Re: [anti-abuse-wg] Abuse: Too big to fail

2017-06-21 Thread abos34

Re: [anti-abuse-wg] Abuse: Too big to fail

2017-06-19 Thread ox 
ned to Ebay's abuse email address and was ignored. I even
> found an abuse address in the RIPE Database and complained, but still
> ignored. In the end I solved the problem another way.
> 
> cheersdenis
> 
> 
>   From: ox 
>  To: Volker Greimann  
> Cc: anti-abuse-wg@ripe.net
>  Sent: Monday, 19 June 2017, 17:30
>  Subject: Re: [anti-abuse-wg] Abuse: Too big to fail
>
> On Mon, 19 Jun 2017 17:15:35 +0200
> Volker Greimann  wrote:
> 
> Hi Volker :)
> 
> > It seems there is a definition issue here. I am sure Twitter does
> > not intentionally spam its users, but many users that receive
> > messages from Twitter think of these as spam.
> >   
> Not to be pedantic, but as Twitter is aware of their abuse and does
> not do anything to stop it - Twitter does intentionally spam and
> enable criminals.
> 
> The emails are sent from Twitter infrastructure, so therefore =
> Twitter.
> 
> As Twitter ignores and refuses abuse reports, this indicates non
> willingness to cease abuse, investigate abuse and stop enabling
> criminals.
> 
> And Twitter abuse is ongoing...
> 
> They are multiple repeat offenders that are 'special' spammers.
> 
>  
> > What is probably true:
> > 
> > - Real spammers may be abusing the infrastructure offered by Twitter
> > to spam and Twitter is unable/unwilling to take action to stop this
> >   
> 
> Twitter are 'real' spammers :)
> 
> and yes, their infrastructure enables many other nefarious creatures.
> 
> > - Twitter account holders have their settings set up that they
> > receive too many notifications that they do not really want.
> > Solving the second is easy: Just change your notification settings.
> >   
> none of the thousands of abuse I see are from any real people...
> so, non relevant, in my case :)
> 
> personally I do have a Twitter account and have nothing personal
> against or for Twitter. I have no agenda or anything other than to
> simply state that there are multinationals that are evil and to point
> out that playing fields are not level...
> 
> 
> > Volker
> > 
> > PS: It may be helpful to say exactly which messages you consider
> > spam instead of opening up with the big guns right away but without 
> > sufficient detail to verify your claims.
> >   
> 
> Emails to trusted spamtraps - are spam
> 
> Emails to stolen data - is criminal activity & also spam
> 
> Emails to non existent people at non existent email addresses - is
> spam/abuse
> 
> Emails continuing after requests to stop - is spam/abuse 
> 
> Forever 'confirmation emails' (as in more than 10) - is spam/abuse
> 
> Andre
> 
> > 
> > Am 19.06.2017 um 17:08 schrieb ox:  
> > > If I do actually look at the abuse lists that list the spammer,
> > > Twitter
> > > - they are sorbs, etc and have a reputation for ethical behavior..
> > >
> > > What is interesting is how you & michele defend the spammer
> > >
> > > One has to wonder whether it is because the fact that Twitter is
> > > an evil spammer hurts you guys personally?
> > >
> > > Or if you are products (have twitter etc) accounts and the truth
> > > hurts?
> > >
> > > If you love the Twitter spammer that much, why do you not try to
> > > get the spammer to change their evil ways? Instead of trying to
> > > make it about a quarter of all the rbl's being useless, etc.
> > >
> > > or just plain stupid and obviously false claims that Twitter never
> > > sends spam.
> > >
> > > Andre
> > >
> > > On Mon, 19 Jun 2017 14:53:07 +
> > > Suresh Ramasubramanian  wrote:
> > >    
> > >> On 19/06/17, 8:20 PM, "anti-abuse-wg on behalf of ox"
> > >> 
> > >> wrote:
> > >>
> > >>      And, apart from the fact that 25% of all spam lists does in
> > >> fact list Twitter as a spammer
> > >>
> > >> Sturgeon’s law manifests itself all the time. eg: the number of
> > >> weird and wonderful blocklists used by maybe two men and their
> > >> dog, the population of cranks on the Internet…
> > >>
> > >> --srs
> > >>    
> > >    
> >   
> 
> 
> 
>

Re: [anti-abuse-wg] Abuse: Too big to fail

2017-06-19 Thread denis walker 
Hi Andre
I have just read this whole thread (one day I will get a life). I would like to 
make an observation and a suggestion.
First the observation. You seem to be making the same point many, many times. 
You believe that Twitter is a spammer and no one will do anything about it. I 
think that sums up this thread. There have been a few comments (partially) 
supporting some of your arguments. There have been many comments expressing 
some doubt.

Now the suggestion. Do you have any proposal for moving forward and addressing 
this issue? Some people have suggested that individuals who believe they are 
being spammed by Twitter (and others) can set up their own email filter and 
take a small step to solve the problem. If this is a sensible course of action 
then it is a question of educating ordinary internet users that this action is 
available and explain how to do it. As most end users have never heard of the 
RIPE NCC it is not an education role for them. Most users only know who their 
service provider is. These are probably all RIPE NCC members (in this region). 
So maybe it would help if these service providers could publish information on 
their web sites about tackling this issue on an individual basis. If that would 
help then maybe either you, or a group of people from this anti-abuse 
community, could produce some standard information on how to set up these 
filters in the different technology circumstances of end users. Or maybe you 
have some other proposals for action to solve this issue?
I have a Twitter account. I have never tweeted anything in my life, but I 
follow a few RIPE and APNIC tweets. Apart from some daily notifications (which 
I have requested) I have never been spammed by Twitter. Same for Facebook. But 
Ebay is a different story for me. Twice someone has created an account using my 
email address. Ebay does not verify users email addresses. I was hit by 
hundreds of emails a day from these people's (most probably illegal) purchases. 
I complained to Ebay's abuse email address and was ignored. I even found an 
abuse address in the RIPE Database and complained, but still ignored. In the 
end I solved the problem another way.

