BLOG

A Disturbing Trend

Over the last year or so we’ve been hearing some concerns about some of the blacklisting policies and decisions at Trend Micro / MAPS.
One common thread is that the ESP customers being listed aren’t the sort of sender who you’d expect to be a significant source of abuse. Real companies, gathering addresses from signup forms on their website. Not spammers who buy lists, or who harvest addresses, or who are generating high levels of complaints – rather legitimate senders who are, at worst, being a bit sloppy with their data management. When Trend blacklist an IP address due to a spamtrap hit from one of these customers the actions they are demanding before delisting seem out of proportion to the actual level of abuse seen – often requiring that the ESP terminate the customer or have the customer reconfirm the entire list.
“Reconfirming” means sending an opt-in challenge to every existing subscriber, and dropping any subscriber who doesn’t click on the confirmation link. It’s a very blunt tool. It will annoy the existing recipients and will usually lead to a lot of otherwise happy, engaged subscribers being removed from the mailing list. While reconfirmation can be a useful tool in cleaning up senders who have serious data integrity problems, it’s an overreaction in the case of a sender who doesn’t have any serious problems. “Proportionate punishment” issues aside, it often won’t do anything to improve the state of the email ecosystem. Rather than staying with their current ESP and doing some data hygiene work to fix their real problems, if any, they’re more likely to just move elsewhere. The ESP loses a customer, the sender keeps sending the same email.
If this were all that was going on, it would just mean that the MAPS blacklists are likely to block mail from senders who are sending mostly wanted email.
It’s worse than that, though.
The other thread is that we’re being told that Trend/MAPS are blocking IP addresses that only send confirmed, closed-loop opt-in email, due to spamtrap hits – and they’re not doing so accidentally, as they’re not removing those listings when told that those addresses only emit COI email. That’s something it’s hard to believe a serious blacklist would do, so we decided to dig down and look at what’s going on.
Trend/MAPS have registered upwards of 5,000 domains for use as spamtraps. Some of them are the sort of “fake” domain that people enter into a web form when they want a fake email address (“fakeaddressforyourlist.com”, “nonofyourbussiness.com”, “noneatall.com”). Some of them are the sort of domains that people will accidentally typo when entering an email address (“netvigattor.com”, “lettterbox.com”, “ahoo.es”). Some of them look like they were created automatically by flaky software or were taken from people obfuscating their email addresses to avoid spam (“notmenetvigator.com”, “nofuckinspamhotmail.com”, “nospamsprintnet.com”). And some are real domains that were used for real websites and email in the past, then acquired by Trend/MAPS (“networkembroidery.com”, “omeganetworking.com”, “sheratonforms.com”). And some are just inscrutable (“5b727e6575b89c827e8c9756076e9163.com” – it’s probably an MD5 hash of something, and is exactly the sort of domain you’d use when you wanted to be able to prove ownership after the fact, by knowing what it’s an MD5 hash of).
Some of these are good traps for detecting mail sent to old lists, but many of them (typos, fake addresses) are good traps for detecting mail sent to email addresses entered into web forms – in other words, for the sort of mail typically sent by opt-in mailers.
How are they listing sources of pure COI email, though? That’s simple – Trend/MAPS are taking email sent to the trap domains they own, then they’re clicking on the confirmation links in the email.
Yes. Really.
So if someone typos their email address in your signup form (“steve@netvigattor.com” instead of “steve@netvigator.com”) you’ll send a confirmation email to that address. Trend/MAPS will get that misdirected email, and may click on the confirmation link, and then you’ll “know” that it’s a legitimate, confirmed signup – because Trend/MAPS did confirm they wanted the email. Then at some later date, you’ll end up being blacklisted for sending that 100% COI email to a “MAPS spamtrap”. Then Trend/MAPS require you to reconfirm your entire list to get removed from their blacklist – despite the fact that it’s already COI email, and risking that Trend/MAPS may click on the confirmation links in that reconfirmation run, and blacklist you again based on the same “spamtrap hit” in the future.

