Certainly not with all spam traps, but if someone is reviewing the data, and trying to decide what to do with a sample, an "Open" message might get sent in error.
But a reply should never be sent, and so a classical SpamTrap would not pass a COI test. ... unless it had gathered dust for a very long time, or the new domain's owner didn't follow the (Reject for 6 months to a year) BCP. Just MHO. Aloha, Michael. -- Michael J Wise Microsoft Corporation| Spam Analysis "Your Spam Specimen Has Been Processed." Got the Junk Mail Reporting Tool<http://www.microsoft.com/en-us/download/details.aspx?id=18275> ? -----Original Message----- From: mailop <mailop-boun...@mailop.org> On Behalf Of Stefano Bagnara Sent: Wednesday, March 7, 2018 4:39 PM To: Aaron C. de Bruyn via mailop <mailop@mailop.org> Subject: Re: [mailop] Hat color of list washers / validators On 8 March 2018 at 01:02, Laura Atkins <la...@wordtothewise.com<mailto:la...@wordtothewise.com>> wrote: > [...] > Sure, we agree. But there are folks who don’t agree with us. Some of > those folks run spamtrap networks that feel blocklist data. I think > it’s important to acknowledge that. At one point you could do COI and > still get on a blocklist because you sent to a spamtrap. That's why we need to find someone that is able to share real bits on the issues (who's who). We can't expect a provider to fix a bad habit (or to publicly explain there was a bug) if no one talks about it and people keep buying its services ignoring those issues. If they feed a blocklist like that and I buy a blocklist that is fed that way I'd be very disappointed. If they do that sistematically then they will create a lot of false positives and blocklist users will start complaining.. so I really hope/guess we're talking about a bug. > At one point you could do COI and > mail to folks who’d only opened an email in the past few weeks and > still get on a blocklist because you sent to a spamtrap. This affected > real senders who weren’t spamming. Just to make this more interesting, I think this may have a slighly different "story" that may be "right". 2014: I collect the addr...@example.com<mailto:addr...@example.com> email address 2015: the example.com domain expires, is bought by the spamtrap network that starts returning 511 this will become a spamtrap for 365 days. 2017: I decide to send an email to that address for the first time, I hit the spamtrap. Some network doesn't report back your first hit, instead they sometimes make opens/clicks, I don't know if they do that to simulate traffic or for some other reasons.. (hint: I saw clicks/opens from antivirus/antispam cloud providers IP spaces, but I don't know the reasons). 2 weeks later I send a second email only to people that opened in the last month, and addr...@example.com<mailto:addr...@example.com> is reported, correctly, as a spamtrap hit. So, it was COI, and I was writing only to openers from the last month, and still I hit a "3 years old repurposed spamtrap". Let's take into consideration that spamtrap network have to do their homework to avoid being identified easily, so if they never do opens/clicks they already put a big flash on them. So I think it is OK for a spamtrap to open/click or even reply to an email, but it is important that the email address has been in a "user unknown" state for at least 1 year (or something similar). Stefano _______________________________________________ mailop mailing list mailop@mailop.org<mailto:mailop@mailop.org> https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fchilli.nosignal.org%2Fcgi-bin%2Fmailman%2Flistinfo%2Fmailop&data=04%7C01%7Cmichael.wise%40microsoft.com%7C377d9c46bf224074aac308d5848dd208%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636560667008013336%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwifQ%3D%3D%7C-2&sdata=AS4CGxx3o0wgXYmNeuhM7xa3PqiX8b%2BigmQj8EcZIH4%3D&reserved=0
_______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop