On Saturday, August 28, 2004, 6:06:20 PM, Rob McEwen wrote:
For example, obviously, there are going to be many Fortune 500 companies who will get away with the worst kinds of harvesting of e-mails from web sites for spamming. Surely, most of the time, their legal departments will prevent this because their "deep pockets" cannot afford to pursue such risky business practices. But in the event that one DOES do this, we would obviously not want to include them in SURBL, even with their bad behavior.
But consider another example which leans toward the other side of the pendulum. An e-mail marketing company tries to play it both ways by (1) sometimes uses harvested addresses (with spamtrap addresses included) when doing business with shady companies ..AND... (2) other times uses legitimate opt-in addresses with other seemingly legitimate companies.... other than the fact that this "legitimate" company chose to do business with such a trashy marketing company ;)
In this last example, what would the official policy of SURBL be?
I'd say that, if all the e-mails in question were pure sales pitches, then blacklist the marketing company on SURBL, but don't blacklist the actual legitimate company. Agree?
But where this can be really tough is if the e-mail marketing company takes over distribution of the legit company's official newsletter, with URIs of the e-mail marketing company included (beacons, for example). This is where it gets more complicated. What should be done in THAT case?
Nevertheless, isn't there also a point where e-mail marketing companies should NOT get away with flagrant and repeated violations just because they decided to play it "both ways". Couldn't this become a strategic and premeditated way for these companies to do an "end run" around SURBL... "Do a little legitimate business on the side and SURBL will say off our back."
Those are good questions, and yes they can get difficult.
The quick answer is to not list any of them if doing so would cause too much collateral damage of legitimate messages being blocked, but to convince the legitimate companies to not do business with spam operators. Certainly if the legal department of any of the legitimate companies was informed that they were doing business with a near criminal organization would stop it immediately. But we had better be very accurate and correct in our reports of they will quickly learn to ignore such reports.
And any quasi-spamhaus that was not using zombies could simply have their mail servers blocked by regular RBLs.
In that sense SURBLs were meant especially to help with the hard core professional criminal spammers who use zombies. They don't have legitimate mail servers that can be consistently blocked on, so we need to block on their web sites.
We perhaps burn too much energy on the borderline quasi-legitimate cases when they're not responsible for nearly as much abuse or spam as the really bad guys.
IMO it's better to whitelist them somewhat generously and focus on the hard core criminals who are not catchable in other ways.
I know this approach is frustrating to some of the dedicated (fixated? ;-) spam fighters, but it's necessary.
Comments?
Jeff C.