Nameless and faceless

Ken Magill wrote about Spamhaus last week. In the article he commented about the volunteers.

By most accounts, the folks responsible for maintaining Spamhaus’s blacklists can be a very annoying group to deal with—mainly because they’re faceless and unforgiving.

Today, Ken published a response from Steve Linford, the head of Spamhaus. The response is well worth a read and I encourage you to head over to Ken’s site to read the whole thing.
I didn’t comment last week, mostly because I negatively reacted to the “faceless and unforgiving” comment.
I’ve had lots of interactions with Spamhaus volunteers over the years. And, yeah, I have had the occasional interaction that was frustrating on all sides. I was annoyed, my clients were annoyed and Spamhaus was annoyed. But these experiences are memorable because they’re so rare. Most of the time, the Spamhaus rep is polite and professional.
In my experience, Spamhaus is quite forgiving of honest mistakes. There was one memorable incident a few years ago where I got very descriptive email, including screenshots, from the CEO of one of my clients. That client had a spammer get on their network and trigger a SBL listing. One of the founders went in and disconnected the customer. But, the customer had called in and gotten their new abuse desk person on the phone and managed to get turned back on. Spamhaus was very understanding and the listing was taken down very promptly.
There are two situations where Spamhaus reps have “acted unforgiving.”

  1. When the resolution proposed by the listee won’t do anything to stop unsolicited mail.
  2. When there is a history of spam and broken agreements and repeat behaviour from that particular sender.

I think in both of these situations “unforgiving” is not unreasonable. Spamhaus’ goal is to protect their customer networks from spam. Delisting an entity when their proposed fix won’t actually fix whatever caused the listing in the first place makes no sense. Yes, it’s frustrating to the listee, but in this case Spamhaus’ role is to be the gatekeeper. Likewise, I think volunteers are smart to be cautious when dealing with someone who has repeatedly broken delisting agreements.
As for faceless, well, Ken has it semi-right. Spamhaus volunteers are regulars at MAAWG and I consider some of them friends. Here’s the thing, though, I work for my clients through the sbl-removals@ address, and there are actually listings where I couldn’t tell you which volunteer I was dealing with. It doesn’t really matter, though, they are SR-whatever and acting as a representative of Spamhaus.
The service Spamhaus provides is unique and important. Not only are their lists trusted by large ISPs, but their data is also trusted by law enforcement throughout the world. Without the work done by Spamhaus, a lot of us would have a lot more spam in our inboxes. I know sometimes they block IPs at the most inconvenient times: some delivery friends swear that Spamhaus reps know their vacation schedule.
Overall, though, the Internet is better for having the “nameless and faceless” Spamhaus volunteers than it would be otherwise.

Related Posts

Dealing with complaints

There are a lot of people who abuse online services and use online services to abuse and harass other people. But handling complaints and handling the abuse are often afterthoughts for many new companies. They don’t think about how to accept and process complaints until they show up. Nor do they think about how bad people can abuse a system before hand.
But dealing with complaints is important and can be complicated. I’ve written many a complaint handling process document over the years, but even I was impressed with the Facebook flowchart that’s been passed around recently.

In the email space, though, all too many companies just shrug off complaints. They don’t really pay attention to what recipients are saying and treat complaints merely as unsubscribe requests. Their whole goal is to keep complaints below the threshold that gets them blocked at ISPs. To be fair, this isn’t as true with ESPs as it is with direct senders, many ESPs pay a lot of attention to complaints and will, in fact, initiate an investigation into a customer’s practice on a report from a trusted complainant.
There are a lot of legitimate email senders out there who value quantity over quality when it comes to complaints. But that doesn’t mean their lists are good or clean or they won’t see delivery problems or SBL listings at some point.

Read More

Spamhaus rising?

Ken has a good article talking about how many ESPs have tightened their standards recently and are really hounding their customers to stop sending mail recipients don’t want and don’t like. Ken credits much of this change to Spamhaus and their new tools.

Read More

Spamtraps are not the problem

Often clients come to me looking for help “removing spamtraps from their list.” They approach me because they’ve found my blog posts, or because they’ve been recommended by their ISP or ESP or because they found my name on Spamhaus’ website. Generally, their first question is: can you tell us the spamtrap addresses on our lists so we can remove them?
My answer is always the same. I cannot provide a list of spamtrap addresses or tell you what addresses to remove. Instead what I do is help clients work through their email address lists to identify addresses that do not and will not respond to offers. I also will help them identify how those bad addresses were added to the list in the first place.
Spamtraps on a list are not the problem, they’re simply a symptom of the underlying data hygiene problems. Spamtraps are a sign that somehow addresses are getting onto a list without the permission of the address owner. Removing the spamtrap addresses without addressing the underlying flaws in data handling may mean resolving immediate delivery issues, but won’t prevent future problems.
Improving data hygiene, particularly for senders who are having blocking problems due to spam traps, fixes a lot of the delivery issues. Sure, cleaning out the traps removes the immediate blocking issue, but it does nothing to address any other addresses on the list that were added without permission. In fact, many of my clients have discovered an overall improvement in delivery after addressing the underlying issues resulting in spamtraps on their lists.
Focusing on removing spamtraps, rather than looking at improving the overall integrity of data, misses the signal that spamtraps are sending.

Read More