And, besides, we're not talking about little nobody hosting companies,
> among those frequently blacklisted are UUNet (MCI Worldcom) and
> Rackspace.  With thousands and thousands of customers.  And because
> 99% of people who sign up for hosting won't know any better (until
> their e-mail gets blocked, anyways)...  I don't buy the flawed
> argument that the hosting company will "learn from the their
> mistakes."  It's too much of "the ends justify the means."

Can you explain me how a big company like UUNet or RackSpace can ignore
thousands of complaints stating that one of their clients is breaking their
acceptable use policy??????

> However, ultimately, content-based spam filtering (like SpamAssassin)
> is more effective anyways.  It generates far fewer false-positives
> and only needs to be modified occasionally for spammers who work
> around the filters.

Content-based filters only make that I don't see those messages. I still
receive them, and when your using a slow modem, the delivery of all those
messages can be really irritating. Therefore I want to stop spam before they
reach my mailbox, and therefore we neet blocklists. Or better, fix the
servers with security flaws...

>
> And even more effective than that are the learning filters like in
> Apple Mail, so when spammers change their methods, the software is
> smart enough
> to adapt.
>
> --Ben

Kind regards,

Jeroen Sangers

www.jeroensangers.com
www.fimcap.org





More information about the thelist mailing list