We have been in a pretty lengthy back and forth with maps. Its just a disaster all around. We cleaned up around 200+ accounts, but they are still seeing trap hits. I finally got fed up and we just asked them outright “we cleaned up 200+ customers lists, and are still hitting traps? any chance you guys are clicking links?”. At this point they have a substantial amount of our IP space listed and are just making this painful. They haven’t had time to respond to our question, but at this point maps seems to be the new SORBS.An ESP’s take on the issue

We (Word to the Wise) aren’t an ESP – if we were then the risk of damage to our business due to publicly criticizing a blacklist would mean we wouldn’t be able to do it – so we don’t have first-hand experience of this behaviour. We have been told by six ESPs and an infrastructure company that Trend/MAPS has ongoing issues with inaccurate listings. Four of them have said that Trend/MAPS is clicking on links in email they’re sending, in some cases confirmation links. We’ve been provided data, including web access logs showing clicks on confirmation links in email sent to “trap” domains registered by Trend from anonymous Taiwanese consumer IP addresses. Many of the “trap” domains are registered by a Director of “Core Tech” at Trend Micro, at a Taiwanese address.
These email addresses were confirmed over the past several years, and have been used to justify aggressive blacklisting of ESPs since. MAPS representatives also confirmed to two ESP representatives that they did sometimes click on links in email sent to their trap addresses during investigations – and that matches data provided to us by another ESP that suggests Trend/MAPS will sometimes go through and click on many of the links in a batch of emails, possibly including any confirmation or reconfirmation links in those emails.
So, it seems that the Trend/MAPS blacklists are being run in a way that will sometimes blacklist sources of 100% COI wanted email, as well as sources of likely wanted email that’s not entirely COI. Conversely, it’s pretty easy to identify or block the trap domains they’re using (a simple google search will find thousands of them, and null-routing the five or so MXes they use would block all email to them) so any moderately smart spammer could easily avoid being listed by them. That suggests the data quality is probably poor.
It’s even worse than that, though.
Trend/MAPS don’t only run their own spamtrap domains. They also are fed data by spamtraps run by consumer ISPs, including Comcast. There’s data from the ESPs we’ve been talking to that show that senders that have been blacklisted by Trend/MAPS for “spamtrap hits” are sending email to @comcast.net addresses that had previously been confirmed by the same anonymous Taiwanese consumer IP address as was found clicking on confirmation links. So it’s likely that Trend/MAPS habit of clicking confirmation links in mail sent to “spamtraps” is poisoning ISPs independent spamtrap data, as well as their own published blacklists.
ESP representatives have been asking Trend Micro about these issues for months. On Wednesday we invited a MAPS rep to comment on the issue as we were planning on writing about it, but didn’t hear anything back beyond a request for specific examples. We declined to provide that for several reasons – it’s not our data to share, doing so would reveal which ESPs provided it to us, and it’s all been provided to Trend/MAPS by the ESPs concerned so they already have the data and are aware of the issues.
Trend/MAPS are tainting the spamtraps they use, by setting them up such that they’re likely to catch sources of mostly wanted email, including sources of 100% COI email. If they were doing that as part of a survey or research project, that would be OK, though the data would likely not be of much value. Instead, though, they’re accusing the senders of this mail of spamming, listing them on their blacklist and making unreasonable demands of the senders before they’ll remove their listing. As MAPS are also selling this data to large US consumer ISPs who use it to block email, the senders don’t have much choice but to comply with those unreasonable demands. (Update 8/9/11: A sender who was listed by MAPS in the last few days is seeing inbox delivery at the major US ISPs we believed were Trend/MAPS customers. It appears that our data on MAPS usage is out of date.) I also wonder how accurate Trend/MAPS are in how they represent their spam filtering services and blacklist data to those ISPs who use them – I doubt those ISPs are intending to buy a blacklist service that blocks wanted, COI email.

40 comments

  1. Anon says

    Something is certainly fishy at Maps, as an ESP and having recently been listed for the first time ever (after ten years + in the industry) it does seem that something has changed there or a process has been mixed up
    Dealing with them has also been confusing, with mixed information being provided about if we hit a trap or were reported.
    There own stated process of notification and attempts for removal before being listed we also not followed.

  2. Mickey Chandler says

    I wonder if registering “typo” domains with the intention of gathering mail generated by other people has any privacy implications?
    My thinking isn’t done on this, but is certainly seems to me (at first blush), that this would come rather close to interception of communications.