cheersdenis


  From: ox 
 To: Volker Greimann  
Cc: anti-abuse-wg@ripe.net
 Sent: Monday, 19 June 2017, 17:30
 Subject: Re: [anti-abuse-wg] Abuse: Too big to fail
   
On Mon, 19 Jun 2017 17:15:35 +0200
Volker Greimann  wrote:

Hi Volker :)

> It seems there is a definition issue here. I am sure Twitter does not 
> intentionally spam its users, but many users that receive messages
> from Twitter think of these as spam.
> 
Not to be pedantic, but as Twitter is aware of their abuse and does not
do anything to stop it - Twitter does intentionally spam and enable
criminals.

The emails are sent from Twitter infrastructure, so therefore = Twitter.

As Twitter ignores and refuses abuse reports, this indicates non
willingness to cease abuse, investigate abuse and stop enabling
criminals.

And Twitter abuse is ongoing...

They are multiple repeat offenders that are 'special' spammers.

 
> What is probably true:
> 
> - Real spammers may be abusing the infrastructure offered by Twitter
> to spam and Twitter is unable/unwilling to take action to stop this
> 

Twitter are 'real' spammers :)

and yes, their infrastructure enables many other nefarious creatures.

> - Twitter account holders have their settings set up that they
> receive too many notifications that they do not really want.
> Solving the second is easy: Just change your notification settings.
> 
none of the thousands of abuse I see are from any real people...
so, non relevant, in my case :)

personally I do have a Twitter account and have nothing personal
against or for Twitter. I have no agenda or anything other than to
simply state that there are multinationals that are evil and to point
out that playing fields are not level...


> Volker
> 
> PS: It may be helpful to say exactly which messages you consider spam 
> instead of opening up with the big guns right away but without 
> sufficient detail to verify your claims.
> 

Emails to trusted spamtraps - are spam

Emails to stolen data - is criminal activity & also spam

Emails to non existent people at non existent email addresses - is
spam/abuse

Emails continuing after requests to stop - is spam/abuse 

Forever 'confirmation emails' (as in more than 10) - is spam/abuse

Andre

> 
> Am 19.06.2017 um 17:08 schrieb ox:
> > If I do actually look at the abuse lists that list the spammer,
> > Twitter
> > - they are sorbs, etc and have a reputation for ethical behavior..
> >
> > What is interesting is how you & michele defend the spammer
> >
> > One has to wonder whether it is because the fact that Twitter is an
> > evil spammer hurts you guys personally?
> >
> > Or if you are prod

Re: [anti-abuse-wg] Abuse: Too big to fail

2017-06-19 Thread ox 
On Mon, 19 Jun 2017 17:15:35 +0200
Volker Greimann  wrote:

Hi Volker :)

> It seems there is a definition issue here. I am sure Twitter does not 
> intentionally spam its users, but many users that receive messages
> from Twitter think of these as spam.
> 
Not to be pedantic, but as Twitter is aware of their abuse and does not
do anything to stop it - Twitter does intentionally spam and enable
criminals.

The emails are sent from Twitter infrastructure, so therefore = Twitter.

As Twitter ignores and refuses abuse reports, this indicates non
willingness to cease abuse, investigate abuse and stop enabling
criminals.

And Twitter abuse is ongoing...

They are multiple repeat offenders that are 'special' spammers.

 
> What is probably true:
> 
> - Real spammers may be abusing the infrastructure offered by Twitter
> to spam and Twitter is unable/unwilling to take action to stop this
> 

Twitter are 'real' spammers :)

and yes, their infrastructure enables many other nefarious creatures.

> - Twitter account holders have their settings set up that they
> receive too many notifications that they do not really want.
> Solving the second is easy: Just change your notification settings.
> 
none of the thousands of abuse I see are from any real people...
so, non relevant, in my case :)

personally I do have a Twitter account and have nothing personal
against or for Twitter. I have no agenda or anything other than to
simply state that there are multinationals that are evil and to point
out that playing fields are not level...


> Volker
> 
> PS: It may be helpful to say exactly which messages you consider spam 
> instead of opening up with the big guns right away but without 
> sufficient detail to verify your claims.
> 

Emails to trusted spamtraps - are spam

Emails to stolen data - is criminal activity & also spam

Emails to non existent people at non existent email addresses - is
spam/abuse

Emails continuing after requests to stop - is spam/abuse 

Forever 'confirmation emails' (as in more than 10) - is spam/abuse

Andre

> 
> Am 19.06.2017 um 17:08 schrieb ox:
> > If I do actually look at the abuse lists that list the spammer,
> > Twitter
> > - they are sorbs, etc and have a reputation for ethical behavior..
> >
> > What is interesting is how you & michele defend the spammer
> >
> > One has to wonder whether it is because the fact that Twitter is an
> > evil spammer hurts you guys personally?
> >
> > Or if you are products (have twitter etc) accounts and the truth
> > hurts?
> >
> > If you love the Twitter spammer that much, why do you not try to
> > get the spammer to change their evil ways? Instead of trying to
> > make it about a quarter of all the rbl's being useless, etc.
> >
> > or just plain stupid and obviously false claims that Twitter never
> > sends spam.
> >
> > Andre
> >
> > On Mon, 19 Jun 2017 14:53:07 +
> > Suresh Ramasubramanian  wrote:
> >  
> >> On 19/06/17, 8:20 PM, "anti-abuse-wg on behalf of ox"
> >>  wrote:
> >>
> >>  And, apart from the fact that 25% of all spam lists does in
> >> fact list Twitter as a spammer
> >>
> >> Sturgeon’s law manifests itself all the time. eg: the number of
> >> weird and wonderful blocklists used by maybe two men and their
> >> dog, the population of cranks on the Internet…
> >>
> >> --srs
> >>  
> >  
>

