I'm working for an ESP who is member of the CSA and ECO and I'm one of the biggest contender on the authentication requirements front, I don't think that DMARC is an ESP responsibility, but think that an ESP should provide everything necessary so that a Brand can use DMARC. By forcing the ESP community of CSA to implement DMARC we would not help our customers, we would simply give them a false feeling of having done something, that does not solves the underlying problem.
Kind regards, Tobias Herkula -- optivo GmbH Product Management (Infrastructure) ________________________________________ From: mailop <mailop-boun...@mailop.org> on behalf of David Hofstee <opentext.dhofs...@gmail.com> Sent: Thursday, November 2, 2017 11:19 To: Alexander Zeh Cc: mailop@mailop.org Subject: Re: [mailop] About the Certified Senders Alliance Hi Alexander, Welcome to Mailop. A few somewhat criticising questions on the CSA: - Complaint policy: What is the complaint policy for recipients? I tried to find it, but could not. Is anonymity guaranteed? Also not available in the data protection policy as found on the website. Please consider creating one. - Oversight: Do you have a group of people that monitor compliance of senders (and not just complaints)? - Unsubscribing. I subscribed to a few newsletters but I seem to notice a high "does not follow policy"-rate. Two examples (of 3 subscriptions, headers provided below): - Size of message: Google clips large messages. This is often where the unsubscribe link is. I did not see an unsubscribe link in this message. - List-Unsubscribe: Missing the required URL (requirement 2.21 of your admission criteria, see https://certified-senders.org/wp-content/uploads/2017/07/CSA_Admission_Criteria.pdf ). Were these not tested at admission? - Leadership: I think the authentication requirements in your policy are outdated. An ESP does not even need to support DMARC-type authentication nor is it a requirement for its customers to prove they are the real senders. Do you agree? Do you think the CSA should lead in setting requirements on these topics? Is the CSA able to change such requirements? Or is the CSA afraid of the current customer base (who might protest to adding authentication)? I would like to hear CSA's opinion on that. Yours, David Example of message too large; the unsubscribe link is no longer visible in Gmail: X-CSA-Complaints: whitelist-complai...@eco.de<mailto:whitelist-complai...@eco.de> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----msg_border_bwvxxxxx" Date: Thu, 14 Sep 2017 22:01:07 -0700 To: xyz From: HSE24 TV Programm <newslet...@angebote.hse24.de<mailto:newslet...@angebote.hse24.de>> Reply-To: HSE24 TV Programm <serv...@hse24.de<mailto:serv...@hse24.de>> Subject: Hui...jetzt wird's richtig stylisch Example of List-Unsubscribe not having URL: Date: Wed, 25 Oct 2017 15:01:33 +0000 (GMT) From: TUI <t...@email.tui.nl<mailto:t...@email.tui.nl>> Reply-To: t...@email.tui.nl<mailto:t...@email.tui.nl> To: xyz Message-ID: <43699742.JavaMail.app@rbg62.f2is> Subject: Welkom bij TUI MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_334583_459599753.150234563453456" x-mid: 2369485 X-CSA-Complaints: whitelist-complai...@eco.de<mailto:whitelist-complai...@eco.de> x-rpcampaign: sp2375598 Feedback-ID: pod6_15062_2375598_891291414:pod6_15062:ibmsilverpop x-job: 2375598 x-orgId: 15062 List-Unsubscribe: <mailto:v-removed-for-an...@bounce.email.tui.nl<mailto:v-removed-for-an...@bounce.email.tui.nl>?subject=Unsubscribe> On 1 November 2017 at 17:33, Alexander Zeh <alexander....@eco.de<mailto:alexander....@eco.de>> wrote: Hello everyone, a friend informed me about a topic going on about the Certified Senders Alliance on this mailing list. That’s why I joined it. I work for the CSA for many years now. First and foremost of all: It is definitely not true that a sender can join the CSA without any vetting. That statement bothered me a lot, because it’s a plain lie. Maybe because important information was lost in some communication between more than two parties, I don’t want to assume ill intent by anybody. In fact from every sender who wants to get certified and be whitelisted only about 10% make it through the whole process and are approved. Btw: the certification needs to be confirmed by the certification committee in which 2 seats out of 4 are major ISP partners. I totally agree that if you have delivery issues it shouldn’t be the first step to reach out any certification program to fix it. And this is not how CSA works. If a sender has delivery issues, in 99% these problems are justified and self made. So what the CSA does is, that in the process we find potential issues and help senders to align with current best practices aka. the CSA admission criteria. This whole process can take weeks and months and still many senders don’t achieve a certification in the end, because we take that very serious. Anybody on this mailing list, please feel free to have a look at our criteria and see for yourself if they are reasonable or not. As everything we do is completely transparent, you can find them on https://certified-senders.org/library either at the end, or you can select the type “CSA specific” to filter. Sorry about this rant-ish post, but we try our best to improve overall quality of senders, so the initial post kind of annoyed me. Anyway. I am open for discussion either here, direct with me or for example on the next M3AAWG meeting in person. Best Alex -- Best regards Alexander Zeh Engineering Manager --------------------------------------------------- eco - Association of the Internet Industry Certified Senders Alliance Lichtstrasse 43h 50825 Cologne Germany phone: +49 (0) 221 - 70 00 48 - 171<tel:+49%20221%20700048171> fax: +49 (0) 221 - 70 00 48 - 111<tel:+49%20221%20700048111> mobile: +49 (0) 171 - 657 2628<tel:+49%20171%206572628> e-mail: alexander....@eco.de<mailto:alexander....@eco.de> web: http://www.eco.de --------------------------------------------------- eco - Association of the Internet Industry CEO: Harald A. Summa Executive board: Prof. Michael Rotert (Chairman), Oliver Süme (Deputy Chairman), Klaus Landefeld, Felix Höger, Prof. Dr. Norbert Pohlmann Register of Associations: District court (Amtsgericht) Cologne, VR 14478 Registered office: Cologne _______________________________________________ mailop mailing list mailop@mailop.org<mailto:mailop@mailop.org> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop -- -- My opinion is mine. _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop