On Saturday, July 17, 2004, 1:42:26 PM, Frank Ellermann wrote:
Jeff Chan wrote:
Maybe you could forward one to me off list and explain how you think they got your address.
It's the same idea as in any C/R system: The spammer forges an almost arbitrary MAIL FROM for his stuff. The challenge goes to the MAIL FROM, e.g.
http://www.spamcop.net/sc?id=z554014790zc260cd9fdfc657ecb5cd7e70a6026bf1z&action=display
Following this link you see the complete spamarrest challenge incl. the link to their "webmaster affiliate program". Their business model is to sell "spam filtered" addresses, where the filtering is done by the innocent bystanders (= forged address in the spam).
They may be one of those gray domains that we might not want blocking on.
Why should you want to support a commercial C/R system ? It's just UBE asking third parties (forged addresses) to filter the spam for their customers. If you find spamarrest.com in the SC data then that's no "error", therefore it should be reflected in sc.surbl.org
It sounds like a spammer is abusing spamarrest.com's services. Is that correct? If so that should be reported back to spamarrest as abuse. Or is spamarrest *originating* these messages purely themselves? In other words is spamarrest actively, directly sending these out themselves? If the latter, I agree spamarrest should be listed. If the former, it's more like a Joe Job against spamarrest, same as if I listed Claranet.de in some spams. That would not make claranet a spammer, right?
Jeff C.