Re: [mailop] Certified Senders Alliance

[Neil Youngman via mailop]

On 04/10/2019 12:34, Sebastian Kluth wrote:

Hi Neil, hi all,

„Eventually I was asked for permission to pass the email to the ESP as part of 
the investigation. Although I wasn't confident that any positive action would 
be taken, I expected that the emails would finally stop and that I would get 
some response from CSA. It is now October. The emails are still coming and 
there has been no further communication from CSA.“
We can absolutely not confirm that there was no response from the CSA. As you 
know there has been communication between us during March and April. Of course 
there has been action taken as we always take action in such cases: According 
to our 
https://certified-senders.org/wp-content/uploads/2017/07/CSA_Rules_of_Procedure.pdf
As you did not submit another complaint we simply didn´t know the emails are 
still coming. Please do not hesitate to contact us again in the future so that 
we´re aware and can take measures.


To be fair, there was an email in April telling me how they had acquired 
my address and asking if I was still receiving these emails. I replied 
restating the history and advising that I was still receiving emails. My 
summary seems to have been wrong in stating that you hadn't responded 
after getting permission to pass the data on, but I did not regard that 
as a substantive response. It just told me what I already knew and asked 
if I still had an issue.


As far as I was concerned the issue was not resolved at that point, but 
you seem to be implying that it was seen as resolved and I should have 
submitted a new complaint?



In this particular case now we will get in touch with you in a separate email 
in order to help here and stop the emails.


Thank you

Neil Youngman


Neil Youngman 
Developer

Wirefast Limited

Wirefast provides secure corporate messaging services.
See our messaging solutions at  http://www.wirefast.com/ 
Please consider the environment.

Does this email or attachment need to be printed?
This message contains confidential information and is intended only 
for the individual named. If you are not the named addressee you 
should not disseminate, distribute or copy this email. Please 
notify the sender immediately by email if you have received this 
email by mistake and delete this email from your system.


Any views or opinions are solely those of the author
and do not necessarily represent those of Wirefast Limited

Email transmission cannot be guaranteed to be secure or error-free 
as information could be intercepted, corrupted, lost, destroyed, 
arrive late or incomplete, or contain viruses. The sender therefore 
does not accept liability for any errors or omissions in the contents 
of this message which arise as a result of email transmission.

Wirefast Limited is registered in England & Wales
Company number: 03865860
Registered Office: 7/10 Chandos Street, Cavendish Square, London, W1G 9DQ

Wirefast definitions of classification can be found here: 
www.wirefast.com/classifications
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Certified Senders Alliance

[Sebastian Kluth via mailop]

Hi Neil, hi all,

we totally understand your frustration, this should just not happen. Let me 
comment a few things on your initial email:

„The initial response appeared to focus on email content and address 
collection, rather than the actual issue of unsubscription.“ 
Whenever we receive a complaint we do not only focus on the reason for 
complaining but look at any violation of our 
https://certified-senders.org/wp-content/uploads/2017/07/CSA_Admission_Criteria.pdf.
 So it is indeed possible that the complaints department mentioned different 
aspects on top of unsubscription.

„Eventually I was asked for permission to pass the email to the ESP as part of 
the investigation. Although I wasn't confident that any positive action would 
be taken, I expected that the emails would finally stop and that I would get 
some response from CSA. It is now October. The emails are still coming and 
there has been no further communication from CSA.“ 
We can absolutely not confirm that there was no response from the CSA. As you 
know there has been communication between us during March and April. Of course 
there has been action taken as we always take action in such cases: According 
to our 
https://certified-senders.org/wp-content/uploads/2017/07/CSA_Rules_of_Procedure.pdf
As you did not submit another complaint we simply didn´t know the emails are 
still coming. Please do not hesitate to contact us again in the future so that 
we´re aware and can take measures.
In this particular case now we will get in touch with you in a separate email 
in order to help here and stop the emails.

@Other commentators: 

•   We do not profit from subscriptions, certified senders pay a monthly fee
•   Yes, there is an invitation to request a non-binding offer. This is an 
offer for the assessment and does not equal a certification.
•   Yes, the CSA is totally about best practises
•   Participants (certified senders and participating providers) can be 
found here: https://certified-senders.org/participants/

Best Regards
Sebastian Kluth

Technical Lead CSA
Certified Senders Alliance
eco - Verband der Internetwirtschaft e.V.
Lichtstr. 43h
50825 Köln
Desk: +49 221 700 048 151
Mobile: +49 160 924 753 55

E-Mail: sebastian.kl...@eco.de
 
eco – Verband der Internetwirtschaft e.V. 
Hauptgeschäftsführer: Harald A. Summa 
Geschäftsführer: Alexander Rabe
Vorstand: Oliver Süme (Vorsitzender), Klaus Landefeld (stv. Vorsitzender), 
Felix Höger, Prof. Dr. Norbert Pohlmann 
Vereinsregister: Amtsgericht Köln, VR 14478 
Sitz des Vereins: Köln



-Ursprüngliche Nachricht-
Von: mailop  Im Auftrag von Alessandro Vesely via 
mailop
Gesendet: Freitag, 4. Oktober 2019 11:20
An: Neil Youngman 
Cc: mailop@mailop.org
Betreff: Re: [mailop] Certified Senders Alliance

On Thu 03/Oct/2019 12:31:43 +0200 Neil Youngman via mailop wrote:
> On 03/10/2019 10:07, Alessandro Vesely wrote:
>> On Thu 03/Oct/2019 09:46:35 +0200 Neil Youngman via mailop wrote:
>>>
>>> On 23rd March, I looked into their data protection details. The 
>>> contact was the same customer care email that was failing to resolve 
>>> the issue.
>>>
>>> Looking at the email headers, I saw that they, or their ESP, were
>>
>>
>> Out of curiosity, would you quote the relevant header fields?  And 
>> how do you check that what they claim is true?
> 
> The header was probabky "X-CSA-Complaints: 
> whitelist-complai...@eco.de". That's what I see in the latest message.
> 
> I probably Googled that header to confirm that it pointed to the 
> Certified Senders Alliance and, as they accepted the complaint, I 
> guess it must have been one of their members.


It goes without saying that such header does not by itself prove the 
affiliation.  I can add one such header to this message without being 
affiliated.

I browsed their site and found the price list[*] sooner than the FAQs[†].  The 
very last section is For Mailbox Providers and Spam Filter Providers, but 
doesn't actually tell how to verify if a sender is whitelisted.  I wrote them 
asking for more info.


>> Anyway, who is their ESP?
>>
>> ESPs have strict policies, to avoid being considered spammers.  When 
>> I had difficulty unsubscribing, writing a sharp message to the ESP 
>> provoked an immediate reaction.
> 
> According to the CSA the ESP is Redeye International and they are a 
> CSA certified sender. I haven't dug into that as the CSA header was 
> the first point of contact I came across. I have tried the CSA 
> complaint route and have left it at that, so far.


I cannot find that name in their affiliated website[‡], possibly because that 
site works badly (maybe they're maintaining it right now?)


Best
Ale
-- 

[*] https://certified-se

Re: [mailop] Certified Senders Alliance

[Benjamin BILLON via mailop]

> I browsed their site and found the price list[*] sooner than the FAQs[†].  
> The very last section is For Mailbox Providers and Spam Filter Providers, but 
> doesn't actually tell how to verify if a sender is whitelisted.  I wrote them 
> asking for more info.

Interesting. 

The "Participants" page is available from the header: 
https://certified-senders.org/participants/ (Redeye is listed in it)
Same for the FAQ, actually.
I could only find the "Pricing" document by using the lookup tool... am I that 
bad at browsing websites? 

> I cannot find that name in their affiliated website[‡], possibly because that 
> site works badly (maybe they're maintaining it right now?)

This website is independent, and only related to CSA because they'd display the 
CSA Certification label on it (based on whether the ESP is or is not certified).
It's not supposed to be down though, I'm poking the owner in case he's not 
aware ...

--
Benjamin 
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Certified Senders Alliance

[Alessandro Vesely via mailop]

On Thu 03/Oct/2019 12:31:43 +0200 Neil Youngman via mailop wrote:
> On 03/10/2019 10:07, Alessandro Vesely wrote:
>> On Thu 03/Oct/2019 09:46:35 +0200 Neil Youngman via mailop wrote:
>>>
>>> On 23rd March, I looked into their data protection details. The
>>> contact was the same customer care email that was failing to resolve
>>> the issue.
>>>
>>> Looking at the email headers, I saw that they, or their ESP, were
>>
>>
>> Out of curiosity, would you quote the relevant header fields?  And how do you
>> check that what they claim is true?
> 
> The header was probabky "X-CSA-Complaints: whitelist-complai...@eco.de". 
> That's
> what I see in the latest message.
> 
> I probably Googled that header to confirm that it pointed to the Certified
> Senders Alliance and, as they accepted the complaint, I guess it must have 
> been
> one of their members.


It goes without saying that such header does not by itself prove the
affiliation.  I can add one such header to this message without being 
affiliated.

I browsed their site and found the price list[*] sooner than the FAQs[†].  The
very last section is For Mailbox Providers and Spam Filter Providers, but
doesn't actually tell how to verify if a sender is whitelisted.  I wrote them
asking for more info.


>> Anyway, who is their ESP?
>>
>> ESPs have strict policies, to avoid being considered spammers.  When I had
>> difficulty unsubscribing, writing a sharp message to the ESP provoked an
>> immediate reaction.
> 
> According to the CSA the ESP is Redeye International and they are a CSA
> certified sender. I haven't dug into that as the CSA header was the first 
> point
> of contact I came across. I have tried the CSA complaint route and have left 
> it
> at that, so far.


I cannot find that name in their affiliated website[‡], possibly because that
site works badly (maybe they're maintaining it right now?)


Best
Ale
-- 

[*] https://certified-senders.org/wp-content/uploads/2017/07/CSA_Price_List.pdf
[†] https://certified-senders.org/faq/
[‡] https://www.emailvendorselection.com/email-service-provider-list/






















___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Certified Senders Alliance

[Support 3Hound via mailop]

Opposite experience also for me.
Working in the past for an ESP (that was both SuretyMail and CSA 
certified) I received some complaints from CSA.
The complaint process asks also to demonstrate that the data was 
correctly collected (site, timestamps, IP, privacy statement accepted, 
privacy flag text on the form).

They seems to work as "arbitrator" but:

 * complaints sometimes comes after months from the user and they
   always accept them (very strange that it happens seems to be forged)
 * they keep sometimes the complaint for a long period (also months)
   before ask for the data
 * as ESP we was asking to the customer the original data and sometimes
   48 hours wasn't enough time to find the data manager in office
 * even if there were all the possible data replied back in the same
   day of the request, a reprimand was always given

Sometimes they asked for data but customer wasn't any more using the ESP 
so we cannot get data to avoid accessing data without the consent (we 
wasn't any more data processor for that customer) but a reprimand was 
anyway given.
One time the user write both us and to the ECO, asking just to be 
unsubscribed and when/where he was subscribed.
We unsubscribed the user the same day and replied him with his 
subscription data, the user replied us "thank you", ECO was always kept 
in CC.
After a couple of weeks, they asked for data for the same complaint. We 
replied all the necessary data but the reprimand was given.


IMHO they really care about best practice but the ESP was always 
considered guilty if a complaint is given and it's not correct.
I also seen a very famous European marketing logic platform suspended 
for repeated reprimand so CSA probably doesn't care about how big is the 
company, they just apply their rules.


Note. I also asked the certification for the actual company and they 
decided not to give it us because of "warnings of content scanner" and 
no, we wasn't sending any "less than first class" content.
They probably sniffed some spam subscription or comments notified to our 
staff mailboxes (hosted on google apps) but they didn't said it us, just 
a negative result after 5 months from the application.

Hope it can help.

--
Stefano

Il 03/10/2019 18.51, Benjamin BILLON via mailop ha scritto:

I have the exact opposite experience and feeling.

The few times people complained to CSA about emails sent through our network, 
their complaint office contacted us (NOT in a timely manner as they seem quite 
busy), asking to provide some information such as the context of consent 
collection, that we had to provide within 3 business days. Failing to deliver, 
or failing to provide proof of lawful consent (German law isn't kidding) would 
result in a reprimand, and getting reprimands can lead to being suspended or 
excluded from the certification.
Their admission criteria and rules of procedures are publicly available: 
https://certified-senders.org/wp-content/uploads/2017/07/CSA_Admission_Criteria.pdf 
& 
https://certified-senders.org/wp-content/uploads/2017/07/CSA_Rules_of_Procedure.pdf
Violations are also publicly available: 
https://certified-senders.org/participants/
CSA is part of ECO, and they don't only deal with spam, but a various range of 
malicious or illegal stuff (think child porn).