  3. Another Anon says

    I work for an ESP and we don’t suppress domains like this, based on the theory that if a client is hitting spamtraps, we want to know so we can sanction or terminate them. But if Trend are acting in bad faith here, I guess my best bet is just to suppress any domain of theirs I can find (and it took about 30 seconds to find 2700 of them).

  4. Richard Johnson says

    Aren’t those of you who work for ESPs already managing your systems to account for and avoid false positive confirmations caused by antivirus and other malware detection software dereferencing and getting the URIs you send in your COI verification of request mails?

    1. laura says

      The issue isn’t necessarily that the links are being followed. That happens in any investigation. Heck, I misclicked a link when I was looking into a spam a friend sent me.
      The real issue is that Trend/MAPS is treating confirmed opt-in mail as spam. They cannot confirm links and then turn around and claim that if the ESP was just using COI they wouldn’t have this problem. It is a demonstrably false statement. There are ESPs using COI and they are having problems with Trend/MAPS.
      The other big problem is that a number of large ISPs are actually using the Trend/MAPS listings to refuse or block email. These ISPs could use Trend/MAPS data as part of a scoring system, and that would be OK. But as it is now, the Trend/MAPS data is so contaminated that blocking mail just because the source IP is on the RBL is going to block a lot of wanted mail.

  5. Al Iverson says

    No, and I don’t think it’s ours to account for. FP positive confirmations to date have been the stuff of legend, not really happening in reality. I can certainly understand how in 2011 any sort of network security vendor might need to follow links to identify potentially bad domains– but if I were in Trend’s shoes, I’d be doing it quite differently than they are — using spamtraps to feed both a blacklist and a network security system is a bad idea….use the spamtraps to build domain security data, sure, but then admit that you’ve soured the traps’ use for IP blacklist-related purposes.

  6. Catherine Jefferson says

    *Confirming* an opt-in confirmation request sent by an ESP and company that are doing the right thing, and then accusing the ESP or company of spamming when they send confirmed opt-in bulk email, is outright dishonest. If done by a blacklist, it’s beyond the pale. I hope that any ESP that has evidence of this will make it public. If Trend is doing this, then they are committing fraud on their customers, the listed ESPs and companies, and the public.
    HOWEVER, I’m not nearly as concerned if Trend is just listing ESPs that allow unconfirmed web site signups on lists that they email. Perhaps most of the mail sent to such lists is in fact genuinely opt-in, but plenty of it is not. I get plenty of allegedly “opt-in” email to my personal email addresses from ESPs despite never having requested that email.
    If I follow up and complain, often it turns out that “opt-in” means that somebody stuck my email address in a web form. The only “proof” offered of opt-in is a connecting IP address that is highly implausible: usually dynamically assigned from a pool in an area where I don’t live or travel. Is the mailer telling the truth about the web form signup? Doubtless some are and some aren’t. In any given situation, it’s impossible for me to tell for sure.
    Not confirming web form “opt-ins” is frankly irresponsible. It leaves the ESP and the company with no means to prove that the spammed address was given to them at all, rather than obtained through a list purchase or some other non-legitimate process. It results in the nut-case anti-spammers (yes, they do exist) subscribing email addresses of people that they know or suspect might complain to lists and thereby annoying us. It results in unsolicited bulk email — spam. Granted, the quantities of spam from this are miniscule compared to pills’n’porn botnet cr*p, 419 Advance Fee Fraud, phishing, and snowshoers. BUT it is much more likely to land in inboxes; it is annoying all out of proportion to the quantity of spam sent.
    If the irresponsible ESPs and companies that refuse (for convenience or some other reason) to confirm such opt-ins face listing in blacklists from time to time as a result, maybe that will produce some positive changes.

    1. laura says

      ESPs are, legitimately, a little worried about making the data public. There is a backlash from some folks when blocklists are criticized, even when those criticisms are about real issues and problems. We’re also talking about a blocklist that is insisting that currently confirmed lists be reconfirmed in order to resolve blocks. There’s zero point to that, unless what the blocklist is really saying is that the ESPs are lying. If they’re going to accuse the ESPs of lying privately, there is no reason to believe that they’re going to not accuse the ESP of lying publicly.
      And then there’s the concern that Trend/MAPS will escalate blocks further. I have heard from a couple ESPs that if Trend/MAPS decides that they don’t approve of how you are handling an issue, they will escalate to cover more and more IP ranges.
      With a history like that, I can definitely understand a reluctance to make the information public.

