Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

What Happens when Legit Services are Seen as Spam?

Cliff posted more than 9 years ago | from the overzealous-blocking dept.

Spam 75

AssFace asks: "I run a blog that is dedicated to just things relating to spam (for the most part, the discussion is of how to stop it). I received an e-mail from a reader of the blog today that described the situation he was in. His words: 'I have a small recruiting business, with about 600 paying clients who are looking for jobs in education. About twice a month, I send an update message to all of them via e-mail. I also send them personal messages as needed. Unfortunately, Hotmail (which a great many of my clients use) seems to think that I am a spammer. With Hotmail's spam blocker set on "Medium," my e-mails go to the recipient's Spam folder. AOL and Yahoo may be blocking my messages as well, though I'm not yet certain.' I wrote my own thoughts on it and then offered it up to comments from the users of the site. My responses to his e-mail apparently weren't anything that could help his particular situation. So, regardless of the validity of this particular person's plea, what is a small business service to do if they are blocked by the major ISPs?"

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered


Whitelists (2, Insightful)

brunson (91995) | more than 9 years ago | (#8984815)

Do those services support whitelisting his address?

Re:Whitelists (1)

DrZaius (6588) | more than 9 years ago | (#8986741)

Yes, but unless you're making millions from your service, you won't be able to afford getting onto hotmail's whitelist.

AOL does have a feedback loop that lets you know when your mail is blocked. I can't remember what it is called off hand though.

Re:Whitelists (2, Interesting)

eugene ts wong (231154) | more than 9 years ago | (#8987220)

Why does the sender have to get on HotMail's global white list? Why can't the receiver put the sender on his own private white list? The story submitter said that the mail goes to the spam box, which means that it gets through, but it gets through & causes inconvenience. Once the recepient adds the sender to the address book, the mail should end up in the inbox. I could be wrong, though.

If these people want jobs, then they have to start being competitive. Learning to use email is a good start. It's important to use problem solving skills here.

Hotmail whitelist? (was Re:Whitelists) (1)

Nonesuch (90847) | more than 9 years ago | (#9024972)

... you won't be able to afford getting onto hotmail's whitelist
Interesting statement.

I do not see any information on whitelisting anywhere on the Hotmail web site.

Re:Hotmail whitelist? (was Re:Whitelists) (1)

DrZaius (6588) | more than 9 years ago | (#9027302)

I believe they go through brightmail or another one of the big companies. You need to pay a big chunk to get onto their whitelists every year.

One of our anti-spam guys has been engaging in dialogue with a lot of the big mail providers like aol, hotmail and yahoo. You won't find it on their front pages, but if you dig around you'll be able to contact their post masters and work from there.

Re:Whitelists (1)

phorm (591458) | more than 9 years ago | (#8999802)

I'm fairly sure that hotmail does. Add a message for users signing up from hotmail "please add the following address (list@myblog.com or whatever) to your address book to avoid having our messages being blocked by your SPAM filter."

Re:Whitelists (0)

Anonymous Coward | more than 9 years ago | (#9045085)

I administer an e-mail list that sounds similar: users pay money to receive by e-mail specific information of interest to them. A LOT of the users with hotmail.com (and aol.com) addresses never get the e-mail, and can't seem to comprehend the address book/whitelist concept.

Contact the ISPs. (4, Informative)

GregChant (305127) | more than 9 years ago | (#8984872)

We have that problem here from time to time, and the way we solve it is by actually calling up or e-mailing the ISP explaining the situation. Usually they're helpful and will give you directions on how to prevent further blacklisting.

Re:Contact the ISPs. (1)

Netkatarina (775672) | more than 9 years ago | (#9011815)

My company has this problem a lot. It's quite irritating when customers send us livid email saying they haven't received the download link and we have sent it 3 or 4 times. We have asked our customers to not use Yahoo or Hotmail addresses but still some do. I have tried to contact Yahoo, Hotmail and AOL to see if we are blackkisted, blocked or whatever. I was never convinced I had a good way to contact them. How did you actually contact the ISP and get someone to respond to your request. I would really appreciate specific information. Thanks a lot!

bondedsender.com (3, Interesting)

njchick (611256) | more than 9 years ago | (#8984885)

Ironport [ironport.com] , the owner of Spamcop [spamcop.net] , allows you to deposit a bond to certify that your e-mail is legitimate. More info at www.bondedsender.com [bondedsender.com] .

protection rackets and other evils (rant) (1)

tcgroat (666085) | more than 9 years ago | (#8992965)

Oh, so they want payola now? There's a bad precedent if there ever was one. Their price list makes the bi-annual software upgrade look cheap by comparison. Even a non-profit has to fork over a $375 application fee. Why should the innocent victims have to pay?

These hopelessly ineffective anti-spam "services" fail to consider the impact of their business methods on the poor users. Every one is different. Every one wants you to do a Special Thing to prove your innocence. Every week someone else decides they have the ultimate solution to spam. They are a collective nuisance, both because of the meta-spam challenges their systems produce and because they needlessly delay mail delivery. And they never worry about what happens when dozens of others are trying to do the same thing in different ways.

If you want to harvest live email addresses, grabbing them from replies to an anti-spam "service" would be a great way to go. If you want to have people foolishly click a link exploiting the latest buffer-overflow vulnerability, an anti-spam "service" message should produce lots of hits.

Attention clueless anti-spam entrepeneurs: I don't know you. I don't trust you. I won't click your handy verify link. And I certainly won't pay you any protection money!

Is he actually being blacklisted? (4, Interesting)

michaelggreer (612022) | more than 9 years ago | (#8984901)

Is Hotmail blacklisting (ie, he can't send even one email there), or is it just balking at the 600 addresses in the cc or bcc list? Many ISP's see such bulk mails as spam, and block them. The solution is simple: send them out in batches of twenty. There are many mail management applications that will do this for you. I ran into this problem myself, and turned Mailgust [mailgust.org] for batched sending. -Michael Greer

Re:Is he actually being blacklisted? (2, Insightful)

Frizzle Fry (149026) | more than 9 years ago | (#8986582)

I don't think they're that stupid. If they see you sending identical emails to lots of people, they block it, even if they come in separate batches. Otherwise it would be too easy for spammers to do the same thing (I guess the first batch or two might get through). Even if this works for now, it seems likely that this could stop working at any time, so I would much perfer a real solution (like talking to hotmail and showing them what you're sending, or having users whitelist you if possible) to trying to hack around their spam filter in the same way that spammers do.

Re:Is he actually being blacklisted? (1)

angle_slam (623817) | more than 9 years ago | (#8987323)

Doesn't work for all emails though. When I first started my new job, one of the first things I did was send an email to about 20 people as bcc. The ones sent to my former co-workers all were marked as spam.

Some spam filters are more aggressive than others.

Rule: No AOL or Hotmail. (1, Informative)

Futurepower(R) (558542) | more than 9 years ago | (#8984915)

Make it a rule that you will not take anyone as a client unless they have an email address with someone other company than Hotmail or AOL. Recommend an email company, and suggest they have an email address just for your messages.

Re:Rule: No AOL or Hotmail. (2, Insightful)

dyefade (735994) | more than 9 years ago | (#8987801)

...you will not take anyone as a client unless they...
He's running a small business. For a massive company like Amazon or eBay, yes, this is an ideal solution, but he shouldn't be forced to alienate clients because of their choice of email provider/ISP.
This should be an extreme last resort!

Re:Rule: No AOL or Hotmail. (1)

Reorax (629666) | more than 9 years ago | (#8988836)

You can't predict who will mark you as spam. You could force people to use Yahoo! accounts, but what happens when they decide to block you?

Use Powweb: 650 free email accounts. (2, Insightful)

Futurepower(R) (558542) | more than 9 years ago | (#8990014)

I should have mentioned not to use Yahoo, also. Yahoo has shown itself to be very adversarial also, with its tricky practices opting users into receiving ads.

He could give free email accounts using Powweb [powweb.com] as a web host. (650 email accounts allowed for $7.77 per month.) Powweb seems to be the best web hosting provider. Since all the mail would be coming from and going to his own domain, it can't be blocked. Isn't that a complete solution?

He could provide instructions to prospective customers about how to configure a new account in each of several email clients. He could tell them to use only their new account to communicate with him. Since the email activity would be only Powweb moving messages from one of their computers to another, there is unlikely to be any loss. (It's easy for a customer to know if he didn't successfully transmit a message to the Powweb ISP, because he will get an immediate error message.)

Re:Use Powweb: 650 free email accounts. (2, Insightful)

RevDobbs (313888) | more than 9 years ago | (#8990527)

First, that "solution" forces his clients to check another email account. Major PITA (?) [urbandictionary.com] .

Second, while PowWeb provides good web hosting for $7.77 a month, bear in mind that you get what you pay for, and that I have been less-than-happy with some randomly introduced email issues.

Do you have any experience with Powweb? (2, Informative)

Futurepower(R) (558542) | more than 9 years ago | (#8990976)

Do you have any experience with Powweb?

About two years ago, I reviewed 550 web hosting providers and came to the conclusion that PowWeb was the best for low- and medium-traffic sites. I've had to explain to customers that, even though Powweb is inexpensive, it is better than all the $30/month web hosting providers I've seen.

Re:Do you have any experience with Powweb? (1)

walt-sjc (145127) | more than 9 years ago | (#8991061)

Considering how fast things change on the internet, 2 years ago is a lifetime. If you did an honest review of 550 hosting providers, that would have taken about a full six months unless you had a large team helping. In order to actually KNOW how good a hosting provider is, you have to use them, try the customer service, measure uptime, performance, etc. I seriously doubt you did that with 550 hosting services.

My evaluation only took three whole days. (1)

Futurepower(R) (558542) | more than 9 years ago | (#8995751)

My evaluation only took three whole days. That's because many hosting providers could be eliminated very quickly. Many provide a very narrow range of services, connected with selling web site design, for example.

Many hosting providers can be eliminated because their web pages indicate that they are badly managed.

Re:Do you have any experience with Powweb? (1)

RevDobbs (313888) | more than 9 years ago | (#8991482)

Do you have any experience with Powweb?

Yes, I do. I've run three websites throught them for over 2 and a half years now; I've been with them through their growing pains and have seen many of the limits (HD space, inodes, throughput) quadruple or more in that time.

PowWeb still makes changes that will catch you with your pants down (apache/php/sql configuration changes, changing your IP address [a real problem if they don't manage your DNS], and others), and they still have problems with email -- the latest SNAFU is that the POP & SMTP servers advertise SSL but the certificate is for "*.powweb.com", not "*.yourdomain.tld".

Not that I wanted to make this a "bash PowWeb" conversation; no matter whom your service provider is, telling your clients to start checking a different email account is still an impractical pain in the ass.

Powweb. Free email as an option. (1)

Futurepower(R) (558542) | more than 9 years ago | (#8995215)

Yes, Powweb makes changes without warning their customers. Stupid. One Powweb tech support person told me that fundamental changes were made to the OS without logging them!

One influential tech support person at Powweb was very immature and very willing to lie. I see no evidence he is still at Powweb.

I think clients could be warned that there are often problem with Yahoo, AOL, and Hotmail email, and offered a free alternative if they want it. Properly introduced, I think a free, business-only email account would be well received.

Re:Do you have any experience with Powweb? (1)

keyshawn632 (726102) | more than 9 years ago | (#9025723)

While it's a good idea; it does not seem very feasible. Are customers willing to use ANOTHER e-mail address ? Most are lazy and probably will feel burned by checking an extra e-mail account just for his business.

Re:Rule: No AOL or Hotmail. (1)

Kris_J (10111) | more than 9 years ago | (#8992831)

I agree. I work at an educational institution that needs to send frequent messages to over 1,000 students. We're almost at the point where we won't accept Hotmail addresses. We've actually started a project to collect IM account information as the last option for contacting students, so much email never makes it to the recipient.

Find out why (4, Informative)

Finni (23475) | more than 9 years ago | (#8984946)

This is probably pretty easy. He needs to get the mail headers from his clients that are affected by this. Each provider probably adds X-headers that add up to a score, a spam determinant. Some providers may choose to not put a detailed score listing in, oh well. I know that the system we use is based on SpamAssassin, and every rule has a weight. Things like entries in DNS-RBL add to the score, or no reverse-DNS, Bayesian scoring, keywords, etc.

Find out why, and fix each thing that comes up. Maybe his mailserver has no reverse DNS, fix that. Maybe his ISP or his IP is on a blacklist, get it fixed or take his business elsewhere. Maybe subscribe to a service that handles email marketing responsibly, like (gasp) Microsoft's bCentral, they will make sure that they don't get blacklisted.

Whitelisting and education (3, Insightful)

squiggleslash (241428) | more than 9 years ago | (#8984976)

I've found that Yahoo's spam filters routinely block friends of mine - they'll forward me a joke, and because that joke is doing the rounds, it'll be treated as spam by default.

So, basically, I have to do two things. First, I never just blanket-empty my Bulk folder. Second, when I find someone being put in Bulk, I add a "rule" that automatically moves email from them into my Inbox. Unfortunately Yahoo doesn't document that this is what you need to do, so less experienced users wouldn't use this as a solution, if they knew how to do it at all.

I say whitelisting and education in my Subject line, the second is important. I try to persuade people to send email to my home address (which has an effective, no false positives, system enabled, based upon allocating every entity who wants to do business with me a unique, deletable, email address. No, before anyone responds, this isn't like the service that provides you with throwaway email addresses, that's a dumb idea that's likely to just end up with your domain blocked, I want legitimate businesses to be able to do business with me, and do so often on a long-term basis, I'm not trying to scam anyone) if the email absolutely does not have to be read by me at work.

More importantly, people have to realise that most filter-based systems, be they dumb like SPEWS or "learning" like Bayesian systems, carry the risk of blocking legitimate emails - SPEWS type systems are especially bad because their definition of "guilty" includes "being a customer of an ISP that also has a spammer as a customer" and there are anti-spam blacklists that have entire countries listed. The blacklist technologies are a kind of lynch-mob justice, they feed people's lust for revenge, but they ultimately seem to cause more problems than most. The non-blacklist filters, such as Bayesian, are better and not endowed with such a legacy, but they still carry some risk.

The point ultimately is that people need to know that anti-spam systems do not just block spam. You should devote a day a week going through your "marked as spam" messages if your email is important to you - most of the time it's a five minute job anyway, if my experience with Yahoo's bulk mail folder is anything to go by. It's not like you have to read anything more than the names and subjects for the most part.

Blacklist the blacklisters (1, Informative)

theCoder (23772) | more than 9 years ago | (#8985018)

Let me start with a rant:
I tell you, the radical anti-spammers really are becoming more of a problem than the actual spammers! Spammers are evil: they make email hard to use and take up Internet resources. Radical anti-spammers are worse: they actively try to make email not work. They are the primary reason I have to run my own mail server. I don't want to lose email because some idiot admin thinks some email I got is spam and deletes it. Or worse, just blacklists whole swaths of IP space. Unfortunately, since I chose to run my own mailsever, I've now earned the ire of the same anti-spammers, because I'm not using a corporate controlled mail server. Spam is a problem, but it's not worth destroying email over!

Now that that's out of the way, to the poster, the only thing I can say is to inform your clients that you cannot accept email addresses at these disreputable places (AOL, Yahoo, Hotmail) because they often drop or misdirect valid email. Or, you can accept the addresses, but warn them (in big, red letters) that email sent to those addresses may not get through. Presumably, if they are paying for this service, they do want the mail, so it's up to them to give you a working address. Maybe then, they will lean on their ISP to actually fix the problem.

Re:Blacklist the blacklisters (0)

Anonymous Coward | more than 9 years ago | (#8985547)

fuck off, something awful lackey

Re:Blacklist the blacklisters (2, Funny)

cloak42 (620230) | more than 9 years ago | (#8985792)

Or, you can accept the addresses, but warn them (in big, red letters) that email sent to those addresses may not get through.

If you try sending any email with big, red letters in it, it's DEFINITELY going to be marked as spam.

Re:Blacklist the blacklisters (1)

Jack Schitt (649756) | more than 9 years ago | (#9045310)

I got one a while back with big red letters that said "Your credit card has been put on a probationary status. Please reply with you name, card number, expiration data, address, and social security number to remove probation."

So I did and now my card doesn't work at all. Stupid spam filter...

Re:Blacklist the blacklisters (1)

Frizzle Fry (149026) | more than 9 years ago | (#8986611)

They have to destory email in order to save it.

Re:Blacklist the blacklisters (1)

unitron (5733) | more than 9 years ago | (#9004644)

"They have to destory email in order to save it."

Actually, I think that this is exactly what will be necessary. Something like e-mail that isn't e-mail, that is based on "sender pays whoever they're getting internet service from" needs to come along and everybody needs to change over. You get to send up to x number of emails or y number of bits during each billing period if you're on a "$19.95 a month for all the dial-up you can eat" type plan and if you exceed that limit you pay extra (rolling over unused allocation to the next billing period would be something ISPs could offer as incentive to use them), or you could negotiate some kind of business account but the key is that it costs you 1,000,000 times as much to send 1,000,000 messages as it does to send one and it cost your ISP at that ratio as well on up the line until the money reaches some sort of electronic clearing house where Earthlink pays AOL for all the from Earthlink to AOL traffic that uses up AOL bandwidth and the other way around when AOL is using up Earthlink bandwidth and the same for all other possible ISP combinations, kinda like banks let debits and credits meet and cancel each other out electronically instead of having armored cars full of cash pass each other like ships in the night.

In other words, if you want to send an e-mail, you have to "buy a stamp" and if you want to send out millions of e-mails you have to buy millions of stamps. If in the "real" world physical mail could be sent postage due and you had to pay, imagine how much junk mail you'd get then as opposed to what you get now when it actually costs the sender to send it. That's what's going on with e-mail at present, the costs are being absorbed by the recipients and the senders have no incentive to do anything except send more and more. This is insane and it's only going to get worse, the current system is broken and cannot really be fixed. It needs to be taken out and shot and replaced by "sender pays".

Re:Blacklist the blacklisters (1)

Frizzle Fry (149026) | more than 9 years ago | (#9009033)

A lot of people have already discussed ideas like this. You should look into what they are saying, as there are some good proposals. There are also some problems with the way you propose things in that running a large mailing list would go from cheap to quite expensive. Better are systems that try to arrange it such taht you only pay if the recipient doesn't know you or hasn't specifically asked for your mail, although details of this are tricky.

Re:Blacklist the blacklisters (1)

unitron (5733) | more than 9 years ago | (#9015480)

Whoever causes the expense should be financially liable for it. If you're running a large mailing list and the recipients agree to accept stuff "postage due" from you, since it's their desire to receive it, then the expense is born by those who really cause it.

Re:Blacklist the blacklisters (0)

Anonymous Coward | more than 9 years ago | (#8986641)

Amen, brother!

My employer (a university) routinely ends up on blacklists because of students/departments/whatever that don't patch their machines and end up being used as relays. Plus, there are the idiot blacklists that accept any user's report of "this guy sent spam!" as true. They'll add us because some spammer forged some headers that point to a non-existant hostname with our domain. Keep in mind that we go to tremendous lengths to keep our own servers spam- and relay-free.

At one point, we spent a lot of time keeping up with all of these lists (one hacked machine could mean dealing with a dozen different spamlists, all with their own unique bizarro policies). Eventually, it just became too much. We came up with a new approach: let 'em cope. If junior's email home to mom fails because mom's ISP is blocking our mail, that's an issue between mom and the ISP. If she doesn't like it, she should switch ISPs.

Re:Blacklist the blacklisters (2, Insightful)

punkki (522103) | more than 9 years ago | (#8994074)

My employer (a university) routinely ends up on blacklists because of students/departments/whatever that don't patch their machines and end up being used as relays.
So, your staff makes a mistake, somebody notices and enters the IP in a blocklist. Suddenly _blocklist operators_ are a*holes? Hmm. What an interesting world you're living in.

Re:Blacklist the blacklisters (1)

the_womble (580291) | more than 9 years ago | (#8994695)

Unfortunately, since I chose to run my own mailsever, I've now earned the ire of the same anti-spammers, because I'm not using a corporate controlled mail server

A bit OTT but you are onto a real problem: blacklists will (and have already) make running mailservers a lot more difficult and thereby will help consolidate control of email by a few big players. Just the sort of thing /.ers like, right?

It also takes some time to discover that your emails are disappearing: my ISP was blacklisted and it was several days before I knew (I just assumed that people had got a bit slow about replying) until Yahoo rather than just deleting bounced the email with an explanation of the blacklisting. SInce then I have made sure I have two SMTP servers I can use. Of course Joe Sixpack's response will probably to just swtich to using Hotmail as it is more reliable (from his point of view).

Earned the ire of the anti-spammers? (1)

Nonesuch (90847) | more than 9 years ago | (#9024951)

Unfortunately, since I chose to run my own mailsever, I've now earned the ire of the same anti-spammers, because I'm not using a corporate controlled mail server. Spam is a problem, but it's not worth destroying email over!
Please explain where you've "earned the ire of the same anti-spammers"? I really would like to know.

I know many individuals who run their own mail servers, and in fact many of them are themselves anti-spammers, they chose to run their own server because they wanted stricter spam controls than a commercial ISP would provide.

The only case I know of where you'd run into problems with anti-spammers by running your own (correctly configured) mail server would be if you are using a mail server hosted in dynamic-IP space assigned by your ISP.

In that case, outbound SMTP mail that is not sent via your ISP's mail server will likely be rejected by DUL (dynamic/dialup RBLs). But you are also almost certainly violating the ToS for your ISP by running a mail server on a dynamic home-user account.

Re:Blacklist the blacklisters (1)

bearave (729015) | more than 9 years ago | (#9026155)

Agree totally. It can be worse than just getting your valid email blocked. It is possible to get one particular large (but cheap) US web hosting company to shut down a web site simply on the basis of a single (that is, just one) complaint listing on spamcop.net. This complaint was triggered by a single instance when the receiver failed to recognise an email advising him of a domain name change for the list(because it came from the new site he did not recognise it, and although he'd subscribed to it, he shot first asked no questions later). Even worse, no investigation was carried out either by spamcop.net nor the web-host company before taking the arbitrary action of closing the web site for "abuse". Ironically, the web site had been moved because the previous web-host email accounts were getting vast amounts of spam that was wasting serious amounts of productivity (even with Bayesian filtering). Don't like a competitor's site ? Use spamcop.net to put him out of business. Seriously, you can't avoid eating for fear of choking. Something better than vigilante action and dumb automated filtering is needed.

Report it... (5, Informative)

iamchris (311218) | more than 9 years ago | (#8985123)

My company's emais were being dumped into the spam folder on Yahoo! Getting our email out of the Bulkmail folder was a lengthy process that took several attempts to start. I had to submit sample copies of our standard emails, and a copy of our privacy policy, and a rather lengthy survey. They reviewed the information, put us on probation, and reviewed the findings at the end of a month. My company is legit. I had no doubt that they would back our company off the blacklist. Incidently, the only way I found the proper channel to report the problem was to contact corporate HQ. Some deep digging was done and I finally ended up with an email address to report to: mail-abuse-bulk@yahoo-inc.com

What Happens when Legit Services are Seen as Spam? (0)

Anonymous Coward | more than 9 years ago | (#8985227)

Postfix tells them to fuck off or Spamassassin routes the message to /dev/null

Habeas (3, Informative)

wintahmoot (17043) | more than 9 years ago | (#8985250)

Sounds like the Habeas Sender Warranted Email Solution [habeas.com] would help here.

Basically you just have to include a special, copyrighted Haiku in your e-mail, and most spam filters will let your mail through. The Haiku warrants that your e-mail is not spam, because you have to license the usage of the Haiku, and the terms prevent from using it in spam mail.

I'm not sure if Hotmail respects the Habeas Haiku, but it might be worth a try.

Re:Habeas (0, Redundant)

TykeClone (668449) | more than 9 years ago | (#8985528)

Is that any different than the spammers including random words to bypass spam filters?

Re:Habeas (1, Informative)

ratboy666 (104074) | more than 9 years ago | (#8985763)


Yes - spammers putting random words in is an effort to avoid being automatically judged to be spam based on content. The Habeas poetry is a pre-set sequence that can bypass the same filter (if the filter is aware of it). The idea is that it is *illegal* for the spammer to put that particular piece of poetry into an email.

Of course, the idea is slightly daft, because I get "spams" that offer illegal products (in my jurisdiction). *If* the spammer could be found, they could be shut down -- but they typically don't wait around that long (eg. Nigerian scam, insurance sales, and other).

Why shouldn't a Nigerian scammer put the poetry in? If *actually* caught and charged, I am sure that the additional offense will be simply plead out anyway...


Re:Habeas (1)

earlytime (15364) | more than 9 years ago | (#9025179)

This idea rings a familiar tone. It reminds me of gun control laws and the death "penalty".

I think these things are good, and there is a happy medium, but probably for most of the folks who run afoul of these laws, the law is irrelevant. Folks who go around town with ak47's probably intend to commit multiple felonies, what's another couple charges to them? Likewise, folks who intend to murder other folks probably aren't concerned with the severity of the penalty. The basic punishments for murder seem like enough to deter a "deterrable" murderer.

I propose that there are always three groups of potential criminals:
1. choose not to commit criminal act by personal choice, regardless of the legality of the "crime".

2. some may choose not commit criminal act because they fear the potential consequences.

3. will commit crime regardless of the consequences, most likely because they are convinced they will/can not be caught. (essentially the opposite of group 1)

Re:Habeas (1)

whoever57 (658626) | more than 9 years ago | (#8993828)

Sounds like the Habeas Sender Warranted Email Solution would help here.