On the other hand, RP initially asked for all the email traffic of a brand to 
be certified, but that changed overtime, because well, there are some traffics 
that are not certifiable, and brands still want to send those.
Also, when a certification is suspended (in the case of our clients, usually 
because of Microsoft SRD), not much is done. Although suspended, the invoicing 
isn't.

We were certified by ISIPP (as an ESP) many years ago, and I don't remember 
going through an extensive check process for that. As we didn't see any 
improvement in the deliverability, we stopped not long after.

I'm not saying your business models are bad, but implying that CSA is all about 
the money, it's the pot calling the kettle black.
At least from my Europe-based experience.

--
Benjamin

-Original Message-
From: mailop  On Behalf Of Anne P. Mitchell, Esq. 
via mailop
Sent: jeudi 3 octobre 2019 17:22
To: Mail Op 
Subject: Re: [mailop] Certified Senders Alliance

The CSA has, to the best of my knowledge, never been about best practices, let 
alone about enforcing them.  The only two organizations anywhere that are truly 
about certifying email senders because they are following best practices are 
(again, to the best of my knowledge), Return Path and us.

Anne

--
Anne P. Mitchell, Attorney at Law
Dean of Cybersecurity & Cyberlaw, Lincoln Law School of San Jose CEO/President, 
SuretyMail Email Reputation Certification
Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law) 
Legislative Consultant GDPR, CCPA (CA) & CCDPA (CO) Compliance Consultant Board 
of Directors, Denver Internet Exchange

Re: [mailop] Certified Senders Alliance

[John Levine via mailop]

In article <3827efcb-337f-4456-9fb8-6eff4a5d9...@isipp.com> you write:
>The CSA has, to the best of my knowledge, never been about best practices

You're mistaken.  Their criteria are here:

https://certified-senders.org/wp-content/uploads/2017/07/CSA_Admission_Criteria.pdf

I've sent complaints which have been taken seriously.  I'm surprised
to hear they botched this one.


___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Certified Senders Alliance

[Anne P. Mitchell, Esq. via mailop]

> We were certified by ISIPP (as an ESP) many years ago, and I don't remember 
> going through an extensive check process for that.

You did. :-)  However it was all in the background, based on your responses to 
your application. 

> As we didn't see any improvement in the deliverability, we stopped not long 
> after.

That was back in 2009, so I don't have immediate access to your info, however I 
do hope that you told our staff that, and also brought any deliverability 
problems you were having to our attention - we can't help with issues that we 
don't know about.  If you'd like to try again, we'd be happy to waive the 
reapplication fee (tell them I said so :-) )

Anne

--

Anne P. Mitchell, Attorney at Law
Dean of Cybersecurity & Cyberlaw, Lincoln Law School of San Jose
CEO/President, Institute for Social Internet Public Policy
SuretyMail Email Reputation Certification
Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law)
Legislative Consultant
GDPR, CCPA (CA) & CCDPA (CO) Compliance Consultant
Board of Directors, Denver Internet Exchange
Board of Directors, Asilomar Microcomputer Workshop
Legal Counsel: The CyberGreen Institute
Former Counsel: Mail Abuse Prevention System (MAPS)
Location: Boulder, Colorado



___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Certified Senders Alliance

[Benjamin BILLON via mailop]

I have the exact opposite experience and feeling.

The few times people complained to CSA about emails sent through our network, 
their complaint office contacted us (NOT in a timely manner as they seem quite 
busy), asking to provide some information such as the context of consent 
collection, that we had to provide within 3 business days. Failing to deliver, 
or failing to provide proof of lawful consent (German law isn't kidding) would 
result in a reprimand, and getting reprimands can lead to being suspended or 
excluded from the certification. 
Their admission criteria and rules of procedures are publicly available: 
https://certified-senders.org/wp-content/uploads/2017/07/CSA_Admission_Criteria.pdf
 & 
https://certified-senders.org/wp-content/uploads/2017/07/CSA_Rules_of_Procedure.pdf
Violations are also publicly available: 
https://certified-senders.org/participants/
CSA is part of ECO, and they don't only deal with spam, but a various range of 
malicious or illegal stuff (think child porn).

