Mailing List Archive

On Dec 3, 2009, at 13:43, "richard@buzzhost.co.uk" <richard@buzzhost.co.uk
> wrote:
> On Thu, 2009-12-03 at 11:23 -0700, J.D. Falk wrote:
>> On Dec 2, 2009, at 12:59 AM, richard@buzzhost.co.uk wrote:

Look, get a room. Or at least take this twisted courtship dance
offlist and spare us, please.

>>

> From: LuKreme
>
> Look, get a room. Or at least take this twisted courtship
> dance offlist and spare us, please.
>

LuKreme,

certainly we understand your point here, yet what about accountability for
Return Path Inc (and other RPI companies) related rules in the default
Spamassassin configs?

we all know we can change them, yet why are they even there as a default?

how did they get in there in the first place?

i do not know and/or forgot specifically where to check...

last but not least, has any of that been changed in the upcoming future
version(s) of Spamassassin?

tia

- rh

From: "LuKreme" <kremels@kreme.com>
Sent: Thursday, 2009/December/03 20:55


> On Dec 3, 2009, at 13:43, "richard@buzzhost.co.uk" <richard@buzzhost.co.uk
> > wrote:
>> On Thu, 2009-12-03 at 11:23 -0700, J.D. Falk wrote:
>>> On Dec 2, 2009, at 12:59 AM, richard@buzzhost.co.uk wrote:
>
> Look, get a room. Or at least take this twisted courtship dance offlist
> and spare us, please.

With all the animosity on this issue I decided to give the HABEAS
rules a score, a negligible score to be sure, just to see what the
state of HABEAS is for me today.

In the last four days - nothing either spam or ham.

Those seeing HABEAS hits: are the hits ancient haiku hits or are they
the modern DNS test version? I imagine the haiku is still used by
some spammers. The DNS tests should legitimately show a rather small
percentage of spam. It appears (weasel word notice) ReturnPath puts
its members through a wringer to get the approval levels.

And how was the email determined to be unsolicited? (I believe in one
case it was a "never used spam trap address.")

Let's lay some facts out on the table rather than heap a load of
anecdotal poo on JD over various HABEAS hits.

And JD, I don't see on your site what it "costs" people to get listed
on your DNS approval lists other than some tests and documentation. Is
it possible spammers simply submit some buttered up documentation, get
approved, and accept getting it knocked back off your lists rapidly as
a business "time" expense?

Less shouting and more data and facts seems to be called for on both
sides. And for the nonce I'll grant both sides the legitimacy of their
frustrations on this HABEAS thing.

I note that JD is quite willing to discuss (and seemed to recommend)
a lowered default score. That seems quite reasonable.

{^_^} (Another JD, Jolly Dirty Old Woman type.)

On Fri, 2009-12-04 at 00:18 -0800, jdow wrote:
> From: "LuKreme" <kremels@kreme.com>
> Sent: Thursday, 2009/December/03 20:55
>
>
> > On Dec 3, 2009, at 13:43, "richard@buzzhost.co.uk" <richard@buzzhost.co.uk
> > > wrote:
> >> On Thu, 2009-12-03 at 11:23 -0700, J.D. Falk wrote:
> >>> On Dec 2, 2009, at 12:59 AM, richard@buzzhost.co.uk wrote:
> >
> > Look, get a room. Or at least take this twisted courtship dance offlist
> > and spare us, please.
>
> With all the animosity on this issue I decided to give the HABEAS
> rules a score, a negligible score to be sure, just to see what the
> state of HABEAS is for me today.
>
> In the last four days - nothing either spam or ham.
>
> Those seeing HABEAS hits: are the hits ancient haiku hits or are they
> the modern DNS test version? I imagine the haiku is still used by
> some spammers. The DNS tests should legitimately show a rather small
> percentage of spam. It appears (weasel word notice) ReturnPath puts
> its members through a wringer to get the approval levels.
>
> And how was the email determined to be unsolicited? (I believe in one
> case it was a "never used spam trap address.")
>
> Let's lay some facts out on the table rather than heap a load of
> anecdotal poo on JD over various HABEAS hits.
>
> And JD, I don't see on your site what it "costs" people to get listed
> on your DNS approval lists other than some tests and documentation. Is
> it possible spammers simply submit some buttered up documentation, get
> approved, and accept getting it knocked back off your lists rapidly as
> a business "time" expense?
>
> Less shouting and more data and facts seems to be called for on both
> sides. And for the nonce I'll grant both sides the legitimacy of their
> frustrations on this HABEAS thing.
>
> I note that JD is quite willing to discuss (and seemed to recommend)
> a lowered default score. That seems quite reasonable.
>
> {^_^} (Another JD, Jolly Dirty Old Woman type.)
>
PREAMBLE:
It's simple for me - I'm not out to win friends or influence anyone and
I find those that grease the wheels for the wholesale distribution of
spam (be it they hold the view it is legitimate or not) in exchange for
money - whilst claiming to be anti-spam - sick individuals that deserve
a good kicking at the very least. That's just my personal view.

RETURN PATH OFFER A PAID FACILITY TO ASSIST IN THE DELIVERY OF UBE.
That's what they do - no matter how nicey nicey Mr Falk may appears to
be. It's his job.

SPAMASSASSIN is about assassinating spam - not facilitating it. Negative
scores applied to a bulk mailing service without the users consent (the
default for Spamassassin is to allow this rule at a minus score) has me
wondering just who's in bed with who? There may be a reasonable argument
that Spamassassin, as configured by default, gives unfair commercial
advantage to HABEAS registered spammers and I'm more curious to find out
WHY than anything else. It would be acceptable for me if it shipped with
a zero score by default with notes in the readme for giving it a minus
score at the users discretion.

Although this is only a few points in the wrong direction, the
implications this has for the integrity of Spamassassin as an anti-spam
system is in question. Are Return Path making regular donations to
Apache and wanting something in return? What possible plausible reason
is there for a bulk mailing whitelist to appear with a favourable score
in a program heavily used to block spam?

Being well known companies that a person may have once done a very small
amount of business with does not mean that their UBE habits are
acceptable in any way.

FACT
For me, until I changed it to a positive +10 score for HABEAS, the only
time I saw the name was in unwanted UBE - to me, that is SPAM. Making a
fuss on this list (and nowhere else) suddenly had IP's disappear off the
HABEAS list. {dark forces at work indeed}. The kind of people this has
appeared in are not the expected MAINSLEAZE, but shabby bottom feeders.
The kind that think registering with PaytoSpam services (be that a
listing in emailreg.org or Habeas Accreditation) will make them in some
way legitimate in their actions.

