Help! I'm spam blocked by DCC!

A friend of a friend mentioned that they're finding mail bounced back with a reference to the DCC. "Halp! How do we get unblocked? I'm not a spammer!"

Truth be told, you don't get unblocked. As I wrote back in 2007, DCC isn't a spam filter. It's a bulk filter. What does that mean? It means that it catches any mail that is being sent to a whole bunch of people. Newsletters, order receipts, notifications, whatever.

Bulk is not a measure of whether or not something is spammy. Lots of legitimate mail is sent in bulk. The emails from my favorite Las Vegas casinos, emails I signed up for, those are all bulk. The updates from LinkedIn, which I also signed up for and want, those are bulk, too. So, just because it's bulk, doesn't mean it's spam.

What's a better measure of whether or not something is spam? Permission is, of course. And filters can't really tell about permission. Lots of anti-spam filters and blacklists apply a measure of reputation instead. Defining a reputation for a sender based on measurable things like spam complaints, bounce rates, and spamtrap hits, that makes it possible to get some sort of view as to whether or not a sender is spammy or not.

Why not apply something similar to the DCC? When are we going to have DCC+message level reputation? It would help stop things like snowshoe spam, where bad guys send the same message out over hundreds of IP addresses, trying to evade filters. Forget what IP address it was sent from-take the message checksum, check it against a list of messages with a bad reputation (messages that have been complained about), and block or bulk messages that don't have a good reputation.

It seems to me that something like this would be a good next step for something like DCC. But keep in mind, that is NOT what DCC is today. It's not a spam filter. It doesn't know about reputation or whether a message is desired or not.
Post a Comment