On the other hand, RP initially asked for all the email traffic of a brand to 
be certified, but that changed overtime, because well, there are some traffics 
that are not certifiable, and brands still want to send those. 
Also, when a certification is suspended (in the case of our clients, usually 
because of Microsoft SRD), not much is done. Although suspended, the invoicing 
isn't.

We were certified by ISIPP (as an ESP) many years ago, and I don't remember 
going through an extensive check process for that. As we didn't see any 
improvement in the deliverability, we stopped not long after.

I'm not saying your business models are bad, but implying that CSA is all about 
the money, it's the pot calling the kettle black.
At least from my Europe-based experience.

--
Benjamin 

-Original Message-
From: mailop  On Behalf Of Anne P. Mitchell, Esq. 
via mailop
Sent: jeudi 3 octobre 2019 17:22
To: Mail Op 
Subject: Re: [mailop] Certified Senders Alliance

The CSA has, to the best of my knowledge, never been about best practices, let 
alone about enforcing them.  The only two organizations anywhere that are truly 
about certifying email senders because they are following best practices are 
(again, to the best of my knowledge), Return Path and us.

Anne

--
Anne P. Mitchell, Attorney at Law
Dean of Cybersecurity & Cyberlaw, Lincoln Law School of San Jose CEO/President, 
SuretyMail Email Reputation Certification
Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law) 
Legislative Consultant GDPR, CCPA (CA) & CCDPA (CO) Compliance Consultant Board 
of Directors, Denver Internet Exchange Former Counsel: Mail Abuse Prevention 
System (MAPS)


___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Certified Senders Alliance

[Tim Bray via mailop]

On 03/10/2019 08:46, Neil Youngman via mailop wrote:

It is now October. The emails are still coming and there has been no
further communication from CSA.


I'd be tempted to complain to the information commissioner.   You are 
lucky because you actually know who is sending the stuff, and they are 
in the UK.


https://ico.org.uk/make-a-complaint/nuisance-calls-and-messages/spam-emails/

I doubt the ICO will take formal action, but contact from the ICO might 
focus the mind.  There might just be other people complaining.


(or just block the senders domain)

Tim


___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Certified Senders Alliance

[Neil Youngman via mailop]

On 03/10/2019 10:07, Alessandro Vesely wrote:


On Thu 03/Oct/2019 09:46:35 +0200 Neil Youngman via mailop wrote:


On 23rd March, I looked into their data protection details. The
contact was the same customer care email that was failing to resolve
the issue.

Looking at the email headers, I saw that they, or their ESP, were



Out of curiosity, would you quote the relevant header fields?  And how do you
check that what they claim is true?


The header was probabky "X-CSA-Complaints: whitelist-complai...@eco.de". 
That's what I see in the latest message.


I probably Googled that header to confirm that it pointed to the 
Certified Senders Alliance and, as they accepted the complaint, I guess 
it must have been one of their members.



Anyway, who is their ESP?

ESPs have strict policies, to avoid being considered spammers.  When I had
difficulty unsubscribing, writing a sharp message to the ESP provoked an
immediate reaction.


According to the CSA the ESP is Redeye International and they are a CSA 
certified sender. I haven't dug into that as the CSA header was the 
first point of contact I came across. I have tried the CSA complaint 
route and have left it at that, so far.


Neil Youngman


Neil Youngman 
Developer

Wirefast Limited

Wirefast provides secure corporate messaging services.
See our messaging solutions at  http://www.wirefast.com/ 
Please consider the environment.

Does this email or attachment need to be printed?
This message contains confidential information and is intended only 
for the individual named. If you are not the named addressee you 
should not disseminate, distribute or copy this email. Please 
notify the sender immediately by email if you have received this 
email by mistake and delete this email from your system.


Any views or opinions are solely those of the author
and do not necessarily represent those of Wirefast Limited

Email transmission cannot be guaranteed to be secure or error-free 
as information could be intercepted, corrupted, lost, destroyed, 
arrive late or incomplete, or contain viruses. The sender therefore 
does not accept liability for any errors or omissions in the contents 
of this message which arise as a result of email transmission.