FINAL
This is not a social club, it's a question and issues list for
Spamassassin. My question and issue is why, by default, does
Spamassassin use the HABEAS white list, and why is it out of the box set
with a score to favour delivery of their junk? It's a fair question. The
answer 'just change the score' is not the correct answer. The correct
answer will be precisely why this state of affairs exists.

On 12/4/2009 10:57 AM, richard@buzzhost.co.uk wrote:
> FINAL
> This is not a social club, it's a question and issues list for
> Spamassassin. My question and issue is why, by default, does
> Spamassassin use the HABEAS white list, and why is it out of the box set
> with a score to favour delivery of their junk? It's a fair question. The
> answer 'just change the score' is not the correct answer.

the answer is totally correct. SA is a framework, which luckily allows
YOU do whatever you want with it, so please do, whatever YOU want (that
does not include beating a dead horse on the list) and move on.

> The correct answer will be precisely why this state of affairs exists.

- because developers think/have thought its a good idea.

- because nobody other than you makes such a noise about it. And YOU who
are so against, have you submitted a bug to have whatever reconsidered.

EOT

From: <richard@buzzhost.co.uk>
Sent: Friday, 2009/December/04 01:57


> On Fri, 2009-12-04 at 00:18 -0800, jdow wrote:
>> From: "LuKreme" <kremels@kreme.com>
>> Sent: Thursday, 2009/December/03 20:55
>>
>>
>> > On Dec 3, 2009, at 13:43, "richard@buzzhost.co.uk"
>> > <richard@buzzhost.co.uk
>> > > wrote:
>> >> On Thu, 2009-12-03 at 11:23 -0700, J.D. Falk wrote:
>> >>> On Dec 2, 2009, at 12:59 AM, richard@buzzhost.co.uk wrote:
>> >
>> > Look, get a room. Or at least take this twisted courtship dance
>> > offlist
>> > and spare us, please.
>>
>> With all the animosity on this issue I decided to give the HABEAS
>> rules a score, a negligible score to be sure, just to see what the
>> state of HABEAS is for me today.
>>
>> In the last four days - nothing either spam or ham.
>>
>> Those seeing HABEAS hits: are the hits ancient haiku hits or are they
>> the modern DNS test version? I imagine the haiku is still used by
>> some spammers. The DNS tests should legitimately show a rather small
>> percentage of spam. It appears (weasel word notice) ReturnPath puts
>> its members through a wringer to get the approval levels.
>>
>> And how was the email determined to be unsolicited? (I believe in one
>> case it was a "never used spam trap address.")
>>
>> Let's lay some facts out on the table rather than heap a load of
>> anecdotal poo on JD over various HABEAS hits.
>>
>> And JD, I don't see on your site what it "costs" people to get listed
>> on your DNS approval lists other than some tests and documentation. Is
>> it possible spammers simply submit some buttered up documentation, get
>> approved, and accept getting it knocked back off your lists rapidly as
>> a business "time" expense?
>>
>> Less shouting and more data and facts seems to be called for on both
>> sides. And for the nonce I'll grant both sides the legitimacy of their
>> frustrations on this HABEAS thing.
>>
>> I note that JD is quite willing to discuss (and seemed to recommend)
>> a lowered default score. That seems quite reasonable.
>>
>> {^_^} (Another JD, Jolly Dirty Old Woman type.)
>>
> PREAMBLE:
> It's simple for me - I'm not out to win friends or influence anyone and
> I find those that grease the wheels for the wholesale distribution of
> spam (be it they hold the view it is legitimate or not) in exchange for
> money - whilst claiming to be anti-spam - sick individuals that deserve
> a good kicking at the very least. That's just my personal view.
>
> RETURN PATH OFFER A PAID FACILITY TO ASSIST IN THE DELIVERY OF UBE.
> That's what they do - no matter how nicey nicey Mr Falk may appears to
> be. It's his job.
>
> SPAMASSASSIN is about assassinating spam - not facilitating it. Negative
> scores applied to a bulk mailing service without the users consent (the
> default for Spamassassin is to allow this rule at a minus score) has me
> wondering just who's in bed with who? There may be a reasonable argument
> that Spamassassin, as configured by default, gives unfair commercial
> advantage to HABEAS registered spammers and I'm more curious to find out
> WHY than anything else. It would be acceptable for me if it shipped with
> a zero score by default with notes in the readme for giving it a minus
> score at the users discretion.
>
> Although this is only a few points in the wrong direction, the
> implications this has for the integrity of Spamassassin as an anti-spam
> system is in question. Are Return Path making regular donations to
> Apache and wanting something in return? What possible plausible reason
> is there for a bulk mailing whitelist to appear with a favourable score
> in a program heavily used to block spam?
>
> Being well known companies that a person may have once done a very small
> amount of business with does not mean that their UBE habits are
> acceptable in any way.
>
> FACT
> For me, until I changed it to a positive +10 score for HABEAS, the only
> time I saw the name was in unwanted UBE - to me, that is SPAM. Making a
> fuss on this list (and nowhere else) suddenly had IP's disappear off the
> HABEAS list. {dark forces at work indeed}. The kind of people this has
> appeared in are not the expected MAINSLEAZE, but shabby bottom feeders.
> The kind that think registering with PaytoSpam services (be that a
> listing in emailreg.org or Habeas Accreditation) will make them in some
> way legitimate in their actions.
>
> FINAL
> This is not a social club, it's a question and issues list for
> Spamassassin. My question and issue is why, by default, does
> Spamassassin use the HABEAS white list, and why is it out of the box set
> with a score to favour delivery of their junk? It's a fair question. The
> answer 'just change the score' is not the correct answer. The correct
> answer will be precisely why this state of affairs exists.

Color me smartassed but I want numbers not accusations. Can the
rhetoric and in bland neutral terms describe what you see in terms of
numbers, possible business relations, however loose, and so forth.

I do note I also want a précis's of what ReturnPath insists upon for
opting into receiving business emails. If it is double opt-in that is
good. If it's "I sent one inquiry, received an answer, and presumed
that was the end of the affair but messages keep coming" that is another.
(It is staggeringly bad marketing behavior. But, these days that is an
epidemic.)