  7. steve says

    What we’ve been told is that IP addresses that emit nothing but 100% COI email are being listed, based on mail being sent to “spamtraps” that have previously confirmed their subscription.
    If that is the case – and I trust the people who’ve told me it is – then quite apart from anything else, it undermines the use of COI by ESPs. “Convince customers to migrate to COI, get blocked anyway.” is a terrible meme to have out there.

  8. Huey says

    Oh, how the Margie have fallen.

  9. Paul Vixie says

    So, Trend Micro bought MAPS some years ago and I don’t think they use the MAPS brand in any of their marketing. It’s safe to say that Trend is doing whatever is being done today, and to leave the MAPS name and brand out of whatever is being done today. Back when MAPS was an independent company, there’s no way that the owners or the staff would have allowed what’s being reported here. So as a favour to the original owners and staff, I’d like it very much if these reports could be in terms of “what Trend Micro appears to be doing” and not “what MAPS appears to be doing.” Noting, I have no information as to the accuracy of these reports. I still subscribe to the RBL+ and I like it.

    1. laura says

      Delisting requests and information about the RBL (and associated lists) are still using the MAPS brand and domains. For example: http://www.mail-abuse.com/removereq.html

  10. steve says

    If my name were associated with MAPS-that-was I’d be annoyed by this behaviour too. But the products we’re talking about (RBL+ and friends) are branded as “Mail Abuse Prevention System (MAPS)” by Trend, and the employees there use mail-abuse.com/.org email and web addresses.
    See http://us.trendmicro.com/us/products/enterprise/network-reputation-services/threat-prevention-network/ and surrounding pages.

  11. Catherine Jefferson says

    If the issue really is confirmed opt-in lists that are being caught mailing “spamtraps” that in fact subscribed to the mailings, then IMHO this would justify a group of ESPs getting together, pooling their data, putting their investigators and attorneys to work, and then filing suit. It would be a risk, but at least that way the risk is equally on Trend’s side. A blacklist lives and dies by its reputation. If these allegations prove true (and I trust your assessment of that, Steve), then Trend deserves to loose customers and money as well as its reputation.

  12. Catherine Jefferson says

    BTW, Paul, I don’t blame you for not wanting to be associated with this. A bunch of other former MAPs people are also horrified. (I’ve talked with a few.) We all still owe you for inventing DNS-based blocklists for fighting spam and malware. We still owe you and the rest of them for building the first blocklist and making it work so well that the technique became the standard.
    But as long as the MAPS name is used by Trend for its blocklisting product, I don’t think that it is wrong for others to call the product MAPS. It’s just sad to see the name once associated with a revolutionary spamfighting technique come to mean something so much less than it once did. 🙁

  13. Anonymous says

    Speaking from one of ESPs that MAPS has had in their sights for some time I can tell you that the master of ceremonies, the one and only Dave Rand himself was made aware of these atrocities and continued to tell us that the problem is ours and that we are spammers and the only option is to reconfirm everything. The COI stuff is just the tip of it, I have single opt-in customers that have never had a complaint in 6 years being told to reconfirm their entire list of 1500 because they have a typo’d domain trap on their list. I even asked if they would settle for the customer confirming just the non-opens/non-clicks and got the same answer: “they are a spammer, they must confirm the entire list”. The bottom line is that someone is being irresponsible with their power and we have no real/immediate recourse.

  14. Joe Sniderman says

    Paul Vixie – you said you are still using the RBL+ and liking it. Am I right to assume that ‘liking it’ implies that you are *not* losing massive amounts of wanted emails as a result of your RBL+ usage?
    Call me biased and jaded if you wish, but barring some sort of solid irrefutable proof, I’d tend to place a lot more credibility with users of a blacklisting complaining of losing mail that with email marketers complaining that they are being blocked incorrectly. So until there’s proof that TrendMicro is doing something wonky here, I do not believe the allegation.