Wirefast Limited is registered in England & Wales
Company number: 03865860
Registered Office: 7/10 Chandos Street, Cavendish Square, London, W1G 9DQ

Wirefast definitions of classification can be found here: 
www.wirefast.com/classifications
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Certified Senders Alliance

[Alessandro Vesely via mailop]

On Thu 03/Oct/2019 09:46:35 +0200 Neil Youngman via mailop wrote:
> 
> By the 16th of February it was clear that the unsubscribe was not
> working, so I emailed their customer service team. They responded on
> the 17th telling me that they would look int the problem and they had
> removed me from their mailing list.
> 
> By the middle of March there was no change, so I emailed them again on
> 15th March. This time they did not bother to reply.
> 
> On 23rd March, I looked into their data protection details. The
> contact was the same customer care email that was failing to resolve
> the issue.
> 
> Looking at the email headers, I saw that they, or their ESP, were


Out of curiosity, would you quote the relevant header fields?  And how do you
check that what they claim is true?


Anyway, who is their ESP?

ESPs have strict policies, to avoid being considered spammers.  When I had
difficulty unsubscribing, writing a sharp message to the ESP provoked an
immediate reaction.


> members of CSA, so I submitted a complaint to the CSA. The initial
> response appeared to focus on email content and address collection,
> rather than the actual issue of unsubscription.
> 
> Eventually I was asked for permission to pass the email to the ESP as
> part of the investigation. Although I wasn't confident that any
> positive action would be taken, I expected that the emails would
> finally stop and that I would get some response from CSA.
> 
> It is now October. The emails are still coming and there has been no
> further communication from CSA.


CSA apparently profit from subscriptions.  Indeed, in their site[*] there is an
invitation to "request a non-binding offer".  That model looks like conflict of
interest to me.

Compare that model with companies who whitelist for free and profit from data
download by receivers to check whitelisting.



Best
Ale
-- 


[*] https://certified-senders.org/certification-process/
















___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

[mailop] Certified Senders Alliance

[Neil Youngman via mailop]

In January I decided to unsubscribe from the Thompson and Morgan
mailing lists. Thompson and Morgan are a well known supplier of seeds
and plants in the UK. I have bought from them twice in the last 2 or 3
years, but I felt that getting at least one email a day, sometimes
more from a company I only buy from very occasionally was excessive.

I didn't anticipate any issues with unsubscribing. I just clicked
through the unsubscribe link and may have confirmed the request of
that was required. After 2 weeks, email was still arriving, so I tried
again.

By the 16th of February it was clear that the unsubscribe was not
working, so I emailed their customer service team. They responded on
the 17th telling me that they would look int the problem and they had
removed me from their mailing list.

By the middle of March there was no change, so I emailed them again on
15th March. This time they did not bother to reply.

On 23rd March, I looked into their data protection details. The
contact was the same customer care email that was failing to resolve
the issue.

Looking at the email headers, I saw that they, or their ESP, were
members of CSA, so I submitted a complaint to the CSA. The initial
response appeared to focus on email content and address collection,
rather than the actual issue of unsubscription.

Eventually I was asked for permission to pass the email to the ESP as
part of the investigation. Although I wasn't confident that any
positive action would be taken, I expected that the emails would
finally stop and that I would get some response from CSA.

It is now October. The emails are still coming and there has been no
further communication from CSA. 

Neil Youngman



___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Certified Senders Alliance

[Philip Paeps]

On 2017-11-01 08:28:39 (-0500), Alexander Burch wrote:
What is the general opinion of the Certified Senders Alliance? 


I receive quite a lot of spam with an `X-CSA-Complaints` header pointing
at ...

Does anyone find it impactful for delivery? They offered to let us join 
without any vetting, just sent us a bill for $___ without any 
questions. If there is no vetting process I have a hard time seeing how 
it would validate any sender as trustworthy.


I consider the presence of `X-CSA-Complaints` header to be a weak 
indicator of spam.


Philip

--
Philip Paeps
Senior Reality Engineer
Ministry of Information

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Certified Senders Alliance

[Kurt Jaeger]

Hi!

> What is the general opinion of the Certified Senders Alliance?

I had one case with them in 2009, which ended *very* unpleasent.

