Re: [mailop] About the Certified Senders Alliance

Thu, 02 Nov 2017 03:56:00 -0700 

I'm working for an ESP who is member of the CSA and ECO and I'm one of the 
biggest contender on the authentication requirements front, I don't think that 
DMARC is an ESP responsibility, but think that an ESP should provide everything 
necessary so that a Brand can use DMARC. By forcing the ESP community of CSA to 
implement DMARC we would not help our customers, we would simply give them a 
false feeling of having done something, that does not solves the underlying 
problem.

Kind regards,

Tobias Herkula
--
optivo GmbH
Product Management (Infrastructure)
________________________________________
From: mailop <mailop-boun...@mailop.org> on behalf of David Hofstee 
<opentext.dhofs...@gmail.com>
Sent: Thursday, November 2, 2017 11:19
To: Alexander Zeh
Cc: mailop@mailop.org
Subject: Re: [mailop] About the Certified Senders Alliance

Hi Alexander,

Welcome to Mailop. A few somewhat criticising questions on the CSA:
- Complaint policy: What is the complaint policy for recipients? I tried to 
find it, but could not. Is anonymity guaranteed? Also not available in the data 
protection policy as found on the website. Please consider creating one.
- Oversight: Do you have a group of people that monitor compliance of senders 
(and not just complaints)?
- Unsubscribing. I subscribed to a few newsletters but I seem to notice a high 
"does not follow policy"-rate. Two examples (of 3 subscriptions, headers 
provided below):
     - Size of message: Google clips large messages. This is often where the 
unsubscribe link is. I did not see an unsubscribe link in this message.
     - List-Unsubscribe: Missing the required URL (requirement 2.21 of your 
admission criteria, see 
https://certified-senders.org/wp-content/uploads/2017/07/CSA_Admission_Criteria.pdf
 ). Were these not tested at admission?
- Leadership: I think the authentication requirements in your policy are 
outdated. An ESP does not even need to support DMARC-type authentication nor is 
it a requirement for its customers to prove they are the real senders. Do you 
agree? Do you think the CSA should lead in setting requirements on these 
topics? Is the CSA able to change such requirements? Or is the CSA afraid of 
the current customer base (who might protest to adding authentication)? I would 
like to hear CSA's opinion on that.

Yours,


David

Example of message too large; the unsubscribe link is no longer visible in 
Gmail:
X-CSA-Complaints: 
whitelist-complai...@eco.de<mailto:whitelist-complai...@eco.de>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----msg_border_bwvxxxxx"
Date: Thu, 14 Sep 2017 22:01:07 -0700
To: xyz
From: HSE24 TV Programm 
<newslet...@angebote.hse24.de<mailto:newslet...@angebote.hse24.de>>
Reply-To: HSE24 TV Programm <serv...@hse24.de<mailto:serv...@hse24.de>>
Subject: Hui...jetzt wird's richtig stylisch

Example of List-Unsubscribe not having URL:
Date: Wed, 25 Oct 2017 15:01:33 +0000 (GMT)
From: TUI <t...@email.tui.nl<mailto:t...@email.tui.nl>>
Reply-To: t...@email.tui.nl<mailto:t...@email.tui.nl>
To: xyz
Message-ID: <43699742.JavaMail.app@rbg62.f2is>
Subject: Welkom bij TUI
MIME-Version: 1.0
Content-Type: multipart/alternative; 
boundary="----=_Part_334583_459599753.150234563453456"
x-mid: 2369485
X-CSA-Complaints: 
whitelist-complai...@eco.de<mailto:whitelist-complai...@eco.de>
x-rpcampaign: sp2375598
Feedback-ID: pod6_15062_2375598_891291414:pod6_15062:ibmsilverpop
x-job: 2375598
x-orgId: 15062
List-Unsubscribe: 
<mailto:v-removed-for-an...@bounce.email.tui.nl<mailto:v-removed-for-an...@bounce.email.tui.nl>?subject=Unsubscribe>


On 1 November 2017 at 17:33, Alexander Zeh 
<alexander....@eco.de<mailto:alexander....@eco.de>> wrote:
Hello everyone,

a friend informed me about a topic going on about the Certified Senders 
Alliance on this mailing list. That’s why I joined it.
I work for the CSA for many years now.
First and foremost of all:
It is definitely not true that a sender can join the CSA without any vetting. 
That statement bothered me a lot, because it’s a plain lie. Maybe because 
important information was lost in some communication between more than two 
parties, I don’t want to assume ill intent by anybody. In fact from every 
sender who wants to get certified and be whitelisted only about 10% make it 
through the whole process and are approved. Btw: the certification needs to be 
confirmed by the certification committee in which 2 seats out of 4 are major 
ISP partners.
I totally agree that if you have delivery issues it shouldn’t be the first step 
to reach out any certification program to fix it. And this is not how CSA 
works. If a sender has delivery issues, in 99% these problems are justified and 
self made. So what the CSA does is, that in the process we find potential 
issues and help senders to align with current best practices aka. the CSA 
admission criteria.  This whole process can take weeks and months and still 
many senders don’t achieve a certification in the end, because we take that 
very serious.
Anybody on this mailing list, please feel free to have a look at our criteria 
and see for yourself if they are reasonable or not. As everything we do is 
completely transparent, you can find them on 
https://certified-senders.org/library either at the end, or you can select the 
type “CSA specific” to filter.

Sorry about this rant-ish post, but we try our best to improve overall quality 
of senders, so the initial post kind of annoyed me.

Anyway. I am open for discussion either here, direct with me or for example on 
the next M3AAWG meeting in person.

Best
Alex


--

Best regards


Alexander Zeh


Engineering Manager


---------------------------------------------------


eco - Association of the Internet Industry

Certified Senders Alliance


Lichtstrasse 43h

50825 Cologne

Germany


phone: +49 (0) 221 - 70 00 48 - 171<tel:+49%20221%20700048171>

fax: +49 (0) 221 - 70 00 48 - 111<tel:+49%20221%20700048111>

mobile: +49 (0) 171 - 657 2628<tel:+49%20171%206572628>

e-mail: alexander....@eco.de<mailto:alexander....@eco.de>

web: http://www.eco.de


---------------------------------------------------


eco - Association of the Internet Industry

CEO: Harald A. Summa

Executive board: Prof. Michael Rotert (Chairman), Oliver Süme (Deputy

Chairman), Klaus Landefeld, Felix Höger, Prof. Dr. Norbert Pohlmann

Register of Associations: District court (Amtsgericht) Cologne, VR 14478

Registered office: Cologne

_______________________________________________
mailop mailing list
mailop@mailop.org<mailto:mailop@mailop.org>
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop




--
--
My opinion is mine.

_______________________________________________
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Reply via email to