Re: [anti-abuse-wg] Abuse: Too big to fail

2017-06-19 Thread Volker Greimann 
It seems there is a definition issue here. I am sure Twitter does not 
intentionally spam its users, but many users that receive messages from 
Twitter think of these as spam.


What is probably true:

- Real spammers may be abusing the infrastructure offered by Twitter to 
spam and Twitter is unable/unwilling to take action to stop this


- Twitter account holders have their settings set up that they receive 
too many notifications that they do not really want.


Solving the second is easy: Just change your notification settings.

Volker

PS: It may be helpful to say exactly which messages you consider spam 
instead of opening up with the big guns right away but without 
sufficient detail to verify your claims.



Am 19.06.2017 um 17:08 schrieb ox:

If I do actually look at the abuse lists that list the spammer, Twitter
- they are sorbs, etc and have a reputation for ethical behavior..

What is interesting is how you & michele defend the spammer

One has to wonder whether it is because the fact that Twitter is an
evil spammer hurts you guys personally?

Or if you are products (have twitter etc) accounts and the truth hurts?

If you love the Twitter spammer that much, why do you not try to get the
spammer to change their evil ways? Instead of trying to make it about a
quarter of all the rbl's being useless, etc.

or just plain stupid and obviously false claims that Twitter never sends spam.

Andre

On Mon, 19 Jun 2017 14:53:07 +
Suresh Ramasubramanian  wrote:


On 19/06/17, 8:20 PM, "anti-abuse-wg on behalf of ox"
 wrote:

 And, apart from the fact that 25% of all spam lists does in fact
list Twitter as a spammer

Sturgeon’s law manifests itself all the time. eg: the number of weird
and wonderful blocklists used by maybe two men and their dog, the
population of cranks on the Internet…

--srs





--
Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.

Mit freundlichen Grüßen,

Volker A. Greimann
- Rechtsabteilung -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreim...@key-systems.net

Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com

Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
www.facebook.com/KeySystems
www.twitter.com/key_systems

Geschäftsführer: Alexander Siffrin
Handelsregister Nr.: HR B 18835 - Saarbruecken
Umsatzsteuer ID.: DE211006534

Member of the KEYDRIVE GROUP
www.keydrive.lu

Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen 
Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder 
Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht 
nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder 
telefonisch in Verbindung zu setzen.



Should you have any further questions, please do not hesitate to contact us.

Best regards,

Volker A. Greimann
- legal department -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreim...@key-systems.net

Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com

Follow us on Twitter or join our fan community on Facebook and stay updated:
www.facebook.com/KeySystems
www.twitter.com/key_systems

CEO: Alexander Siffrin
Registration No.: HR B 18835 - Saarbruecken
V.A.T. ID.: DE211006534

Member of the KEYDRIVE GROUP
www.keydrive.lu

This e-mail and its attachments is intended only for the person to whom it is 
addressed. Furthermore it is not permitted to publish any content of this 
email. You must not use, disclose, copy, print or rely on this e-mail. If an 
addressing or transmission error has misdirected this e-mail, kindly notify the 
author by replying to this e-mail or contacting us by telephone.

Re: [anti-abuse-wg] Abuse: Too big to fail

2017-06-19 Thread ox 

If I do actually look at the abuse lists that list the spammer, Twitter
- they are sorbs, etc and have a reputation for ethical behavior..

What is interesting is how you & michele defend the spammer

One has to wonder whether it is because the fact that Twitter is an
evil spammer hurts you guys personally? 

Or if you are products (have twitter etc) accounts and the truth hurts?

If you love the Twitter spammer that much, why do you not try to get the
spammer to change their evil ways? Instead of trying to make it about a
quarter of all the rbl's being useless, etc.

or just plain stupid and obviously false claims that Twitter never sends spam.

Andre

On Mon, 19 Jun 2017 14:53:07 +
Suresh Ramasubramanian  wrote:

> On 19/06/17, 8:20 PM, "anti-abuse-wg on behalf of ox"
>  wrote:
> 
> And, apart from the fact that 25% of all spam lists does in fact
> list Twitter as a spammer
> 
> Sturgeon’s law manifests itself all the time. eg: the number of weird
> and wonderful blocklists used by maybe two men and their dog, the
> population of cranks on the Internet…
> 
> --srs
>

Re: [anti-abuse-wg] Abuse: Too big to fail

2017-06-19 Thread Michele Neylon - Blacknight 
+1


--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com/
http://blacknight.blog/
Intl. +353 (0) 59  9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/
Some thoughts: https://ceo.hosting/ 
---
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,R93 X265,Ireland  Company No.: 370845

On 19/06/2017, 15:53, "Suresh Ramasubramanian"  wrote:

On 19/06/17, 8:20 PM, "anti-abuse-wg on behalf of ox" 
 wrote:

And, apart from the fact that 25% of all spam lists does in fact list
Twitter as a spammer

Sturgeon’s law manifests itself all the time. eg: the number of weird and 
wonderful blocklists used by maybe two men and their dog, the population of 
cranks on the Internet…

--srs

Re: [anti-abuse-wg] Abuse: Too big to fail

2017-06-19 Thread Suresh Ramasubramanian 
On 19/06/17, 8:20 PM, "anti-abuse-wg on behalf of ox" 
 wrote:

And, apart from the fact that 25% of all spam lists does in fact list
Twitter as a spammer

Sturgeon’s law manifests itself all the time. eg: the number of weird and 
wonderful blocklists used by maybe two men and their dog, the population of 
cranks on the Internet…

--srs

Re: [anti-abuse-wg] Abuse: Too big to fail

2017-06-19 Thread ox 
Michele,

Usually I do not feed trolls, but...

Apart from the fact that they do not accept abuse reports from
reporting services like SpamCop

And, apart from the fact that 25% of all spam lists does in fact list
Twitter as a spammer

I also claim to have a nose, yet I have not proven to you that I have one.

Maybe I can just smell shit without having a nose? Probably...

Andre

On Mon, 19 Jun 2017 14:33:02 +
Michele Neylon - Blacknight  wrote:

> Andre
> 
> You’re claiming that Twitter is a spammer, yet you haven’t provided
> any evidence that they are.
> 
> What makes them a spammer?
> 
> Any emails I’ve seen from them have been 100% legit and if there’s
> any I personally get that I don’t want I simply unsubscribe.
> 
> In common with any other company that provides email services we get
> a LOT of email from social networks such as Facebook and Twitter.
> 
> It’s not spam.
> 
> So I really fail to understand what it is you’re actually complaining
> about.
> 
> Regards
> 
> Michele
> 
> --
> Mr Michele Neylon
> Blacknight Solutions
> Hosting, Colocation & Domains
> https://www.blacknight.com/
> http://blacknight.blog/
> Intl. +353 (0) 59  9183072
> Direct Dial: +353 (0)59 9183090
> Personal blog: https://michele.blog/
> Some thoughts: https://ceo.hosting/ 
> ---
> Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business
> Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland  Company No.:
> 370845 
>

Re: [anti-abuse-wg] Abuse: Too big to fail

2017-06-19 Thread Michele Neylon - Blacknight 
Andre

You’re claiming that Twitter is a spammer, yet you haven’t provided any 
evidence that they are.

What makes them a spammer?

Any emails I’ve seen from them have been 100% legit and if there’s any I 
personally get that I don’t want I simply unsubscribe.

In common with any other company that provides email services we get a LOT of 
email from social networks such as Facebook and Twitter.

It’s not spam.

So I really fail to understand what it is you’re actually complaining about.

Regards

Michele

--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com/
http://blacknight.blog/
Intl. +353 (0) 59  9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/
Some thoughts: https://ceo.hosting/ 
---
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,R93 X265,Ireland  Company No.: 370845

Re: [anti-abuse-wg] Abuse: Too big to fail

2017-06-19 Thread ox 
On Mon, 19 Jun 2017 03:25:56 -0700
"Ronald F. Guilmette"  wrote:
> In short, it is an education problem.
> There was a similar problem some years ago when a major effort was
> launched to finally and fully eradicate smallpox.
> There were some backwards villagers in the wilds of rural Pakistan who
> just couldn't be convinced that smallpox wasn't "the will of god".
> As you may have noticed, in the American political system also, bad
> outcomes accrue in the presence of a poorly educated populace.
> It is incumbant upon us, the class of netizens who understand the
> problem, to educate our less well educated brethern and fellow
> Internet users on the importance of not just putting up with it when
> this big company or that big company takes a dump in your inbox.
> Speaking only for myself, I certainly attempt to provide such
> education at every opportunity, and only wish that others would do
> likewise.
> 
+1
very cool post Ronald, very insightful and helpful, thank you :)

Andre

Re: [anti-abuse-wg] Abuse: Too big to fail

2017-06-19 Thread ox 
On Mon, 19 Jun 2017 10:11:10 +
Esa Laitinen  wrote:
> Question raises: does the user you were using as an example have a
> twitter account connected with that email address? And has he
> selected to receive emails for direct messages (or something else) in
> twitter?
> 
That specific email account belongs to a salt email, salt emails are used to 
track (stolen) data.  This means that the email address is not a real person,
the email address is unique and has never existed before.

For the data I have and in my own personal knowledge, the thousands of
spam emails that specifically Twitter sends out belongs in four
categories:

Confirmation Spam: (where the confirm your email account is sent out
forever, sometimes once per month, sometimes six times a month or more)

Criminal Activity: Where fake identities - hidden in (stolen) data -
starts receiving spam linked to a Twitter Account

Outright Spam: Where spamtraps simply start receiving spam

Weird/Floating Spam: Where fake and/or non existent email addresses
start receiving spam not linked to any Twitter Account

- Now, Twitter does not want abuse reports  -  To verify - try
  submitting a SpamCop report or try to file a report yourself.

So, Twitter has no interest in investigating or stopping their abuse
and/or probable criminal behavior.

Yet, there are so many that comes to the defense of this multi national
spammer... 

then there is Facebook and all the other 'special' spammers...

This is question raises :)

Andre

Re: [anti-abuse-wg] Abuse: Too big to fail

2017-06-19 Thread Ronald F. Guilmette 

ox  wrote:

>But the simple truth is that Twitter is arguably the largest 'legal'
>spammer on the planet and they are unstoppable...

Again, at the risk of repeating myself, they are by no means "unstoppable".

In fact, it would take me personally all of about 9 seconds to run vi on
my own local mail server domain blacklist file to add the domain name
"twitter.com" to that list.  And if I did so, then I would never get any
email from them whatsoever, ever again, forever, guarranteed.  And I
personally would not hesitate at all to do exactly that if they were
to spam me.

Hummm... gee.  I have a *lot* of domains that I've added to my local
domains blacklist over the years hundreds in fact.  There being so
many of them, there's no way that I can remember them all.  So I just now
went and did a grep.  And do you know what?  I swear, I didn't even
remember putting this there, so I must have put it in there a long time
ago... perhaps years and years ago... but yes, actually, now that you
mention it, I *do* have an entry in my own local HELO/EHLO blacklist of
"twitter.com".

There are two implications of that statment:

1)  Yes, actually, once upon a time, they must have spammed me too.  I
would not have added that domain to that list unless they had done so.

2)  The list entry in question effectively blocks any and all incoming
email messages where the HELO/EHLO string offered by the SMTP client is
either "twitter.com" (case insensitive) or else some subdomain thereof.

So there you have it.  Proof positive that... contrary to your assertion...
even the mighty twitter.com is in fact -very- "stoppable".(Locally,
I have completely stopped them cold.)

I feel quite confident in asserting to you, and to everyone, that since
the day that domain was inducted into my local blacklist, they have not
successfully spammed me a single time.

Furthermore, if more mail system adminitrators would do as I do, and
take a hard line and adopt a zero tolerance policy, even against the
"big names" then eventually the bad practices of these companies would
start to cost them money, and at that point they would be forced to
discontinue employing them.

So, really, the only question left is:  Why don't both mail system
administrators *and* millions of end users everywhere do as I do and
vote "no" on spam?  Why don't they all blacklist the bad senders?

And the answer is what it always has been:  "It's complicated."  The
admins of big mail *receivers* (e.g. comcast, aol, etc.) fear that if
they did so, many of their less educated users would take this as a
"defect" rather than as a "feature" and would bolt to other providers.

But individual end users can each also take their own unilateral action
against the bad actors, and if enough of them do so, then eventually it
will make an impact.

So why don't they?

Well, unfortunately, an awful lot of them are just plain ignorant, and
many fo them don't even know that they have even the -capability- in
theeir own hands and in their own mail clients to block specific domains
and to this "vote no" on spam.

In short, it is an education problem.

There was a similar problem some years ago when a major effort was
launched to finally and fully eradicate smallpox.

There were some backwards villagers in the wilds of rural Pakistan who
just couldn't be convinced that smallpox wasn't "the will of god".

As you may have noticed, in the American political system also, bad outcomes
accrue in the presence of a poorly educated populace.

It is incumbant upon us, the class of netizens who understand the problem,
to educate our less well educated brethern and fellow Internet users on
the importance of not just putting up with it when this big company or
that big company takes a dump in your inbox.

Speaking only for myself, I certainly attempt to provide such education
at every opportunity, and only wish that others would do likewise.


covfefe

Re: [anti-abuse-wg] Abuse: Too big to fail

2017-06-19 Thread Esa Laitinen 
On Mon, Jun 19, 2017 at 10:49 AM ox  wrote:

>
> As I said: All ethical, honest and functional blocklists lists Twitter
> as a Spammer. - It seems that at least 25% do actually list Twitter as a
> spammer, and that is quite a lot. So maybe there is hope after all?
>

While I can certainly believe Twitter is a spam enabler, I did a small test.

I created  a new twitter account, but didn't confirm the account.

I cannot send messages to this account from my other twitter account.

So, I couldn't make twitter to facilitate email spam in this case.

I do get email from Twitter when somebody sends me a direct message to my
real twitter account. I chose to receive these notifications, thus the
emails are not spam, and it would be wrong of me to report those emails as
spam, even if the direct message is spam.

Question raises: does the user you were using as an example have a twitter
account connected with that email address? And has he selected to receive
emails for direct messages (or something else) in twitter?

Yours,

esa

Re: [anti-abuse-wg] Abuse: Too big to fail

2017-06-19 Thread ox 
On Mon, 19 Jun 2017 01:06:27 -0700
"Ronald F. Guilmette"  wrote:
> And anyway, if you don't like the gunk you are getting from this one
> domain, twitter.com, why don't you just block all emails from
> twitter.com?
> Do you not know how to do that?  If not, maybe we can find someone who
> can help you with setting up domain-specific blocking for your
> specific email client.
> 
most people on this list deal with or are interested - or involved with - abuse.

I would guess that many are either agents for their governments (or for
some government), Law enforcement of some kind, network/ip abuse, abuse
administration, rbl/dnsbl and/or abuse database and tracking, Internet
societies and/or organizations etc.

Few people on this list, I would think, are just normal and/or average
users who require assistance with configuring their own spam filters,
but thank you for offering to help me to find someone to configure my 
own spam filters. 

As it happens I too, personally, do not receive any spam from Twitter,

and my server IP, which I use to comm with this list, only receives a
few Twitter spams per day (maybe 10?) as all decent criminal syndicates
know better than to simply give me their bots/nets/etc. :)

But the simple truth is that Twitter is arguably the largest 'legal'
spammer on the planet and they are unstoppable as the products (this
are people with Twitter accounts) love followers and to be popular and
these products even help the spammer to market and stay important. 
the people whom are abused have no recourse and as you said: you do not
care as you are not affected. 

This is part of twitter marketing strategy and probably why they are so
hard pressed to 'delete' fake accounts and act on criminal enterprise?

The criminals help Twitter to remain relevant, like a pilot fish
swimming next to a shark.

Twitter helps the criminals to get close to their intended victims, etc.

Then, there are so many 'products' that defend Twitter. (and Facebook
and all the other multinationals) as 'products' are addicted to their
multinational 'food' 

even on an Anti Abuse discussion group - some are trying to argue that
in any universe, Twitter is a good netizen and not a criminal
enterprise. - challenging me to post headers  - even when some Twitter
IP numbers are blocked by 30 different and independent International
Blacklists...

Simply ignoring the actual facts and actual statistics. 

As I said: All ethical, honest and functional blocklists lists Twitter
as a Spammer. - It seems that at least 25% do actually list Twitter as a
spammer, and that is quite a lot. So maybe there is hope after all? 

Andre

Re: [anti-abuse-wg] Abuse: Too big to fail

2017-06-19 Thread Ronald F. Guilmette 

ox  wrote:

>Firstly, someone cannot just start sending you bulk emails each day
>without you ever having asked for those emails.
>
>Anyone can maybe send you one email and check if they have the correct
>email address and, if you do not reply or respond, maybe two or even
>three 'confirmation' emails..
>
>Twitter specifically, sends out the same confirmation emails, forever
>
>And;
>
>Twitter does not require opt in, to start sending you spam. Once they
>have your email address, the spam keeps on coming and coming. 


Yes.  Failure to do proper "confirmed opt in" is indeed a common and
widespread failing on the part of -many- big companies.

I would be willing to believe that Twitter is one such company.

I do not and never will condone such selfish, greedy, sloppy, and
anti-social practices, no matter what companies engage in them, and
regardless of the sizes of such companies.

However this problem is easily handled by those individual users who
are specifically the victims of such sloppy practices.  They can block
inbound email from the offending domain(s) themselves, in their own
mail programs.  (This is sometimes called "voting with your feet".)

As long as the companies involved do not begin to use so-called "snowshoe"
spamming tactics, it is easy for all those they offend with their sloppy
and anti-social practices to simply block their mails.

If enough millions of people do that, then eventually they will go out
of business and good riddance to them.

But blocking spams from specific and individual "point sources" like
this isn't something that is only in the hands of Spamcop or Spamhaus
or any other blacklist.  This is somdething that indivduals can and
should do for themselves.


covfefe

Re: [anti-abuse-wg] Abuse: Too big to fail

2017-06-19 Thread Ronald F. Guilmette 

ox  wrote:

>"Ronald F. Guilmette"  wrote:
>> Personally, I've never seen a single piece of *email* spam
>> from Twitter.  So this is news to me.  Can you post a sample
>> please?

...

>Envelope-to: x

What's this?  Did you redact it?  If so, why?  We already know what
your email address is.

>To: x 

What's this?  Did you redact it?  If so, why?  We already know what
your email address is. 


Anyway, have you ever tried to figure out why you are so lucky?  I mean
why -you- get all of these alleged spam emails from Twitter and yet
some other people who also have Twitter accounts... such as me for
example... aren't being blessed with any such?

And anyway, if you don't like the gunk you are getting from this one
domain, twitter.com, why don't you just block all emails from twitter.com?

Do you not know how to do that?  If not, maybe we can find someone who
can help you with setting up domain-specific blocking for your specific
email client.


covfefe

Re: [anti-abuse-wg] Abuse: Too big to fail

2017-06-19 Thread ox 
On Mon, 19 Jun 2017 09:24:09 +0200
Richard Hartmann  wrote:
> I might be missing something, but that email body contains an opt-out
> link, the header includes List-Unsubscribe:, and you seem to receive
> the email. Isn't there a somewhat obvious path to improvement, here?
> Richard
> 
That which you are missing is a few things :)

Firstly, someone cannot just start sending you bulk emails each day
without you ever having asked for those emails.

Anyone can maybe send you one email and check if they have the correct
email address and, if you do not reply or respond, maybe two or even
three 'confirmation' emails..

Twitter specifically, sends out the same confirmation emails, forever

And;

Twitter does not require opt in, to start sending you spam. Once they
have your email address, the spam keeps on coming and coming. 

And;

Twitter specifically does not always honor UNSUBSCRIBE, they just keep
on sending spam. It depends on which way the wind blows in America on
that day, I guess, as they have honored unsubscribes before, and then
not and then again, etc. 

And;

Twitter magically sends emails to email addressess ONLY found in STOLEN
data.

So, this means that:

Twitter are criminals or Twitter serves as a platform for criminals to
operate 

And - Twitter does either of those two - Knowingly.

And;

twitter refuses to receive abuse complaints

I can go on and on and on.. As unbelievably, Twitter is even more
abusive... but what is the point?

As I said before - and on the subject line - Twitter and other
large multinationals - commit abuse and simply Are too big to fail.

Andre

Re: [anti-abuse-wg] Abuse: Too big to fail

2017-06-19 Thread Richard Hartmann 
I might be missing something, but that email body contains an opt-out
link, the header includes List-Unsubscribe:, and you seem to receive
the email. Isn't there a somewhat obvious path to improvement, here?


Richard

Re: [anti-abuse-wg] Abuse: Too big to fail

2017-06-19 Thread ox 
On Sun, 18 Jun 2017 23:50:16 -0700
"Ronald F. Guilmette"  wrote:
> Andre wrote:
> >Twitter has millions of 'fake' accounts, and accounts that use
> >spamtrap email addresses, from stolen data.  
> 
> How is that a problem for anyone but Twitter?
> 

Because they are spammers and spam is abuse and abuse people is evil :)

> (Coincidentally, I happened to be discussing the Twitter
> fake accounts problem with some other folks recently.  One
> guy who works for a security firm claims to have spotted
> one set of around 200,000 of them.  I myself saw someone
> on a hacker forum claiming to have just simply "bought"
> 30,000 Twitter followers.  My reaction to both of these
> bits of news is just to yawn.  I don't see how any of it
> affects -me-.  This is Twitter's problem.  It's their
> walled garden.  If they elect not to properly police it,
> well then, as the old saying goes, they are shitting where
> they eat, and it will catch up to them eventually.  As long
> as they are not sending spam -to me- ... which they aren't...
> I don't see why I should give a damn.)
> 
> You also wrote:
> 
> >Twitter is by far the worst spammer of all the multinationals,  
> 
> Personally, I've never seen a single piece of *email* spam
> from Twitter.  So this is news to me.  Can you post a sample
> please?

I receive a few thousand each day and report at least 10% of it at SpamCop 
this specific spamcop report went and was delivered to i...@twitter.com 

all twitter spam reports @spamcop.net goes to /dev/null as there is no
point to report Twitter - every abuse admin knows that Twitter is the
largest 'special' spammer, closely followed by Outlook.com then Facebook
and the other huge multinationals...


Return-path:

Envelope-to: x Delivery-date: Mon, 19 Jun 2017 00:05:22 +0200
Received: from spring-chicken-aw.twitter.com ([199.16.156.162]:42657)
   by mail.afribiz.co.za with esmtps
(TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.89)
   (envelope-from
)
id 1dMiJs-0001bV-UA for x; Mon, 19 Jun 2017 00:05:22 +0200
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=twitter.com;
   s=dkim-201406; t=1497823478;
   bh=vSOmPsS5ekVJ2jvzibUljQaCKC+sNFiKVAjLj9YlaOw=;
   h=Date:From:To:Subject:MIME-Version:Content-Type:List-Unsubscribe:
Message-ID;
   b=IKOi6Q4fRWj+6xYvu2Z/+HdbapC+TLsX6KcsN1ZlMgQL6Bkw3vJQzSgivhKnxkap7
kzRkSFzxdtshC4nBNrKlE6S2x6II8+CYrtEScir/4ttWfTVI1mXbWAm9HQBj9WqdMY
BDT3gWLBUrZva8SVY+zNSFjZiMXsAhIJHl8Af9z34vp59FLx8dpoLbVS9Tw49U8Lq5
PZbUv/ddMjF6VseCx4KHs9u/XHULvEgTeUyPRlFVbJ00bU0i36iDKlohqmC7of87ea
6f3VQstZVrUukZv+KsOctoIrI3zs/iw+J17a/VwJ9fkg39q81ZyWMwe19/2fYHVvQ4
MI0uvWfxiyeuA==
X-MSFBL:
CfAxgUrwa/aK5bW0bt5H9izJz7a2ydyGfj48ljfiEJw=|eyJ1IjoidUBsdWNreS5
jby56YUBpaWQjI2M2MGE3YzViMzVjNjQ4ODA4NmVjZmQ5N2RiYTliZThmQHVzYiM
jMjRAMjQ0QDQ4ODc3OTM5N0AwQGRmZjBjMjlmZTE2YTA1ZTY4Nzc3MzJjODhlMzI
xMGIxNDE2NzFlNTAiLCJyIjoidUBsdWNreS5jby56YSIsImIiOiJhdGxhLWFxaC0
zOC1zcjEtQnVsay4xODIiLCJnIjoiQnVsayJ9 Date: Sun, 18 Jun 2017 22:04:38
+ From: Twitter 
To: x 
MIME-Version: 1.0
Content-Type: multipart/alternative;
   boundary="=_Part_13608723_1356155390.1497823478814"
List-Unsubscribe:

Feedback-ID:
0040162518f58f41d1f0:15491f3b2ee48656f8e7fb2fac:none:twitterESP
Precedence: Bulk Message-ID: <86.36...@twitter.com>
X-Spam-Status: Yes, score=5.4 X-Spam-Score: 54
X-Spam-Bar: +
X-Spam-Report: Spam detection software, running on the system
"mail.afribiz.co.za", has identified this incoming email as possible
spam.  The original message has been attached to this so you can view
it or label similar future email.  If you have any questions, see
root\@localhost for details.

Content preview:  Hey lucky, @alicp Not meant to live in Ohio
https://twitter.com/alicp/status/876483677118754818 @DanaBellexox I
have the best friends ever 💕😭
https://twitter.com/DanaBellexox/status/876259460825718784 [...]

Content analysis details:   (5.4 points, 5.0 required)

 pts rule name  description
 --
 -- 5.5
 RCVD_IN_BL_SUPER_ASCAMS RBL: Received via a relay in Ascams.com
 SuperBlock [199.16.156.162 is listed for abuse. Please fix]
[and notify d...@ascams.com]
-0.0 SPF_PASS   SPF: sender matches SPF record
-0.0 T_RP_MATCHES_RCVD  Envelope sender domain matches handover
 relay domain
 0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or identical
 to background
 0.0 HTML_MESSAGE   BODY: HTML included in message
-0.1 DKIM_VALID_AU  Message has a valid DKIM or DK signature
 from author's domain
-0.1 DKIM_VALID Message has at least one valid DKIM or DK
 signature 0.1 DKIM_SIGNEDMessage has a DKIM or DK
 signature,

Re: [anti-abuse-wg] Abuse: Too big to fail

2017-06-18 Thread Ronald F. Guilmette 

Andre wrote:

>Twitter has millions of 'fake' accounts, and accounts that use
>spamtrap email addresses, from stolen data.