We had some spam case from one of their members, complaint by phone and
a few minutes later one of our internal addresses got subscribed via
some Tor relay to some spam lists.

They are a project of ECO, and we complained as member company of ECO.

Got nowhere.

-- 
p...@opsec.eu+49 171 3101372 3 years to go !

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Certified Senders Alliance

[Benoit Panizzon]

Hi

I made mixed experience with CSA.

Their 'complaints' team does react quickly on complaints and also
document the number of complaints they receive per CSA Member.

But by 'reacting' they just acknowledge the complaints and document the
complaint. Not much more happens to make the problem stop.

A big known spamer in germany managed to become CSA member a couple of
years ago.

Well the CSA complaints count for this member skyrocketed. But it took
more than two years for the CSA to finally get rid of that member. (Or
more precisely, tell to get the ESP that was more or less in possession
of the spamer, that they would loose their membership if they would
continue their business with this particular customer)

And as I now browse the 'members' list of CSA I can find at least one
company that keeps being involved in sending spam (from the same
customer mentioned above who then changed ESP) to email address that
were harvested or obtained in a similar manner, but for sure not by
double opt-in.

So from the view-point of an ISP mail platform spamfilter operator, I am
neutral. I don't score them negative nor positive at the moment.

Scoring them for spam could impact a lot of legitimate email from
serious members who paid to have their email less likely flagged as
spam.

Unfortunately the handfull of abusers who have become CSA members also
prevent me from scoring them as ham.

But I find it's a bit questionable if they ask for money from their
members with the promise that their emails will less likely be tagged
as spam. This is not the case, here in Switzerland at least as I
believe.

-Benoît Panizzon-
-- 
I m p r o W a r e   A G-Leiter Commerce Kunden
__

Zurlindenstrasse 29 Tel  +41 61 826 93 00
CH-4133 PrattelnFax  +41 61 826 93 01
Schweiz Web  http://www.imp.ch
__

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Certified Senders Alliance

[David Hofstee]

The rules they offer are "normal" for an ESP. I have complained personally,
a couple of times (to the address they make you add in the headers). Did
not get any response on that (repeatedly).

Microsoft and Yahoo are partners of the CSA. Terry posted something on
it but I can't remember what they do with that membership. Personally the
only value I see is an open communication channel for senders/receivers if
something goes wrong. At least that is what I would expect.

Yours,


David

On 1 November 2017 at 16:26, Steve Atkins  wrote:

>
> > On Nov 1, 2017, at 6:28 AM, Alexander Burch 
> wrote:
> >
> > What is the general opinion of the Certified Senders Alliance? Does
> anyone find it impactful for delivery? They offered to let us join without
> any vetting, just sent us a bill for $___ without any questions. If there
> is no vetting process I have a hard time seeing how it would validate any
> sender as trustworthy.
>
> The advice they offer is good, and if you follow it it will likely improve
> your delivery[1], regardless of whether you pay them or are added to their
> whitelist. Just like the other certification programs.
>
> If your mail is marginal / borderline enough that it's getting blocked,
> but also marginal / borderline enough that it's stats aren't so bad and you
> can contact the ISP to have them have a postmaster put eyeballs on your
> mailstream, and they're an ISP that uses CSA data, then your being listed
> there might, if the stats are otherwise 50/50, persuade the postmaster to
> give you the benefit of the doubt.
>
> e.g. https://blogs.msdn.microsoft.com/tzink/2017/07/06/how-we-
> use-the-certified-senders-alliance-ip-reputation-list/
>
> There are lots of other things you can do to signal the virtue of your
> policies and procedures, and buying your way into certification should be
> nearer the end of that list than the beginning.
>
> Cheers,
>   Steve
>
> [1] You can get advice just as good, and sometimes better, from places
> that aren't asking you to buy your way into a certification program.
>
> --
> -- Steve Atkins -- https://wordtothewise.com/
> ___
> mailop mailing list
> mailop@mailop.org
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
>



-- 
--
My opinion is mine.
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Certified Senders Alliance

[Steve Atkins]

> On Nov 1, 2017, at 6:28 AM, Alexander Burch  wrote:
> 
> What is the general opinion of the Certified Senders Alliance? Does anyone 
> find it impactful for delivery? They offered to let us join without any 
> vetting, just sent us a bill for $___ without any questions. If there is no 
> vetting process I have a hard time seeing how it would validate any sender as 
> trustworthy. 