Unfortunately, probably not.

Some months ago a spammer was abusing Habeas' copyrights, so I set the SpamAssassin score that my mail server assigned to Habeas to zero. I never removed that zero setting and I expect lots of other SA users also have a zero Habeas score in their SA settings.

Re:Habeas (1, Informative)

Anonymous Coward | more than 9 years ago | (#8996473)

Basically you just have to include a special, copyrighted Haiku in your e-mail, and most spam filters will let your mail through. The Haiku warrants that your e-mail is not spam, because you have to license the usage of the Haiku, and the terms prevent from using it in spam mail.

I have never received real email that contained the Habeas Haiku. On the other hand, I have received hundreds of spam messages that contained the haiku. I learned of Habeas when I was trying to figure out why an obvious spam message got past spamassassin. The haiku is far more indicative of spam than ham. It is trivial to forge, and hard to verify.

Habeas offers a whitelist DNS service so you can check if a haiku user paid for the service - of course, they charge for it. Fuck that.

BondedSender.com is a much better program from the receipient's point of view. The cost is paid by the sender, and it is easy (and free) to verify.

Re:Habeas (1)

jonbryce (703250) | more than 9 years ago | (#9032482)

I block anything that contains the Habeas header as I've never received a legit email with it, and regularly get spam containing it.

you don't get invited to parties... (1, Funny)

josepha48 (13953) | more than 9 years ago | (#8985349)

no seriously, yahoo's bulk mailer is picking my evits up as spam, so people are not getting their evites... Can I sue?

Re:you don't get invited to parties... (0)

Anonymous Coward | more than 9 years ago | (#8985567)

perhaps it's the fact that you're fat and ugly that doesn't get you invited?

Sad, but a vital piece of my anti-spam now (2, Interesting)

ratboy666 (104074) | more than 9 years ago | (#8985929)

For about a year now, I have tried a new anti-spam approach. Previously, tried black listing, white listing, and etc.

Problem is that the spam keeps coming, and sucks *my* bandwidth.

So I thought about it... And here's what I do. I use a hotmail account. With spam protection. Set to DELETE spam. I use a script (gotmail) to read the hotmail and transfer to my "real" email. Hotmail does a pretty good job on anti-spam, *and* I don't have to bother about the bandwidth.

Once we have a relationship established, you get my "real" email.

And I'm sticking to it. Works for now -- I've only had 100ish pieces of spam in the past year. Note that Hotmail seems to have improved the anti-spam features in the last six months (there was a sharp drop in spam).

If I subscribe to a list, I *only* use the hotmail address. Bet your bippy. I don't *trust* you yet, and I don't know where that email address is going. If the list gets bounced -- I don't see it, and, frankly, I don't care that much. Better than getting hammered on my server using my bandwidth.

My sympathies though... good luck dealing with Yahoo, Hotmail, (__fill_in_the_blank___).


Using that Hotmail account to buy anything? (1)

CritterNYC (190163) | more than 9 years ago | (#8997182)

Hotmail's filtering is notorious for dropping real email. They even drop transactional email (ie... you buy something from ABC, ABC sends you a confirmation of the order, Hotmail considers it spam).

Suffered this. (4, Interesting)

Godeke (32895) | more than 9 years ago | (#8985989)

Our system uses e-mail to notify customers of status changes. For a while, AOL decided that we were spammers, althought that has just as mysteriously subsided. We have had intermittent problems across the board... in part because our messages meet a lot of the standard patterns for spam: includes links, unique identifiers (account numbers), etc. We have tweaked them over time to be less likely to be mistaken for spam, but nothing we do seems to make it perfect.

To get around these problems, we have basically had to implement a private communication system in our product so people see notifications when the log in. For frequent users, this works well enough they can turn of the e-mail notifiers, but for very occasional users, having to log in to see notifications takes a lot away from the ease of use.

Frankly, I don't see a great fix anytime soon: the spammers have taken to copying legitimate e-mail messages into "hidden" text, while the actual spam is delivered via CSS and Image tricks...the battle rages, probably for at least the next ten years (at which point I'm hoping that public key cryptography will allow people to prove they are actually who they say they are) which is why we created a backup communication channel.

AOL offers a whitelist for legit services (1)

Nonesuch (90847) | more than 9 years ago | (#9024912)

For a while, AOL decided that we were spammers, althought that has just as mysteriously subsided.
BTW, I recently stumbled across the AOL web site where they describe their IP based whitelist and how large-volume email sending sites (legitimate mailers) can be added to the whitelist:

http://postmaster.aol.com/tools/whitelist_guides.h tml [aol.com] .

While the AOL users may have a reputation for being clueless, the postmasters at AOL.com do some cool things. As I recall, AOL was the first major ISP to start rejecting SMTP connections from hosts that did not have PTR records (reverse DNS).

Turn Guerilla (1)

DrSkwid (118965) | more than 9 years ago | (#8986129)

buy a laptop & wardrive you way to an open access point et voilá, one clean spamming spot.

rinse, repeat until everyone is blacklisted, move town

Why email? (0)

Anonymous Coward | more than 9 years ago | (#8986166)

I don't understand the need for email at all. If you're telling 600 people the same thing, and this is information these 600 have paid to get, surely a better solution would be single web page these people could check occasionally. Even if 600 people gave you 50 cents a piece for the info (I'd guess a lot more), that $300 would pay for cheap web hosting and a domain name for years to come.

write better emails (1)

truffle (37924) | more than 9 years ago | (#8987437)

This question was worded in a fairly confusing manner, either hotmail is blocking him because he's mailing 600 people, or it's blocking him because his emails sound like spam.

If your emails sound like spam, fool around with them until they no longer sound like spam. Mail your own test hotmail address and see how it's received. Hotmails spam blocking may not be perfect, but I'm sure it's not out to get you specifially.

If you're emailing all 600 people in one batch, that's idiotic and email each person individually. I would write a script to do this, but I'm sure there are less geeky tools available as well. This seems very unlikely, but I'm including it just in case.

Re:write better emails (1)

Mark Shewmaker (29292) | more than 9 years ago | (#9003071)

If you're emailing all 600 people in one batch, that's idiotic and email each person individually.
I don't see how it's idiotic--assumming mailservers are blocking mail merely because they consider emails with more than a handful of recipients to mean the mail is spam, I can't see how pandering to such silly behavior is in the long-term best interest of anyone.

In fact, RFC2128 even discourages such behavior:

recipients buffer

The minimum total number of recipients that must be buffered is
100 recipients. Rejection of messages (for excessive recipients)
with fewer than 100 RCPT commands is a violation of this
specification. The general principle that relaying SMTP servers
MUST NOT, and delivery SMTP servers SHOULD NOT, perform validation
tests on message headers suggests that rejecting a message based
on the total number of recipients shown in header fields is to be
discouraged. A server which imposes a limit on the number of
recipients MUST behave in an orderly fashion, such as to reject
additional addresses over its limit rather than silently
discarding addresses previously accepted. A client that needs to
deliver a message containing over 100 RCPT commands SHOULD be
prepared to transmit in 100-recipient "chunks" if the server
declines to accept more than 100 recipients in a single message.
I would worry that if I tried to work around broken behavior of other ISPs, that I'd be continually running around in circles implementing workaround on top of workaround and causing even more problems. (I might want to alert my customers entering in hotmail or aol addresses that they will likely not receive my emails, suggesting they use another addresss if possible.)

Do what the spammers do (1)

booch (4157) | more than 9 years ago | (#8987480)

Change the text of the message. Change the from address. Add random words. Use 1337-5p34k. Forge the headers.

Seriously, it depends on why you are getting filtered. If you are getting filtered by content, then the spammer's techniques may actually work. If you have been black-listed, then your best bet is to work with the ISPs to see what you can do to get taken off of their blacklists. If possible, have your users white-list you.

Our policy (0)

Anonymous Coward | more than 9 years ago | (#8988317)

We don't talk to people on free mail services at all. We figure that if they can't do better than Hotmail (or even AOL), they're probably too clueless to deal with anyway.

legit mass email (1)

dchamp (89216) | more than 9 years ago | (#8988553)

There are ways to get around it. I've created a couple of legit mass email applications for clients (definitely not spam!), the most recent as a PHP app. It took quite a bit of tweaking, but I was able to get it to sneak the emails it generates past most spam filters.

Sending mass email using CC or BCC is just about a guaranteed way to trip the filters at AOL or Hotmail. I'm pretty sure they check the message id in the header, among other things.

For the most part, I tested by sending email thru spamassassin, and tweaking it to get the lowest score possible. There are other various techniques you can use too... for instance, spacing the timing out, or write your app in such a way that it doesn't blast the emails out to one ISP as fast as it can.

YMMV, but using these methods I've been able to send out 3k to 5k mass emails without many problems.

Is he spamming? (1)

sfjoe (470510) | more than 9 years ago | (#8988867)

We have only the recruiter's word that he is not a spammer. Is his 600-client email the ONLY email he sends? I think we all know about the reputation that recuiters have. I've received spam from recruiters and I wouldn't be surprised at all if he was spamming to get new customers as well as sending his monthly updates to clients.

RSS Feeds (1)

soccrates (634152) | more than 9 years ago | (#8992032)

I think RSS news feeds are the perfect solution to many of these situations. Give the user the ability to subscribe to an RSS feed rather then getting an email... this unfortunately will be only suitable for advanced users.

Once spam forces more to go down this track, I'm sure better tools, and better integration with desktops will open the flood gates.

Answer: You don't. (2, Insightful)

Otto (17870) | more than 9 years ago | (#9006426)

Look, if you could get your message into my inbox by actions that you could take, then the SPAM filter has *failed* and would need adjustment.

The idea is to filter out things that look like spam. And I'm sorry, but what you say you're sending sounds like a lot of the spam I get, so it rightly should get filed as Junk.

That's not to say that it is, indeed, spam, if it's a pay for it sort of list. But the thing is that no email service deletes spam by default. If your message are getting foldered off somewhere, then it's up to the users to whitelist you and let your emails appear in their inbox instead of getting junkfiled. All of these free mail services have such capabilities.

But I would certainly hope that there would be nothing the sender of the email could do that would move his mail from my junk folder to my inbox. If they can, then the spam detection needs to be fixed. See the idea here?

