I was asked today if Spamcop should be "trusted." After all, even the Spamcop Wikipedia page says that their blocking list is "controversial." Though, is it truly more controversial than any other blacklist out there? Let me tell you what I know. The last time I looked at Spamcop from a receiver's perspective was back in 2007. Back then, I found it to be pretty accurate. A Spamcop listing truly seemed to be indicative of a sending IP address sending unwanted mail. That data is from a long time ago, but I haven't seen anything since then that would make me think they've changed for the worse by any significant measure. Long, long ago, when Spamcop was a one-man show (created and run by a guy named Julian Haight), I did find the blocking list to be controversial. I regularly saw listings of IP addresses sending very clearly only opt-in email, with nothing funny or weird going on. Even confirmed opt-in email. But since that time, Spamcop has been sold to Ironport, who has since been sold to Cisco. So nowadays, Spamcop is a tiny little part of Cisco. With that transition to corporate ownership, came new hands and new policies, which (in my opinion) seemed to significantly improve the reliability of Spamcop. From a sender's perspective, I regularly help clients monitor for and address Spamcop listings. Because my prior testing of Spamcop led me to trust that it was typically correct, I typically think that a Spamcop blacklisting of a client's sending IP address is probably "correct" -- I suspect it is properly indicative that there is a problem that needs to be addressed. I think if a sender is regularly finding themselves listed on Spamcop's blacklist, then their list is probably outdated, poorly permissioned, or otherwise flawed. In these cases, I do think it's appropriate to run a permission pass to clean up the list and resolve any list hygiene issues. At the same time, discard any list segments that contain anything other than opt-in subscribers. Bought list? It's time to throw it out. That's my opinion, provided with my alternating "sender" and "receiver" hats. What's your opinion?
I'd care to an extent. These days its "slightly" tricky to "understand" a reliable blacklist. One reason is because there's no set "best practice" on how to run a blacklist vs credibility of data.
ReplyDeleteI could go on & on, but I'll stop at that for other folks to comment as well :)
I also care.
ReplyDeleteLike you Al, my experience (as timid as it is compared to yours) has taught me that as much as a Spam Cop complaint is a clear indicator of a bad recipient experience. Over time these have proven to be reliable early warning signs. Actually being listed definitely rings alarm bells and actions need to be taken before the block is applied by ISPs.
People who don't take them seriously and find SpamCop's existence inconvenient, will be even more inconvenienced when their inbox placement fades away.
Spamcop is one of the few "always on" blocklists for me. The only false positives I see from it these days are when an IP is sending both spam and legitimate email, and those are quite rare. I find that it misses careful snowshoe spammers, but not much else.
ReplyDeleteIt, along with a couple of other spamtrap-driven, autolisting BLs, provides a reliable early warning system for bad sending IPs.
I use Spamcop's dnsbl in my incoming MTAs and I also consistently report spam I receive to them.
ReplyDeleteIn the last 6 months I've reported two emails that were in fact legit emails and not spam. Within two hours of my report, the Spamcop Administrator had disabled my report capability and asked my to clarify those false reports. After I explained that they were false positives, they were not processed and my report capability restored.
I am quite happy this has happened, as it proves that Spamcop does an excellent job, keeping the quality of the blacklist very high.
We use spamcop as a connection level hard bounce RBL, and I don't recall receiving any complaints with regards to false positives. Our banner message contains a URI pointing to the spamcop listing, and if the sender gets themselves delisted at the source, then everyone's happy.
ReplyDelete