The advice they offer is good, and if you follow it it will likely improve your 
delivery[1], regardless of whether you pay them or are added to their 
whitelist. Just like the other certification programs.

If your mail is marginal / borderline enough that it's getting blocked, but 
also marginal / borderline enough that it's stats aren't so bad and you can 
contact the ISP to have them have a postmaster put eyeballs on your mailstream, 
and they're an ISP that uses CSA data, then your being listed there might, if 
the stats are otherwise 50/50, persuade the postmaster to give you the benefit 
of the doubt. 

e.g. 
https://blogs.msdn.microsoft.com/tzink/2017/07/06/how-we-use-the-certified-senders-alliance-ip-reputation-list/

There are lots of other things you can do to signal the virtue of your policies 
and procedures, and buying your way into certification should be nearer the end 
of that list than the beginning.

Cheers,
  Steve

[1] You can get advice just as good, and sometimes better, from places that 
aren't asking you to buy your way into a certification program.

-- 
-- Steve Atkins -- https://wordtothewise.com/
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Certified Senders Alliance

[Laura Atkins]

They’re useful / important if you’re mailing into certain EU-centric consumer 
email providers - .de being the big one. But if your market is primarily US or 
webmail providers it’s not a huge priority.

laura 


> On Nov 1, 2017, at 6:28 AM, Alexander Burch  wrote:
> 
> What is the general opinion of the Certified Senders Alliance? Does anyone 
> find it impactful for delivery? They offered to let us join without any 
> vetting, just sent us a bill for $___ without any questions. If there is no 
> vetting process I have a hard time seeing how it would validate any sender as 
> trustworthy. 
> 
> Thanks,
> Alex
> 
> 
>   
> Alex Burch
> ActiveCampaign / Deliverability Lead
> (800) 357-0402
> abu...@activecampaign.com 
> 1 N. Dearborn St., Chicago , Il 60602, United States
>    
>   
> ___
> mailop mailing list
> mailop@mailop.org
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

-- 
Having an Email Crisis?  800 823-9674 

Laura Atkins
Word to the Wise
la...@wordtothewise.com
(650) 437-0741  

Email Delivery Blog: http://wordtothewise.com/blog  






___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Certified Senders Alliance

[Bill Cole]

On 1 Nov 2017, at 9:28 (-0400), Alexander Burch wrote:


What is the general opinion of the Certified Senders Alliance?


Never heard of them before today... They appear to be mostly oriented to 
the German and Deutschophone European markets.


(Note that I've run mail systems for German entities' subsidiaries in 
the US as well as for a Swiss email hosting operation.)



Does anyone
find it impactful for delivery?


As someone who has worked predominantly on the receiving side and on 
anti-spam tools, including work for receivers in their region of focus, 
the fact that I've never heard of them before may be an indicative data 
point. It may also be worth noting that I'm a pretty hardline 
anti-spammer, my boss in CH was even less forgiving to a degree that 
caused false positives, and yet we never had anyone ask us to 
participate in CSA or point to them as evidence of good intention.



They offered to let us join without any
vetting, just sent us a bill for $___ without any questions. If there 
is no
vetting process I have a hard time seeing how it would validate any 
sender

as trustworthy.


Having looked at their site, it appears that senders self-certify by 
asserting that they follow the CSA rules. So yes: CSA is certifying that 
senders' checks clear when paying for a positive reputation.


With that said, they DO solicit complaints all over their site, so it is 
certainly possible that they follow the model that has dominated the 
purchased reputation industry forever: trust until shown refuting 
evidence.



--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://linkedin.com/in/billcole

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

[mailop] Certified Senders Alliance

[Alexander Burch]

What is the general opinion of the Certified Senders Alliance? Does anyone
find it impactful for delivery? They offered to let us join without any
vetting, just sent us a bill for $___ without any questions. If there is no
vetting process I have a hard time seeing how it would validate any sender
as trustworthy.

Thanks,
Alex


Alex Burch
ActiveCampaign / Deliverability Lead
(800) 357-0402
abu...@activecampaign.com
1 N. Dearborn St., Chicago , Il 60602, United States



___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop