M3AAWG published a letter to the FCC addressing the implementation of CSRIC III Cybersecurity Best Practices (pdf link)
The takeaway is that of the ISPs that contribute data to M3AAWG (37M+ users), over 99% of infected users receive notification that they are infected.
I hear from senders occasionally that they are not the problem, bots are the problem and why isn’t anyone addressing bots. The answer is that people are addressing the bot problem.
Intro was the LinkedIn product that created an email proxy where all email users sent went through LinkedIn servers. This week LinkedIn announced it is discontinuing the product. They promise to find new ways to worm their way into the inbox, but intercepting and modifying user mail doesn’t seem to have been a successful business model.
Read MoreSenders: You’re blocking our mail, why?
Receivers: Because you’re spamming, stop spamming and we won’t block you.
Senders: But we’re not spamming. What do you mean we’re spamming! How could we be spamming, we’re not sending spam!
Receivers: You’re doing all these things (generating complaints, sending to dead accounts, hitting spam traps, not bounce handling, etc) that makes your mail indistinguishable from spam.
Senders: But we can’t tell what we’re doing wrong unless you give us more data!
Receivers: OK, fine. Here are FBLs, postmaster pages, sender access to support people. Now, stop spamming.
time passes
Receivers: It’s costing us how much to provide support to senders?!?! And after years of giving them lots of data it’s still the same problems over and over again? We’re not a charity, we’re going to control our costs and stop providing so much personal support.
And that, readers, is why receivers are pulling back from providing the data they used to.
I’m seeing scattered reports of the SBCGlobal.net MTAs refusing connections. No current information about fixes.