On 5/9/2018 8:04 AM, Stefano Bagnara wrote:
Contacting ivm or spamauditor they often say they have no "false
positives for the block" so they are uneasy removing it and they also
don't have (or don't share) the issue that originated the block (we
are talking about shared IPs/domains), and I understand this (I would
do the same). Also on my latest attempt the ivmuri contact form /
email seems to be dev/nulled.
<snip>
The fact is the recipient usually doesn't have a way (or doesn't know
how) to make this "false positive report"
Stefano,
(can't speak for spamauditor... but regarding invaluement...)
(1) To answer the question about "no false positive reports" - The
general idea is that whenever there is DESIRED or *truly*
permission-based messages that are blocked, then over time, feedback
from recipients *will* bubble-up to their ISPs/hosters - and if that
ISP/hoster is an invaluement subscriber - then in those RARE situations
where such a legit message was blocked due to invaluement data, we'll
then get feedback saying so. In fact, we have extremely good telemetry
these days and I sleep well at night having a confidence that the sky
won't fall the next day due to a nasty false positive slipping through
and making customers angry. (after 11 years of hard work and fine
tuning...) that pretty much never happens. I understand the "you can't
prove a negative" argument - but, additionally, we have a solid core
group of trusted 3rd party anti-spam security researchers who are able
to spot even very elusive FPs - and they have access to a password
protected backdoor form where they can delist immediately, and then we
do a follow-up investigation. These days, when that form is used, it is
typically dark-gray ESPs who are very questionable to begin with -
nothing alarming. (or someone got hacked - and then just fixed their
security problem). THIS is what I would have meant if I had said "no
false positives for the block" - and while that is just one factor - and
other things are considered, too - when weeks or months go by and the
ONLY delist requests are coming from the SENDER - and ZERO are coming
from the recipients - and zero are coming from their hosters and ISPs
who use our data - THAT IS A RED FLAG THAT RARELY HAPPENS FOR DESIRED MAIL!
(2) On April 28, 2017, I replied to one of your messages, provided you
with much very good information about the cause of your listings, and I
delisted your domain.
(3) last week, you emailed again - and while I didn't take the time to
reply (we were overloaded that day) - I gave you the benefit of the
doubt and immediately delisted your domain (again)
(4) you make it sound like you've been doing dozens and dozens of
unanswered requests over months of time - and you make it sound like
none of them have received a single answer. In fact, fwiw you've used
our formal delist process 4 times in the past 4 months - and we've take
action 3 times to assist you: one automated *immediate* delist of your
IP, one manual delist of your domain with a reply back to you giving you
hand-typed detailed information, and one silent delist of your domain
(not perfect, but FAR from the very negative impression I would have had
if I had read your post to MailOp, and didn't know the rest of the story!)
(5) But why are you not being given an even higher priority? And why do
you keep getting listed?:
(A) you're using garbage domains that have zero good reputation - and
they have home pages that look like a typical snow spammer's domains.
EXAMPLES: "mymailer DOT it" (with and without the "www.", or even with
the "app." host name you use on this domain). This isn't a crime, but it
is especially a good idea for ESPs to NOT use such zero-reputation
domains - and even to an anti-spam researcher manually checking this,
such results don't inspire confidence. Why? Because (as happened in this
case) when I'm researching delist requests and LOOKING for good
credibility to justify a delist... and the domain being requested has
home pages like THAT - it immediately informs me that the requester is
less worthy of my attention and respect. In general, use of "throwaway
domains" is not a best practice for ESP.
(b) Another development that has happenedĀ - since I sent you some
detailed information back on April 28, 2017 - since then - we've been
getting these message (that use this domain) sent from us from a 3rd
party spam feed - and the intended recipient is an obvious spamtrap hit.
If I were to show you the intended recipient's email address just by
itself - you would immediately know that this was a spamtrap address.
(that is all I'm going to say about it). You should make sure that your
customers are not purchasing lists, they should put captchas on their
signup forms, and they do confirmed opt-in.
Still, you're far from the worst, and that is one of the reasons you DID
get some assistance already, and why you did get delisted at times. I've
delisted this again, and I put something in place to make this harder to
relist - with the (hopefully not mistaken assumption!) that you're doing
to improve going forward.
NOTE: I'm estimating that you have one reply before the MailOp police
shut this thread down! This is probably not the proper use of this forum.
--
Rob McEwen
https://www.invaluement.com
+1 (478) 475-9032
_______________________________________________
mailop mailing list
[email protected]
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