  15. Huey says

    @Joe: I would not expect to see that proof outside of whatever court the civil suit is eventually held in, since anyone hypothetically currently in possession of it is already being placed in an untenable position by Trend, and revealing it would only make that position worse.
    What I don’t understand is what possible underlying motivation could exist for the alleged behavior. Why insist that everyone must be COI, and then punish people who are already doing the right thing? Does Trend own an interest in any ESPs?

  16. Mickey Chandler says

    Joe, at an individual user level, you are unlikely to see any significant issues. The probabilities are just stacked against that. Where you would expect to see issues is more toward the enterprise and ISP levels of usage where we are looking in the thousands of mailboxes rather than looking at the anecdotal evidence of a single end user, even if that end user is Paul Vixie.
    Additionally, you mention the loss of “massive” amounts of wanted email but again, in the context of a single user. So, are we to operate under an assumption that Paul has somehow voluntarily ended up on all of the marketing lists in the world, and pays careful enough attention to them all that he would notice when they are missing, and then back track that to a RBL+ listing?

  17. Cowardly anonymous says

    As an ESP being hitten by the same phaenomenon (and thank you very much for this article, it helps a lot seeing this is definitely not a random badly-managed BL but there must be some strategic plan under it ).
    Obviously Trend Micro has to answer to its customer base only; if they’re not getting complaints and will not be seeing churn to competition in the next quarters (as it appears this behaviour is recent basing on the comments I read and my own experience), I guess they have all the right to believe they are the best RBL around and say this to the world, until proven wrong.
    Who knows, maybe typo-domains squatting will prove to be the most effective phishing and malware distribution stopping tool around?

  18. Amaury says

    As the technical operator of a non profit mailing list with roughly 500 000 subscribers, I confirm that discussing with the operators of the MAPS blacklist is quite a challenge.
    Despite using only double opt-in and most “tricks from the book” (abuse feedback loop, list-unsubscribe, unsubscription of bounces…) we managed to get our hands on, one of our servers was blacklisted, and the MAPS operators will not provide significant feedback regarding the root cause nor reasonable remediation actions.
    Sending a confirmation email to all of our subscribers is not an option as it would generate significant workload on our (pro bono) support team. Asking 500 000 people to confirm their subscriptions -even though all of them have already done so!- just to abide by the “diktat” from a company is not acceptable.
    MAPS is the only blacklist which ever caused a problem in 10 years of operation. Overall I seriously doubt that the people behind the MAPS blacklist act in a professional manner, and I voice my concerns regarding the use of the MAPS database whenever I come across someone willing to use a blacklist.

  19. Anonymous says

    To: Cowardly anonymous: The fact is that since you have to PAY to use their RBL, they have far fewer users than most other blacklists so the impact is not as large. You are right, until their customers complain about missing mail not much will be done. My guess is that no one will notice until a REALLY Big brand has their email go missing. So far the ESPs and senders I’ve seen targeted are all catering to the smaller businesses out there.

    1. laura says

      There are two major US cable companies using MAPS lists as part of their blocking scheme, which causes a major impact on senders. And not all of the ESPs affected are catering to small business. At least one of the ones who told me they had a COI sender blocked handles Fortune 20 companies.

  20. Cowardly anonymous says

    To Anonymous: I respectfully disagree – I can tell you, that at least mine are surely not small businesses, and I doubt this discussion would have appeared unless some large business, ESP – and possibly both had been involved.
    To Amaury: I don’t subscribe to your view about dealing with the TM operators. I guess – actually I hope – they have to stick to whatever rules are defined for listing and removals. In fact, the TM operators have been responsive, clear and even friendly. I don’t think they are allowed to bend the rules if the holy verb is “COI is mandatory and no other factor is really important for a listing”. Of course, human research on who the sender actually is, has been and has been behaving over a significant stretch of time is generally believed to be a sign of a well-managed RBL, one with the “zero false positive” goal in its charter, but I would bet very few senders will readily admit their history is not crystal clean… unless confronted with proof. I am not in any way thinking managing a BL is an easy task, extensive knowledge of the industry is an absolute must.

    1. laura says

      The problem is that in the cases we’re talking about, the lists are COI already. So what benefit is reconfirming going to provide? You’re going to lose a lot of happy subscribers and may still end up with confirmed spamtraps on them.

  21. Cowardly anonymous says

    Laura: yes that’s really the most amazing, and useful, part of the article. It is most appalling that, as long as I understand, they did not take any action when confronted with this kind of evidence.
    The usefulness mostly lies in the fact that I admit I even evaluated for some time the idea of actually taking at least some of our customers and have them reconfirm their databases. Knowing it might not help anyway is definitely a precious hint. After reading this article I considered to confirm that behaviour in some of my cases too, but frankly speaking, given the overall benefit it’d bring, I’d rather spend my time and resources researching on the thankfully infrequent, but definitely precise and informative listings on more useful RBLs – the ones actually telling me when customers go bad.

  22. kelly molloy says

    @Joe: Call me crazy, but somehow I suspect Paul’s addresses/domains are suppressed as all get out at most ESPs. His view of “wanted mail” is probably not like most. Neither is mine, I suspect.
    @Anonymous: I don’t know of a single DNSBL that has a goal of zero FPs. There will always be FPs, no matter how well a list is run or how accurate it is. If you operate a DNSBL, what you want to make certain of is that every IP on your list meets your listing criteria and does so unambiguously. But it’s very difficult to never list a “mixed stream” IP and still have an effective and useful DNSBL.

  23. The sledgehammer of confirmed opt-in – Word to the Wise says

    […] Trend/MAPS policy is singling out senders that are sending mail people signed up to receive. We know for sure that hard core spammers spend a lot of time and money to identify spamtraps. The typo traps that Trend/MAPS use are pretty easy to find and I have no doubt that the real, problematic spammers are pulling traps out of their lists. Legitimate senders, particularly the ESPs, aren’t going to do that. As one ESP rep commented on yesterday’s post: I work for an ESP and we don’t suppress domains like this, based on the theory that if a client is hitting spamtraps, we want to know so we can sanction or terminate them. But if Trend are acting in bad faith here, I guess my best bet is just to suppress any domain of theirs I can find (and it took about 30 seconds to find 2700 of them).   Another Anon […]

  24. AnonymousESP says

    I represent an ESP with tens of thousands of small business clients. I can, unfortunately, confirm that everything in this blog post is correct.
    * Listing IPs that have only COI email coming from them.
    * Clicking COI email links to confirm subscriptions.
    * Using typos for very popular large ISP domains as spamtraps.
    * Using random typo domains as spamtraps that are commonly entered by real people just punching random home row keys on a qwerty keyboard.
    Road Runner actively uses MAPS to block email.

  25. Joe Sniderman says

    Well, I stand corrected. Got the proof I wanted late last night.

  26. The Proverbial Barry says

    funny that the ESP representatives are all anonymous. what are you hiding? maybe you are not as certain of your facts as you claim.

  27. steve says

    Trend Micro / MAPS have done punitive listings of ESPs who challenge them on the facts in the past. If I were an ESP, I certainly wouldn’t come out in public where MAPS employees could see I was challenging them.
    I’ve seen the data. It’s solid. More than that, the data strongly implies much less ethical behaviour by Trend Micro / MAPS than we’ve mentioned here – we’ve only reported on the stuff that meets a very high burden of proof.

  28. another anon ESP says

    Yeah, what Steve said. Plus the fact that most of what the ESPs have shared about this with each other and Steve could probably get us fired.

  29. ESPcustomer says

    My bosses have been operating for 6 years a very large newsletter with over 1 million optin subscribers. Our cost per acquisition is more than $30 per user. You do the math on how much their database is worth. Just a few weeks ago we got a call from our ESP saying that we hit some spam traps and that the account is on hold. Then next thing I know I have to report bad news to my boss. Our ESP basically told me that they have to reconfirm the entire list because we hit some of trend micro’s spam traps. So because of something as silly as that the entire business is now in jeapordy. Even if we move to another ESP i advised my bosses that this problem would still reoccur as we do not know which of the emails are spam traps and cannot remove them.
    Essentially trend micro is destroying entire businesses that hard working americans spent their entire life on building almost overnight. How can we defend against the bully that is trend micro?

