Badness adapts.
COI is critical, as is … bounce detection and detecting if a user never opens their mail. And don’t send signup confirmations out the same IP as regular list traffic. If the mail bounces, and the List software of Mail Op doesn’t notice, Bad Things Will Happen. If there’s not some form of closed loop confirmation of the email address, More and Different Bad Things Will Happen. The harassment du jour is Subscription Signup Bombing, where various people who have pissed off Bad People are signed up to … 2800 different web-based mailing lists per hour, Because They Can. Again, these Bad People can and typically do deploy CAPTCHA solvers against various Mailing List packages. Oh, and when sending out a signup confirmation, please specify an X-Originating-IP: header with said value. It helps us mitigate. An SMS validation might slow some of this craziness down. So would just junking each and every mailing list signup confirmation until the one that you did ask for shows up in your junk folder. The hassles of yester-year have given way to new hassles… lest one bad practice should corrupt the world. Or something. ☹ Aloha, Michael. -- Michael J Wise Microsoft Corporation| Spam Analysis "Your Spam Specimen Has Been Processed." Got the Junk Mail Reporting Tool<http://www.microsoft.com/en-us/download/details.aspx?id=18275> ? -----Original Message----- From: mailop <mailop-boun...@mailop.org> On Behalf Of Rob McEwen via mailop Sent: Thursday, May 9, 2019 4:29 PM To: Andrew C Aitchison <and...@aitchison.me.uk>; mailop <mailop@mailop.org> Subject: Re: [mailop] Bots, spam-traps and signup pages On 5/9/2019 5:43 PM, Andrew C Aitchison wrote: > On Thu, 9 May 2019, Rob McEwen via mailop wrote: >> The documents that Paul referenced in his last message - probably >> mentioned this somewhere - but I'll add that (in addition to the link >> above and doing confirmed-opt-in "COI") you should strongly encourage >> your customers to captcha-protect their signup forms to prevent bots >> from signing up spamtrap addresses. >> >> That has been happening OFTEN in recent years - and those who don't >> do COI and don't captcha-protect their forms (or some equivalent >> only-a-human-could-have-done-this protection) - are OFTEN getting >> blacklisted due to spamtrap addresses sneaking into their >> distribution lists. > > Is this deliberate enemy action or collateral damage ? > I'm finding it difficult to see why a general spam bot would sign spam > traps up to a mailing list, so guess that I am missing something ? Over the past few years, I've seen a distinct uptick in mailing lists getting blacklisted due to them sending to spamtrap address - where they claim that the signup happened on their website. In ALL such cases, the forms were not CAPTCHA-protected, and they weren't doing COI. I've never seen a single example of this happening where both CAPTCHA and COI was used. Most of these came into my system via 3rd party spam feeds. I've gone back to them and they all claim that they are NOT feeding their spam feeds with automated "entrapment" signups. So I'm still trying to figure this out, too. But the results of getting blacklisted when sending to egregious spamtrap addresses - can bring an otherwise legit business down to its knees. Why would spammers or hackers do this? I don't know. It could be an effort to harm blacklists by polluting their listings with items that are more marginal/legit - in order to try to cause false positives? Or it could be that they are spamming the form in an effort to get their spammy content delivered to the owner of the web site - and they are just throwing random addresses into the signup form (which then get added to the site owner's lead list if no CAPTCHA and COI was used?) I know this is happening - I know that those doing both CAPTCHA and COI are generally unaffected. I don't know all the details about how/why/who. But this is a real thing - and it happens often. (thankfully, my own blacklist's false positive-prevention filter - prevents the vast majority of these from becoming blacklistings - but the sending to spamtrap addresses means that the sender has lost control of their processes, fwiw) -- Rob McEwen https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.invaluement.com&data=02%7C01%7Cmichael.wise%40microsoft.com%7C51605e0ce64d4f7226db08d6d4d7287a%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636930417897330979&sdata=vLqc5qj0NmHzCARnBgctC8WoJ88cVb1D6En8d0wmZQ4%3D&reserved=0 _______________________________________________ mailop mailing list mailop@mailop.org<mailto:mailop@mailop.org> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fchilli.nosignal.org%2Fcgi-bin%2Fmailman%2Flistinfo%2Fmailop&data=02%7C01%7Cmichael.wise%40microsoft.com%7C51605e0ce64d4f7226db08d6d4d7287a%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636930417897330979&sdata=foDULZC2ZuBB3hivf48hTrIJ4yEOV2K10Uwknm4gWuA%3D&reserved=0
_______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop