I've recently gotten multiple spams from linkedin. (I don't consider invitations from people I dimly have heard of spam.) These are typically invitations that are sent to mailinglists, and occasionally invitationos from people that I have never ever heard of.
I believe what is going on is that there is some way for people to upload an entire addressbook and then bulk-spam all those addresses with invitations. The problem is that linkedin is getting adjusted scores due to RCVD_IN_DNSWL_MED HABEAS_ACCREDITED_SOI RCVD_IN_BSP_TRUSTED Here is an example (I have the postgis mailinglist in trusted_networks): http://www.lexort.com/spam/spam-linkedin.out.txt At least for my scores, the +2 points for HABEAS and BSP counterbalance the dnswl. I have sent mail to ab...@linkedin.com, but have never gotten any response. I complained to dnswl, and that got linkedin.com moved to MED from HI (thanks!), but I think MED is still excessive. Once again I went to returnpath and senderscorecertified's web pages, and found no link to an email address to report being spammed by one of their customers. Can anyone from returnpath explain why this glaring problem hasn't been fixed, or better yet fix it? And also remove linkedin as a certified address, because they are spamming? This is a general problem, more than linkedin - this has happened with twitter and faceboook as well. The problem seems to have multiple related components: linkedin is a spam source because they off bulk inviting whitelists list them because some of their mail is legitimate SA gives negative points to whitelists where most of the hosts on the whitelist don't send spam, and those that do send some ham Clearly some things that should happen are: dnswl should drop linkedin, because it doesn't meet "Extremely rare spam occurrences, corrected promptly." because 1) this keeps happening because the structural problem has not been addressed and 2) there is no functioning ab...@. I don't think linkedin belongs even in LOW, but it's fair to be in NONE (legit server, also sends spam). returnpath should drop linkedin, because they send spam and the mails I referenced above clearly do not meet any definition of opt in But it's hard for SA to cause these changes. dnswl clearly has value, and perhaps part of the difficulty is that it gets used for two reasons: not blocking connections or greylisting at the MTA level, and spam filtering. It's certainly reasonable for linkedin to be in a "don't outright block" list, but not for it to get a pass from filtering given the spam that comes out of it. Does anyone have any ideas of what else might help?
pgpS0aPDF1Lkm.pgp
Description: PGP signature