Re:Answer: You don't. (1)

LetterJ (3524) | more than 9 years ago | (#9021319)

The problem is those who complain that they never got their receipt for their download purchase or any response to their web-submitted trouble ticket. They may have been either directly or indirectly responsible for creating the filter, but sure aren't willing to take responsibility for that fact.

I have scripts that send out messages in both of those situations as well as to deliver 30 day trial URL's. In every single one of those cases, the user directly requested it and in one of those cases, the user is legally *entitled* to the message containing their registration code.

However, I find an increasing number of these messages never get through. Instead of smooth operations that provide the requested information immediately, I hear from someone 2 weeks after I responded to their trouble ticket and they're irate because I "never responded".

I want to be able to ensure things get delivered, not because I want to flagrantly disregard all respect for email privacy, but because people are expecting the messages they request to actually arrive.

Re:Answer: You don't. (1)

Otto (17870) | more than 9 years ago | (#9050560)

However, I find an increasing number of these messages never get through. Instead of smooth operations that provide the requested information immediately, I hear from someone 2 weeks after I responded to their trouble ticket and they're irate because I "never responded".

I hear you and understand your dilemma, but what I'm saying is that if you have any actual way out of this dilemma then it's likely that the system is broken. The whole point is to put the user in control of what they get, and to remove control from the sender. The problem with this is that you have clueless users. Okay, I feel your pain, but hey, you're not the first to deal with this problem. My advice is to stop trying to bypass the system and to tell your users, "hey, it was sent, but I can't guarantee WTF happens on your end.. Talk to your ISP." Because catering to the clueless doesn't give them incentive to get a clue.

I want to be able to ensure things get delivered, not because I want to flagrantly disregard all respect for email privacy, but because people are expecting the messages they request to actually arrive.

They can *expect* any damn thing they please. But you send it and have no errors, then your job is done and your legal obligation is fulfilled, AFAICT. You cannot be held responsible beyond that. I'd tell them that the message was sent, and beyond that they are on their own. If they leave, they leave. Some customers simply aren't worth your time to support.

And BTW, if you are offering any kind of your own guarantees on email getting through, then you're a fool to begin with. E-Mail is not a guaranteed system... never has been, never will be.

"Legit" services??? He _is_ a spammer (1, Funny)

Anonymous Coward | more than 9 years ago | (#9016172)

whois -h whois.pairnic.com spamblogging.com

Stensland Systems
13 Westwood Lane
Paget, PG04

Administrative & Technical Contact:
Eric S Smith
Stensland Systems
13 Westwood Lane
Paget, PG04
That name sounds familiar. Let me check my inbox -- ah yes:
From: "Eric Smith" <snowdog@juno.ocn.ne.jp>
Subject: Thoughts on the coming 'discovery' of Bin Laden: the best propaganda a campaign can buy
Date: Sun, 18 Jan 2004

Eric A. Smith
Hot Damn! Design

--The Best Propaganda Money can Buy

Unless preparations are made for its eventuality, the announcement
of Bin Laden's capture will be the death-knell for the 2004
Democratic campaign.

{rest of message snipped}
{HTML duplicate of message snipped}
What the fuck is this? I didn't sign up with this dumbshit to get his drivel e-mailed to me. And this is only one of about 3 or 4 UNSOLICITED messages he sent. E-mail from a server in Japan; website registered in Bermuda. What's up with that?

And now he's got the gall to come whining to Slashdot???!

Re:"Legit" services??? He _is_ a spammer (1)

Otto (17870) | more than 9 years ago | (#9062906)

Other than the words "Eric" and "Smith", I see nothing in common between those two people. Even the middle initial is wrong (S vs. A).

Considering the commonness of the name "Eric" and the freakin' cliche commonness of "Smith", I think it's a bit of a leap to instantly assume these are the same person. I'm not saying they are not, but I am saying that I'd personally need a bit more evidence to buy into your theory here...

Email is broken today (1)

cdrguru (88047) | more than 9 years ago | (#9031251)

Confirmation emails for purchases are blocked.

Emailed newsletters that are paid for are blocked.

Emails from friends and family are blocked.

Forget it. Email is broken. It cannot be used in a reliable sense by any commercial entity. Partly this is due to the anti-spam activists that want all "commercial" email banned. Partly this is due to ISPs that implement filters and have decided that they do not need to whitelist anyone without performing their special procedure. You cannot win at this game - the anti-spam activists have won what they think is the game they are playing. Unfortunately, what they do not understand is the rest of the world is playing a different game with different rules.

I do not know what the final answer to this is, but email isn't any part of it. RSS might work, but this requires other software for clueless newbie users to install. I think the only answer is a web page where the user signs in to read messages, print receipts, and so on.

use hashcash (1)

Adam Back (600774) | more than 9 years ago | (#9045239)

If you send hashcash on your mail, then at least for people using spamassassin 2.7 (and soon to be released 3.0) your chances of being subject to false positive pretty much disappear. (Think I read spamassassin is used on about 130M inboxes) See hashcash [hashcash.org] for instructions on hooking hashcash up to various MUAs and MFAs. (Hashcash does not cost money, it costs the senders CPU time to create a Proof of Work stamp which looks like this:
X-Hashcash: 0:040503:adam@cypherspace.org:271cc51dc3355f5a1b8f 092f
which is added to the email headers as a stamp, one for each recipient.)
Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account