  30. Another Anonymous ESP says

    Another ESP here dealing with this same issue. Unlike the other person above who was able to find thousands of their trap domains in 30 seconds, I have only been able to track down about 200. What did you do to find so many? I’d be happy just to be able to track down the MX servers they use for their traps.
    During my investigation, I found one domain that MAPS seems to have purchased a few years ago after it expired. The addresses I have for that domain are COI, and have been sent to regularly ever since they were signed up to my customer’s list. The COI pre-dates the date MAPS registered the domain. From my log history, they did not ever refuse delivery for that domain. Claiming it to be a valid spamtrap is just incomprehensible.
    FWIW here is a list of domains using the MAPS BL to which we send a nontrivial amount of mail.
    beld.net
    boeing.com
    cargill.com
    ccc.edu
    chevron.com
    cna.com
    congreso.gob.mx
    conocophillips.com
    db.com
    duvalschools.org
    gm.com
    houstonisd.org
    inbursa.com
    infosys.com
    internode.on.net
    iup.edu
    lmco.com
    miamidade.gov
    michigan.gov
    ncr.com
    nhs.net
    optusnet.com.au
    psu.edu
    qwest.com
    schwab.com
    schwans.com
    shands.ufl.edu
    statefarm.com
    sutterhealth.org
    townisp.com
    ucl.ac.uk
    zbzoom.net
    zoominternet.net

  31. Tony Finch says

    We (Cambridge University) stopped using the RBL+ 2.5 years ago. We were getting too many false positives, and Trend refused to do anything about them when we reported the problems.

  32. sparky says

    we are a small mail order biz, sending emails getting harder, get on RBL and never never send more than 20 emails a day in 13 years, yet on list all the time, too easy to get on list, post cards are looking real attractive again, thanks zealots

  33. Russell Hardidge says

    The practice of banning an IP address on the actions of one user of that address is akin to accusing everyone living in an apatment block with murder if one occiupent was a murderer. We use a shared IP addressand apparently another user of that address has at some stake been identified as a spanner and the action of Trend Micro is preventing us doing business with suppliers who use theTrend Micro system. Trend Micro consider that this is my problem. Maybe a class action against them for damages would change this opinion

  34. foo says

    While the ESP’s and E-marketeers care that their commercial offers get delivered nobody else really cares.
    let’s face it .. Is your live worse of without screaming advertisements in your inbox or spambox? No, It’s actually an improvement (for most people).
    While it’s of course wrong that MAPS is following the links in the mail, it’s the ESP’s that are responsible for the high reject rate they get, by allowing anybody with a list to simply import this list and start spamming (often for free). If there is any spam-complaint, this is mostly solved by simply ‘washing’ the list of those email-addresses which complain, without doing anything about the source of the complaints. This is the reason the ISP’s wants ESP’s to reconfirm all addresses. Any recipient that actually want’s to receive this mail will have no trouble to reconfirm that this person actually want’s to receive these mail. If they can’t be bothered, then trey are likely marking those mail as spam anyway.
    I would recomment that ALL esp’s REQUIRE a explicite (re)confirmation for all addresses for any new client.
    This would strongly reduce any spam-submits, and make spam-traps a non-trival problem. It would also mean that the customer using the ESP’s service has a strong incentive to stay, since they don’t want to subject their customers to a new reconfirmation even N months.
    Furthermore it’s customers responsibility to ensure that the email-addresses are correct. A double email-field is not to much to ask, and if your confirmation link uses java-script so that a bot can’t activate it (or requiring people to click a button) would do away with MAPS problem (even though they are clearly in the wrong here).
    But what ESP’s / e-marketeers seem to forget is that the single fact that they want to reach people with they (commercial) message doesn’t mean that those people want to be reached.
    In the end what is spam is simply determined by how people are ‘voting’. If they vote that a message is spam, it’s spam. If they vote that it’s ham, it’s ham.
    So stop stalking people, and only sent those people those things they explicitly want. Setup your system (as ESP) with save-guards in place to ensure that you only do that, and the ESP sector’s deliverability problem would disappear overnight (and you could finally admit at a party that you’re doing e-marketing).

    1. laura says

      In the case referred to here, confirmation has no effect. Trend was confirming email addresses and still using them as spam traps and listing IPs sending mail.

Comment:

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.