How is that a problem for anyone but Twitter?

(Coincidentally, I happened to be discussing the Twitter
fake accounts problem with some other folks recently.  One
guy who works for a security firm claims to have spotted
one set of around 200,000 of them.  I myself saw someone
on a hacker forum claiming to have just simply "bought"
30,000 Twitter followers.  My reaction to both of these
bits of news is just to yawn.  I don't see how any of it
affects -me-.  This is Twitter's problem.  It's their
walled garden.  If they elect not to properly police it,
well then, as the old saying goes, they are shitting where
they eat, and it will catch up to them eventually.  As long
as they are not sending spam -to me- ... which they aren't...
I don't see why I should give a damn.)

You also wrote:

>Twitter is by far the worst spammer of all the multinationals,

Personally, I've never seen a single piece of *email* spam
from Twitter.  So this is news to me.  Can you post a sample
please?

Re: [anti-abuse-wg] Abuse: Too big to fail

2017-06-18 Thread ox 
On Mon, 19 Jun 2017 10:58:17 +0530
Suresh Ramasubramanian  wrote:
>>> And what blocklist out there except the obscure and kooky is
>>> actually listing twitter?
>> 
>> Easy answer: All ethical, honest and functional blocklists lists
>> Twitter as the spammer it is.
>> 
>> The correct question, the one you should be asking, is - Why are not
>> all blocklists listing Twitter.
>> 
>> Of course, you would not be asking that question :)
>
> True. I have other and better questions to ask.
> 
So, ask?

The truth is that many blocklists are not ethical, honest or even
functional as they white list Spammers like Twitter simply because
their users want emails from this multinational Spammer and not because
they function as a 'list of spammers' 

So, many RBL / DNSBL are broken as they do not list or treat all
spammers equally, but make 'exceptions' for 'special' spammers...

Anyway, as we are all powerless and many of us (like you) think it is "
obscure and kooky" to actually list spammers...

what is your better questions?

Andre

Re: [anti-abuse-wg] Abuse: Too big to fail

2017-06-18 Thread ox 
On Mon, 19 Jun 2017 07:07:19 +0200
ox  wrote:
> The largest white listed spammer on the planet is so powerful
> is this spammer a criminal? Oh, no, this spammer is regarded so
> highly, that it, like many other huge multi nationals, can simply do
> anything they want or like.
> Nobody can file complaints at SpamCop.net (/dev/nul) as quite simply
> it is a waste of time.
> try it for yourself. I have personally filed thousands of reports,
> daily over many years, and it is simply a waste of time.
> 
> When one looks at sender reputation, it is so very simple to just see
> how much "sender score" actually means and how much it is about money
> and power. 
> For example, one IP number:
> http://multirbl.valli.org/lookup/199.16.156.171.html
> 
> had this been your or my IP number, we would not be able to relay
> emails anywhere.
> 
> but, the playing field is not level.
> 
> Multinationals run the planet and as I have said elsewhere, many
> times, we no longer buy products, we are the products. We are like
> chickens in a chicken factory, simply marking time, ignorant of our
> purpose.
> So, what can a RIPE abuse WG discuss about such powerful abusers?
> Nothing, as we are all powerless against this spammer.
> Interestingly, we (as in us, the people) are becoming less and less
> in control each and every day. And, not, this is not my tinfoil hat
> that needs adjustment, this is simple statistical fact.
> 

And, yes, to be clear - this is a Twitter IP number. But you can also
do similar searches on other multinationals...

Twitter is by far the worst spammer of all the multinationals, at least
some of the others 'pretend' to care...

The behavior is much the same - They are too big to fail (or care)

Andre

Re: [anti-abuse-wg] Abuse: Too big to fail

2017-06-18 Thread Suresh Ramasubramanian 
On 19-Jun-2017, at 10:55 AM, ox  wrote:
> 
> Of course, you would not be asking that question :)

True. I have other and better questions to ask.

Re: [anti-abuse-wg] Abuse: Too big to fail

2017-06-18 Thread ox 
On Mon, 19 Jun 2017 05:18:22 +
Suresh Ramasubramanian  wrote:
> That is a Twitter IP
> 

Yes, and?

> What email from twitter are you receiving that isn’t because you have
> a twitter account?
> 

Twitter has millions of 'fake' accounts, and accounts that use
spamtrap email addresses, from stolen data.

In some countries that is a crime...


> And what blocklist out there except the obscure and kooky is actually
> listing twitter?
> 

Easy answer: All ethical, honest and functional blocklists lists Twitter as the 
spammer it is.

The correct question, the one you should be asking, is - Why are not
all blocklists listing Twitter.

Of course, you would not be asking that question :)

Andre

Re: [anti-abuse-wg] Abuse: Too big to fail

2017-06-18 Thread Suresh Ramasubramanian 
That is a Twitter IP

What email from twitter are you receiving that isn’t because you have a twitter 
account?

And what blocklist out there except the obscure and kooky is actually listing 
twitter?

--srs

On 19/06/17, 10:39 AM, "anti-abuse-wg on behalf of ox" 
 wrote:


For example, one IP number:
http://multirbl.valli.org/lookup/199.16.156.171.html

had this been your or my IP number, we would not be able to relay
emails anywhere.

but, the playing field is not level.