On Wed, 12 Feb 2020, Scott Mutter via mailop wrote:
Look, I understand it's a thin line battling spam and abusive
behavior from mail servers. I've pleaded with many blacklist
operators to give me details as to why they are blacklisting one of
our servers. I can probably count on 1 hand how many times I've
gotten information from them in the 20+ years I've been doing this.
And I get it. If I'm a spammer and you disclose what is causing the
IP to be blacklisted, then I'll change my tactics to get around that
method.
But you've also got to see it from the other perspective. If I'm
not seeing any activity to indicate that the IP is sending out
spam... how do you expect me to stop whatever activity is causing
you to blacklist the server (I'm assuming you're blocking it because
of some type of activity... surely you're not blocking it just
because you can)?
Maybe other blacklists isn't a good indicator. But if the IP is not
listed in Spamhaus, Spamcop, Sorbs, Proofpoint, Symantec (lately I'm
having more issues with Symantec, so I'm not sure how reliable it is
anymore), and if the IP has a solid Senderscore and a good
reputation at Senderbase, and I'm literally just not seeing any
malicious activity on the server ... what else am I suppose to
check?
Does this fly, or am I missing something critical ?
If you block for content or black-listed host and there is a DMARC
reporting address report the appropriate details to the DMARC
reporting address(es) ?
OK, I haven't thought through when to use the connecting IP address
and when the sending domain to determine where to send reports.
--
Andrew C. Aitchison Kendal, UK
[email protected]
_______________________________________________
mailop mailing list
[email protected]
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