Then let's compare what is seen with what is claimed on both sides of
this battle royale. The name calling creates no progress to a worthwhile
understanding. It may be that ReturnPath has a hole in their qualification
process they need to plug to restore their reputation. If it leads to
their DNS tool being a better tool for spam fighting so be it. (I suspect
the default is as wonkity off one way as your +10 is the other.)

If this were a debate JD would be winning at this point, mainly for
holding his rhetoric away from ad-hominem attacks.

{^_^}

From: "Yet Another Ninja" <sa-list@alexb.ch>
Sent: Friday, 2009/December/04 02:28


> On 12/4/2009 10:57 AM, richard@buzzhost.co.uk wrote:
> > FINAL
>> This is not a social club, it's a question and issues list for
>> Spamassassin. My question and issue is why, by default, does
>> Spamassassin use the HABEAS white list, and why is it out of the box set
>> with a score to favour delivery of their junk? It's a fair question. The
>> answer 'just change the score' is not the correct answer.
>
> the answer is totally correct. SA is a framework, which luckily allows
> YOU do whatever you want with it, so please do, whatever YOU want (that
> does not include beating a dead horse on the list) and move on.
>
>> The correct answer will be precisely why this state of affairs exists.
>
> - because developers think/have thought its a good idea.
>
> - because nobody other than you makes such a noise about it. And YOU who
> are so against, have you submitted a bug to have whatever reconsidered.
>
> EOT

Heh, at this site procaine sits in front of SA. It has a few email
addresses, a very few, redirected to their own folders that I check
any time I want some "amusement of that kind." I want to find out just
how much Richard qualifies for this dubious honor.

{^_-}

Outlook Express spell checker, that is Procmail not your stupid
substitution however apt it might be.

{+_+}
----- Original Message -----
From: "jdow" <jdow@earthlink.net>
Sent: Friday, 2009/December/04 04:16


> Heh, at this site procaine sits in front of SA. It has a few email

On Fri, 2009-12-04 at 04:16 -0800, jdow wrote:
> From: "Yet Another Ninja" <sa-list@alexb.ch>
> Sent: Friday, 2009/December/04 02:28
>
>
> > On 12/4/2009 10:57 AM, richard@buzzhost.co.uk wrote:
> > > FINAL
> >> This is not a social club, it's a question and issues list for
> >> Spamassassin. My question and issue is why, by default, does
> >> Spamassassin use the HABEAS white list, and why is it out of the box set
> >> with a score to favour delivery of their junk? It's a fair question. The
> >> answer 'just change the score' is not the correct answer.
> >
> > the answer is totally correct. SA is a framework, which luckily allows
> > YOU do whatever you want with it, so please do, whatever YOU want (that
> > does not include beating a dead horse on the list) and move on.
> >
> >> The correct answer will be precisely why this state of affairs exists.
> >
> > - because developers think/have thought its a good idea.
> >
> > - because nobody other than you makes such a noise about it. And YOU who
> > are so against, have you submitted a bug to have whatever reconsidered.
> >
> > EOT
>
> Heh, at this site procaine sits in front of SA. It has a few email
> addresses, a very few, redirected to their own folders that I check
> any time I want some "amusement of that kind." I want to find out just
> how much Richard qualifies for this dubious honor.
>
> {^_-}

Qualifies what, that I get UBE that is Habeas Accredited? Should I start
with the 40 from 'DateTheuk' in the last 8 days?

That's 40 to many - would you like to talk in hundreds and thousands to
justify removal or changing of a default white list score?

On Fri, 2009-12-04 at 11:28 +0100, Yet Another Ninja wrote:

> > The correct answer will be precisely why this state of affairs exists.
>
> - because developers think/have thought its a good idea.
>
> - because nobody other than you makes such a noise about it. And YOU who
> are so against, have you submitted a bug to have whatever reconsidered.
I don't recall that I was making much noise about it, I said my piece
and others with to carry it on - but I'm more than happy to do that.

On 3-Dec-2009, at 23:06, R-Elists wrote:
> certainly we understand your point here, yet what about accountability for
> Return Path Inc (and other RPI companies) related rules in the default
> Spamassassin configs?


My position on HABEAS is well-know by anyone who cares (I score it +0.5 and +2.0); that's not what I'm talking about: it's the constant whinging by richard and falk at each other. Obviously they WANT to be communicating since otherwise they could easily ignore/killfile each other. I'm just tired of them doing it on this mailinglist.

--
'They come back to the mountains to die,' said the King.
'They live in Ankh-Morpork.' --The Fifth Elephant

On 4-Dec-2009, at 01:18, jdow wrote:
> With all the animosity on this issue I decided to give the HABEAS
> rules a score, a negligible score to be sure, just to see what the
> state of HABEAS is for me today.
>
> In the last four days - nothing either spam or ham.

I tend to see little clusters of HABEAS scores, but they are rare. I might see only 10-20 a month.


> Those seeing HABEAS hits: are the hits ancient haiku hits or are they
> the modern DNS test version?

I haven't seen the haiku in ages. But then again, I am very aggressive about dropping mail early vi helo checks and zen, etc.

> And how was the email determined to be unsolicited? (I believe in one
> case it was a "never used spam trap address.")


In my case I see them on THIS email address in non-list mail (I don't check list mail with SpamAssassin) and since this email address is exclusively 100% used for mailing lists… I also see it on a very old email address that hasn't been used for real mail in close to 10 years and simply sits there collecting spam for me.


--
'What shall we do?' said Twoflower.
'Panic?' said Rincewind hopefully. --The Light Fantastic

On Fri, 2009-12-04 at 06:55 -0700, LuKreme wrote:
> On 3-Dec-2009, at 23:06, R-Elists wrote:
> > certainly we understand your point here, yet what about accountability for
> > Return Path Inc (and other RPI companies) related rules in the default
> > Spamassassin configs?
>
>
> My position on HABEAS is well-know by anyone who cares (I score it +0.5 and +2.0); that's not what I'm talking about: it's the constant whinging by richard and falk at each other. Obviously they WANT to be communicating since otherwise they could easily ignore/killfile each other. I'm just tired of them doing it on this mailinglist.
>
Your idea of 'constant' amuses me and is stretching the truth
exponentially.

I'm curious why a commercial whitelist from a bulk mailing company has
such a positive inroad in Spamassassin. It's a fair question. I'm not
interested in your personal views of me, my question or my posting. You
have a killfile? You able to ignore on subject? Skills you may find
useful to learn yes?

LuKreme wrote:
> On 4-Dec-2009, at 01:18, jdow wrote:
>
>> With all the animosity on this issue I decided to give the HABEAS
>> rules a score, a negligible score to be sure, just to see what the
>> state of HABEAS is for me today.
>>
>> In the last four days - nothing either spam or ham.
>>
>
> I tend to see little clusters of HABEAS scores, but they are rare. I might see only 10-20 a month.

After following this thread for a while, I decided to take a look at my
server. So here's one more data point:

In the last month, I have seen 718 messages that hit one of the HABEAS
rules. Of those, none of them had an overall score higher than 4, and
there were only 12 that would have been scored as spam without the rule.

Since I don't have access to look at the actual messages and I don't
know what lists my customers may be signed up for, I can't say anything
for sure, but it looks like it's working fine here based on the numbers.

--
Bowie

On Fri, Dec 4, 2009 at 14:04, richard@buzzhost.co.uk <richard@buzzhost.co.uk
> wrote:

> On Fri, 2009-12-04 at 06:55 -0700, LuKreme wrote:
> > On 3-Dec-2009, at 23:06, R-Elists wrote:
> > > certainly we understand your point here, yet what about accountability
> for
> > > Return Path Inc (and other RPI companies) related rules in the default
> > > Spamassassin configs?
> >
> >
> > My position on HABEAS is well-know by anyone who cares (I score it +0.5
> and +2.0); that's not what I'm talking about: it's the constant whinging by
> richard and falk at each other. Obviously they WANT to be communicating
> since otherwise they could easily ignore/killfile each other. I'm just tired
> of them doing it on this mailinglist.
> >
> Your idea of 'constant' amuses me and is stretching the truth
> exponentially.
>
> I'm curious why a commercial whitelist from a bulk mailing company has
> such a positive inroad in Spamassassin. It's a fair question. I'm not
> interested in your personal views of me, my question or my posting. You
> have a killfile? You able to ignore on subject? Skills you may find
> useful to learn yes?
>

Richard, quit it.

It's unreasonable to assume that all of the subscribers to this list should
have to listen to, or need to set up a killfile just to avoid, your ranting.


--
--j.

On Fri, 4 Dec 2009, Yet Another Ninja wrote:
>> ..... 'just change the score' is not the correct answer.
> the answer is totally correct.

No, it is not. No more than it is correct for a spammer to offer me a
(working) 'unsubscribe' link. I don't want to discover I've been letting
spam in the door and get complaints from users because of one (or more!)
'default' settings that are permitting spam.

The 'correct' answer that is being sought is to judge the entire
underlying 'policy' mechanism for spamassassin which results in the
*category* of choices about negative scores of which the habeas rule is
only ONE possible example!

>> The correct answer will be precisely why this state of affairs exists.
> - because developers think/have thought its a good idea.

SLAP! Don't restate the question like its an answer. He asked for
reasoning behind the choice, not whether the developers *liked* their
choice. Of course they liked it. WHY did they like it?

> - because nobody other than you makes such a noise about it.

There's a good point. Why *does* this person see so much spam with the
habeas rule in it? Which leads to the obvious corrolary, it seems likely
that the habeas rule got a negative score because it only appears in ham
in the SA 'master' test corpus. Why is THAT? What skews the messages
contents so badly? What is different between the two? Anyone thought to
sit down and question it?

I'm not even blindly accepting his assertions. I used to devalue habeas
back when it was the 'haiku' variety, but I haven't had a problem lately,
even without a special score. So why is there a problem for him?

- Charles

On Fri, 4 Dec 2009, richard@buzzhost.co.uk wrote:
> Qualifies what, that I get UBE that is Habeas Accredited? Should I start
> with the 40 from 'DateTheuk' in the last 8 days?

Okay, let's be methodical. Let us indeed start with those.

Did anyone else get them?
If, so, how did they score?
If not, then why did only Richard get them?

Keep in mind that a 'problem' may be buried by conditions where most of
the spam still gets flagged, then blocked because of other positive
scoring tests, so we don't *see* the habeas test firing....
I don't record hits on rules in mail that is flagged ham, but notice that
I do see the habeas rule in a couple of cases where I have deliberately
blacklisted a mail server like 'mailengine'.

- Charles

On Fri, 2009-12-04 at 10:50 -0500, Charles Gregory wrote:
> On Fri, 4 Dec 2009, richard@buzzhost.co.uk wrote:
> > Qualifies what, that I get UBE that is Habeas Accredited? Should I start
> > with the 40 from 'DateTheuk' in the last 8 days?
>
> Okay, let's be methodical. Let us indeed start with those.
>
> Did anyone else get them?
> If, so, how did they score?
> If not, then why did only Richard get them?
>
> Keep in mind that a 'problem' may be buried by conditions where most of
> the spam still gets flagged, then blocked because of other positive
> scoring tests, so we don't *see* the habeas test firing....
> I don't record hits on rules in mail that is flagged ham, but notice that
> I do see the habeas rule in a couple of cases where I have deliberately
> blacklisted a mail server like 'mailengine'.
>
> - Charles
Point 1 - The Subject that was changed on the other post. JD Falk made
the original change to abuse me. Go back to the archive and take a look.
I just inverted it.

Point 2 -
I've stated my opinions on organisations that are involved in bulk
mailing, but that's all it is. An opinion. They are like axxholes,
everyone has one.

Point 3 - My Habeas issue is not about quantity. Most of the previous
Habeas spam I did not log, and I regret that.I've set things up
differently so I log each and everyone from now on. So other than my
worthless word I can only cite the current ongoing issue with DateTheUk.
A company that fished a watermarked address from a Facebook 'Farmville'
group and then spammed it.

This was raised as the IP appeared in HABEAS and for a few hours it
'vanished' from the list. It's back there now, but DateTheUk is now
pumping out via an ip six decimal places up on the last octet.

80.75.69.195 WHITELISTED: sa-accredit.habeas.com

The customer concerned then hopped their output to:80.75.69.201
80.75.69.201 WHITELISTED: sa-accredit.habeas.com

The customer also hits on: list.dnswl.org, so they are clearly aware of
the need to grease the wheels. Spamassassin was passing the stuff at -9.

It's not about the listing of a Rogue Customer, it's why they are not
delisted for doing it - this would give some kind of confidence back.

My personal view is no blind eye should be turned to any spammer,
especially one coming from a so called reputable source.

Point 4 -
All that is largely irrelevant to this list, but my point of interest is
why a commercial white list appears in Spamassassin with the default
scores set the way they are? It's perfectly reasonable to ask. It could
be expanded to ask if there are any plans to include whitelists from
other vendors in the default, such as Apache donator Barracuda? Perhaps
emailreg.org with a -4 score in the next SA release?

Much that the personality battles and offlist threats and abuse amuse
me, my question is perfectly reasonable, has it's foundation in fact and
is on topic.

jdow wrote:
> Color me smartassed but I want numbers not accusations. Can the
> rhetoric and in bland neutral terms describe what you see in terms of
> numbers, possible business relations, however loose, and so forth.

Here's some numbers to play with:

~500K messages delivered daily (as in, passed on to from Postfix to the
program that actually writes the message to the customer's mailbox tree
somewhere)

~16K of ~48K accounts have spam filtering enabled

Since Jan 1 2009, hits on HABEAS* rules have resulted in an average of:

rulename | spamperday | hamperday
-----------------------+------------------------+-----------------------
HABEAS_ACCREDITED_COI | 0.04154302670623145401 | 161.4124629080118694
HABEAS_ACCREDITED_SOI | 6.4124629080118694 | 3887.0326409495548961

(I run a daily script to stuff yesterday's SA log data into a database;
so far I haven't gotten around to doing anything with the data.)

I can't attest to the accuracy of any of the hits because this is an ISP
mail system. But even considering only a third of the accounts have
filtering enabled, that's still somewhere in the neighbourhood of 1% of
all mail hitting HABEAS_ACCREDITED_*.

Checking the spam reporting account shows no actual spams reported with
HABEAS hits, and one legitimate book fair travel ad from a publishing
company hitting _SOI; about 8500 messages have been reported and
confirmed. A further ~350 have been reported, but considered legit.

Admittedly, I have to consider a broader range of mail to be
"legitimate"... but I really haven't had to strain very hard in making
that distinction in hand-confirming messages reported as spam.

Checking my own personal account on my own server shows a newsletter for
a rewards program with my bank, occasional messages from eBay, and a
message from Adobe. All legitimate. I don't keep spam around all that
long, but what's still sticking around doesn't show any HABEAS* hits.

-kgd

On Fri, 2009-12-04 at 18:11 +0100, Per Jessen wrote:
> richard@buzzhost.co.uk wrote:
>
> > This was raised as the IP appeared in HABEAS and for a few hours it
> > 'vanished' from the list. It's back there now, but DateTheUk is now
> > pumping out via an ip six decimal places up on the last octet.
> >
> > 80.75.69.195 WHITELISTED: sa-accredit.habeas.com
> >
> > The customer concerned then hopped their output to:80.75.69.201
> > 80.75.69.201 WHITELISTED: sa-accredit.habeas.com
>
> FYI, 80.75.69.192 - 80.75.69.255 belongs to Easydate Ltd in Edinburgh.
>
>
> /Per Jessen, Zürich
>
Correct, and the hits in habeas are shown. The issue with RP is a side
distraction to this.

On Fri, 4 Dec 2009, richard@buzzhost.co.uk wrote:
>> Okay, let's be methodical. Let us indeed start with those.
>> Did anyone else get them?

No answer.

>> If, so, how did they score?

No answer.

>> If not, then why did only Richard get them?

No answer.

> Point 1 - The Subject that was changed on the other post. JD Falk made
> the original change to abuse me. Go back to the archive and take a look.
> I just inverted it.

I don't care. You can each call the other all the names you want.
But if there is a legitimate issue, it will be answered by addressing the
questions I posed.

> Point 2 -
> I've stated my opinions on organisations that are involved in bulk
> mailing, but that's all it is. An opinion. They are like axxholes,
> everyone has one.

I don't care. Spamassassin does not have an 'opinion'. It has a
methodology. If that methodology requires review/correction, your opinion
provides no quantitative feedback.

> Point 3 - My Habeas issue is not about quantity.

If you read my post you would have grasped the simple idea that if ANY
spam comes to your attention, it is very likely the tip of an unseen
iceberg of missed spam. So we treat it seriously and investigate. I didn't
ask how *much* anyone got. I asked whether there was something peculiar to
your situation that prevented other people from seeing this problem.
see *nay

> ..... I can only cite the current ongoing issue with DateTheUk.
> A company that fished a watermarked address from a Facebook 'Farmville'
> group and then spammed it.

Good enough to work with. You've posted your data, now my next question
is whether anyone else sees the same mail. Just because I don't see it
over here in Canada doesn't mean you are the only one. But it may very
well highlight a 'regional bias' in the main spamassassin test corpora.

> 80.75.69.195 WHITELISTED: sa-accredit.habeas.com
> 80.75.69.201 WHITELISTED: sa-accredit.habeas.com

Which now leads back to questions about whether we're seeing *hacked*
servers that just *happen* to be habeas accredited?

> The customer also hits on: list.dnswl.org, so they are clearly aware of
> the need to grease the wheels. Spamassassin was passing the stuff at -9.

(nod) I've seen similar scores on (obvious) spam from 'mailengine'.

> It's not about the listing of a Rogue Customer, it's why they are not
> delisted for doing it - this would give some kind of confidence back.

It may not be the 'customer' at all. Never attribute to malice that which
can be ascribed to ignorance.

> My personal view is no blind eye should be turned to any spammer,
> especially one coming from a so called reputable source.

So let's get back to defining the source. We've got a habeas
representative on here? Let's trace this 'datetheul' stuff and see if it
really is their legitimate business.

By the by, I think I posted on this list a while ago on a similar
question, as to whether we could really trust *any* whitelists, as they
simply made for a *deliberate* target of botnet owners. No one made a fuss
about it before, but what about now? Maybe, once again, the flaw is in
having a whitelisting system that relies upon third party servers with
unknown security.

> Point 4 -
> All that is largely irrelevant to this list, but my point of interest is
> why a commercial white list appears in Spamassassin with the default
> scores set the way they are? It's perfectly reasonable to ask.

Well, the obvious 'startnig answer' (just to cut the pedants short) is
that a whitelist *should* generally betoken increased trust in a source,
and that it is 'permitted' to look a 'little' spammy because their
business is advertisting, but not 'spam'. So with that category of mail in
the 'ham' corpora, spamassassin score generation allows a generous
negative score. The flaw, here, may be regional bias. Perhaps Spamassassin
should get a bit more sophsiticated and attempt to generate corpora for
different regions?


> It could be expanded to ask if there are any plans to include whitelists
> from other vendors in the default, such as Apache donator Barracuda?
> Perhaps emailreg.org with a -4 score in the next SA release?

That is the most meaningful question. What is the policy for inclusion,
and how reliable is it? The key to understanding is to verify whether the
'spam' you see is *actually* from the 'customer' who obtained the habeas
accredit and then probe how we would deal with a 'yes' or a 'no'.

> Much that the personality battles and offlist threats and abuse amuse
> me, my question is perfectly reasonable, has it's foundation in fact and
> is on topic.

Which is pretty much what I said. I just clarified the question because
pedants were answering "because the developers like it".....

But it might help to skip the personality/ad hominem crap. Prove that the
mail you receive is the rightful mail of the legitimate IP address owner,
and then ask the habeas people how they 'earned' that accredit....

- C

richard@buzzhost.co.uk wrote:

> This was raised as the IP appeared in HABEAS and for a few hours it
> 'vanished' from the list. It's back there now, but DateTheUk is now
> pumping out via an ip six decimal places up on the last octet.
>
> 80.75.69.195 WHITELISTED: sa-accredit.habeas.com
>
> The customer concerned then hopped their output to:80.75.69.201
> 80.75.69.201 WHITELISTED: sa-accredit.habeas.com

FYI, 80.75.69.192 - 80.75.69.255 belongs to Easydate Ltd in Edinburgh.


/Per Jessen, Zürich

On Fri, 04 Dec 2009, richard@buzzhost.co.uk wrote:

> Point 4 -
> All that is largely irrelevant to this list, but my point of interest is
> why a commercial white list appears in Spamassassin with the default
> scores set the way they are? It's perfectly reasonable to ask. It could
> be expanded to ask if there are any plans to include whitelists from
> other vendors in the default, such as Apache donator Barracuda? Perhaps
> emailreg.org with a -4 score in the next SA release?

So if, after a while of wading through the debate, I understand this
right, it boils down to 'are spammers buying out spamassassin
rule-makers' or 'do we have to assume that spamassassin development
was taken over by spammers' or some such theory?

Wouldn't it be far easier to believe, that in long gone times when
'habeas' seemed to proof nonspam (I seem to remember it worked a
while) somebody put that rule in. And a while later lots of people
simply set their habeas rules to zero after noticing spam-with-habeas.
(the oldest mails with 'Subject:.*habeas' I can find in my archive
were about habeas haikus and these were beginning to be faked 2003/4).

Then I personally simply forgot the whole thing ... til yesterday :-)
AND if the spam-with-habeas is seldom seen it might simply vanish
in the noise or hide below the other rules until somebody(!) notices.

For me all this means - simply forget (zero out) the rules - and if
need be file a bug/request/whatever to get them removed - but not that
I'd assume that spamassassin was subverted to allow spammers? But even
if it were so, it could not go on very long - somebody would(did?) wonder ...

After all this debate about a negatively scored rule I'd disable it
anyway, because the spammers on the list will target it specifically
now, knowing it works well for them.

Stucki

--
Christoph von Stuckrad * * |nickname |Mail <stucki@mi.fu-berlin.de> \
Freie Universitaet Berlin |/_*|'stucki' |Tel(Mo.,Mi.):+49 30 838-75 459|
Mathematik & Informatik EDV |\ *|if online| (Di,Do,Fr):+49 30 77 39 6600|
Takustr. 9 / 14195 Berlin * * |on IRCnet|Fax(home): +49 30 77 39 6601/

On Fri, Dec 4, 2009 at 7:33 AM, Bowie Bailey <Bowie_Bailey@buc.com> wrote:
> LuKreme wrote:
>> On 4-Dec-2009, at 01:18, jdow wrote:
>>
>>> With all the animosity on this issue I decided to give the HABEAS
>>> rules a score, a negligible score to be sure, just to see what the
>>> state of HABEAS is for me today.
>>>
>>> In the last four days - nothing either spam or ham.
>>>
>>
>> I tend to see little clusters of HABEAS scores, but they are rare. I might see only 10-20 a month.
>
> After following this thread for a while, I decided to take a look at my
> server.  So here's one more data point:
>
> In the last month, I have seen 718 messages that hit one of the HABEAS
> rules.  Of those, none of them had an overall score higher than 4, and
> there were only 12 that would have been scored as spam without the rule.
>
> Since I don't have access to look at the actual messages and I don't
> know what lists my customers may be signed up for, I can't say anything
> for sure, but it looks like it's working fine here based on the numbers.
>
> --
> Bowie
>

Here is one more data point:
Since October 18th I have seen HABEAS rules listed in Spamassassin
score lines 496122 times.
One such phishing email this week was successfully delivered to 387 in-boxes.
Were it not for the HABEAS_ACCREDITED_SOI -4.30 other rules would have
lead to successfully stopping the message.

--
Robert Lopez
Unix Systems Administrator
Central New Mexico Community College (CNM)
525 Buena Vista SE
Albuquerque, New Mexico 87106

On Fri, Dec 4, 2009 at 7:33 AM, Bowie Bailey <Bowie_Bailey@buc.com> wrote:
> LuKreme wrote:
>> On 4-Dec-2009, at 01:18, jdow wrote:
>>
>>> With all the animosity on this issue I decided to give the HABEAS
>>> rules a score, a negligible score to be sure, just to see what the
>>> state of HABEAS is for me today.
>>>
>>> In the last four days - nothing either spam or ham.
>>>
>>
>> I tend to see little clusters of HABEAS scores, but they are rare. I might see only 10-20 a month.
>
> After following this thread for a while, I decided to take a look at my
> server.  So here's one more data point:
>
> In the last month, I have seen 718 messages that hit one of the HABEAS
> rules.  Of those, none of them had an overall score higher than 4, and
> there were only 12 that would have been scored as spam without the rule.
>
> Since I don't have access to look at the actual messages and I don't
> know what lists my customers may be signed up for, I can't say anything
> for sure, but it looks like it's working fine here based on the numbers.
>
> --
> Bowie
>

Here is one more data point:
Since October 18th I have seen HABEAS rules listed in Spamassassin
score lines 496122 times.
One such phishing email this week was successfully delivered to 387 in-boxes.
Were it not for the HABEAS_ACCREDITED_SOI -4.30 other rules would have
lead to successfully stopping the message.

--
Robert Lopez
Unix Systems Administrator
Central New Mexico Community College (CNM)
525 Buena Vista SE
Albuquerque, New Mexico 87106

On Fri, 4 Dec 2009, Per Jessen wrote:
> The other side of the argument is - why does any legitimate company need
> to employ a service such as Habeas/Returnpath/whatever?

Any legitimate drug company that wants to send price lists to its
legitimate distributors or end customers, upon request, even if not a
mailing list mail, but specific, one-by-one request/response mails, would
have trouble with spam filters that check for drug names and percentages
and hot words like 'sale'. The preponderance of drug spams makes it very
difficult for these companies. Help from a whitelist is a welcome thing.
But it becomes useless if the spammers suborn the process.

- Charles

I've just had another one to a honeypot - care of myspace. My dog does
not have a myspace account. Again, this is a harvested email address.

204.16.33.75 WHITELISTED: sa-accredit.habeas.com

Whilst I appreciate that nobody would turn their noses up at taking $$$
from someone like myspace, there are some serious concerns about their
data here.

I'll check with my dog to make sure he has not subscribed whilst I
turned my back .........

Received: from vmta12.myspace.com (vmta12.myspace.com [204.16.33.75]) by
..... with ESMTP id for
<.....>; Fri, 4 Dec 2009 19:48:32 +0000 (GMT)

Chr. von Stuckrad wrote:

> After all this debate about a negatively scored rule I'd disable it
> anyway, because the spammers on the list will target it specifically
> now, knowing it works well for them.

The other side of the argument is - why does any legitimate company need
to employ a service such as Habeas/Returnpath/whatever?
If their customer emails are getting caught as spam, surely they or SA
is doing something wrong to begin with. There is not much spam that is
getting caught purely based on content, most is getting caught on
origin and its reputation.


/Per Jessen, Zürich

Charles Gregory wrote:

> I don't care. Spamassassin does not have an 'opinion'. It has a
> methodology.

Umm, it also has a set of rules which essentially make up the
SA "opinion".


/Per Jessen, Zürich

From: <richard@buzzhost.co.uk>
Sent: Friday, 2009/December/04 06:04


> On Fri, 2009-12-04 at 06:55 -0700, LuKreme wrote:
>> On 3-Dec-2009, at 23:06, R-Elists wrote:
>> > certainly we understand your point here, yet what about accountability
>> > for
>> > Return Path Inc (and other RPI companies) related rules in the default
>> > Spamassassin configs?
>>
>>
>> My position on HABEAS is well-know by anyone who cares (I score it +0.5
>> and +2.0); that's not what I'm talking about: it's the constant whinging
>> by richard and falk at each other. Obviously they WANT to be
>> communicating since otherwise they could easily ignore/killfile each
>> other. I'm just tired of them doing it on this mailinglist.
>>
> Your idea of 'constant' amuses me and is stretching the truth
> exponentially.
>
> I'm curious why a commercial whitelist from a bulk mailing company has
> such a positive inroad in Spamassassin. It's a fair question. I'm not
> interested in your personal views of me, my question or my posting. You
> have a killfile? You able to ignore on subject? Skills you may find
> useful to learn yes?

Have you two gentlemen reported these spammers to ReturnPath, Lukreme's
long unused address might be a good source for scrubbing the ReturhPath
lists. (So far I've not seen one either way here.) I presume you two
gentlemen are telling me that you never see HABEAS on ham, right?

{^_^}

From: "Per Jessen" <per@computer.org>
Sent: Friday, 2009/December/04 09:11


richard@buzzhost.co.uk wrote:

> This was raised as the IP appeared in HABEAS and for a few hours it
> 'vanished' from the list. It's back there now, but DateTheUk is now
> pumping out via an ip six decimal places up on the last octet.
>
> 80.75.69.195 WHITELISTED: sa-accredit.habeas.com
>
> The customer concerned then hopped their output to:80.75.69.201
> 80.75.69.201 WHITELISTED: sa-accredit.habeas.com

FYI, 80.75.69.192 - 80.75.69.255 belongs to Easydate Ltd in Edinburgh.

<< jdow: And somehow I suspect Richard didn't bother to report. It
is more fun to bitch instead. So far the only real metrics I've seen
indicates it works. That's data from three people, one off this list.

{^_^}

From: "Per Jessen" <per@computer.org>
Sent: Friday, 2009/December/04 11:19


Chr. von Stuckrad wrote:

> After all this debate about a negatively scored rule I'd disable it
> anyway, because the spammers on the list will target it specifically
> now, knowing it works well for them.

The other side of the argument is - why does any legitimate company need
to employ a service such as Habeas/Returnpath/whatever?
If their customer emails are getting caught as spam, surely they or SA
is doing something wrong to begin with. There is not much spam that is
getting caught purely based on content, most is getting caught on
origin and its reputation.

<<jdow: I have several email sources with which I have a "relationship"
as in signed up for that are not important enough to me to outright
whitelist. I have fun watching them dance around the deadly 5.0 score.
OK OK it is fun for the feeble minded or somebody needing a dose of
graveyard humor, I suppose. But it illustrates the problem an ISP spam
filter might have.

JD's description indicates RP makes an honest attempt to scrub their
lists when problems appear. And, if they do not hear of a problem their
list does not get scrubbed. And if a user plays the 'report as spam'
trick to unsubscribe to a list (something a legitimate friend of mine
experiences too often) that can result in problems for everybody, JD,
his customers, and the cut-off recipients. RP has taken on a job that
is not trivial.

{^_^}

From: "Per Jessen" <per@computer.org>
Sent: Saturday, 2009/December/05 02:20


Charles Gregory wrote:

> On Fri, 4 Dec 2009, Per Jessen wrote:
>> The other side of the argument is - why does any legitimate company
>> need to employ a service such as Habeas/Returnpath/whatever?
>
> Any legitimate drug company that wants to send price lists to its
> legitimate distributors or end customers, upon request, even if not a
> mailing list mail, but specific, one-by-one request/response mails,
> would have trouble with spam filters that check for drug names and
> percentages and hot words like 'sale'.

Won't customers dealing with such a company will have whitelisted them
long ago?


<<jdow: You could take it to the bank that most won't figure out how,
no matter how simple you make it for them. And they WILL complain.


{^_^}
No matter how idiot proof you make your product you will find that
God rewards you by presenting you with a better idiot.

On Dec 5, 2009, at 4:20 AM, "Per Jessen" <per@computer.org> wrote:

> Charles Gregory wrote:
>
>> On Fri, 4 Dec 2009, Per Jessen wrote:
>>> The other side of the argument is - why does any legitimate company
>>> need to employ a service such as Habeas/Returnpath/whatever?
>>
>> Any legitimate drug company that wants to send price lists to its
>> legitimate distributors or end customers, upon request, even if not a
>> mailing list mail, but specific, one-by-one request/response mails,
>> would have trouble with spam filters that check for drug names and
>> percentages and hot words like 'sale'.
>
> Won't customers dealing with such a company will have whitelisted them
> long ago?

No. I only locally whitelist when there is a reported problem, and
only as a last resort. There is no way for me to know all of the
"trusted partners" that we might do business with. A common whitelist
of legitimate companies is a welcome thing for me.

The other way I use it, when I get complaints about receiving "spam",
is to determine if it is safe to unsubscribe. My users know that bad
spammers use unsubscribes as reconnaissance to add valid addresses to
their lists. So, when they forgot that they signed up for something, I
will often unsubscribe them from a company that is listed in returnpath.


>
> /Per Jessen, Zürich
>

Charles Gregory wrote:

> On Fri, 4 Dec 2009, Per Jessen wrote:
>> The other side of the argument is - why does any legitimate company
>> need to employ a service such as Habeas/Returnpath/whatever?
>
> Any legitimate drug company that wants to send price lists to its
> legitimate distributors or end customers, upon request, even if not a
> mailing list mail, but specific, one-by-one request/response mails,
> would have trouble with spam filters that check for drug names and
> percentages and hot words like 'sale'.

Won't customers dealing with such a company will have whitelisted them
long ago?


/Per Jessen, Zürich

jdow wrote:

> From: "Per Jessen" <per@computer.org>
> Sent: Friday, 2009/December/04 09:11
>
>
> richard@buzzhost.co.uk wrote:
>
>> This was raised as the IP appeared in HABEAS and for a few hours it
>> 'vanished' from the list. It's back there now, but DateTheUk is now
>> pumping out via an ip six decimal places up on the last octet.
>>
>> 80.75.69.195 WHITELISTED: sa-accredit.habeas.com
>>
>> The customer concerned then hopped their output to:80.75.69.201
>> 80.75.69.201 WHITELISTED: sa-accredit.habeas.com
>
> FYI, 80.75.69.192 - 80.75.69.255 belongs to Easydate Ltd in Edinburgh.
>
> << jdow: And somehow I suspect Richard didn't bother to report. It
> is more fun to bitch instead.

Personally I don't bother with reporting either - it's not my job. I
filter out spam, and when I receive spam from an accredited source, the
accreditors' reputation is lowered (on my system). That's the risk of
that business.


/Per Jessen, Zürich

McDonald, Dan wrote:

> On Dec 5, 2009, at 4:20 AM, "Per Jessen" <per@computer.org> wrote:
>
>> Charles Gregory wrote:
>>
>>> On Fri, 4 Dec 2009, Per Jessen wrote:
>>>> The other side of the argument is - why does any legitimate company
>>>> need to employ a service such as Habeas/Returnpath/whatever?
>>>
>>> Any legitimate drug company that wants to send price lists to its
>>> legitimate distributors or end customers, upon request, even if not
>>> a mailing list mail, but specific, one-by-one request/response
>>> mails, would have trouble with spam filters that check for drug
>>> names and percentages and hot words like 'sale'.
>>
>> Won't customers dealing with such a company will have whitelisted
>> them long ago?
>
> No. I only locally whitelist when there is a reported problem, and
> only as a last resort.

Same here, but that means any regular business partner in the pharma
business will have been whitelisted long ago. All it takes is one FP.


/Per Jessen, Zürich

>
> After all this debate about a negatively scored rule I'd
> disable it anyway, because the spammers on the list will
> target it specifically now, knowing it works well for them.
>
> Stucki

Stucki,

it seems to me that you, of all people, would want a small negative or
positive score on that rule (or any rule) for statistical purposes...

being in the math department and all

:-)

logically, why would you just zero it then?

- rh

On Sat, 5 Dec 2009, Per Jessen wrote:
> Won't customers dealing with such a company will have whitelisted them
> long ago?

For every 'mark' that is out there, stupidly entering their e-mail and
then getting a bunch of ads for which they didn't realize they had given
permission, there are people that are equally technologically illiterate
that don't *think* that they need to do *anything* 'special' to make the
mail from their favorite drug company arrive in their mailbox. They see
very little spam (thanks to MY efforts - preen, preen) and so they don't
think of a spam 'problem' and that the mail they just requested might not
make it through.

So I end up with a customer on the phone complaining. So if that drug
company could get themselves on a 'standard' whitelist which I already
trust and use, then I don't have to do anything special, and neither does
my customer.

Some companies are smart enough to add a note to their website that says
"be sure to add us to your whitelist", but that doesn't help the thousands
of people who read it and say "too complicated for me I hope it works" and
call me if it doesn't.... :)

There's a need. A real genuine need for services like Habeas. But they
need to be *very* well managed and policed. And it seems, from some
complaints, that this is not happening....

- Charles

On 7-Dec-2009, at 09:03, Charles Gregory wrote:
> There's a need. A real genuine need for services like Habeas. But they need to be *very* well managed and policed. And it seems, from some complaints, that this is not happening....


How a service like HABEAS needs to work is that 1) It keeps a massive database of email addresses that are known to either be bad, or to be users who have specifically submitted their addresses as not accepting any unsolicited unconfirmed emails, ever. A spammer — er, marketer, submits their mailing list and it is 'cleaned' of all those addresses, then submitted back to the spammer.

The spammer, in order to register with the service has to pay some amount of money (probably a range of $0-$1,000,000 depending on the size of their list and profit/non-profit status of the sender) that is held in a third party trust. This is money that is deposited in addition to whatever charges there are to clean the list. If the spammer sends any messages to an address that was scrubbed, then the trust money is donated to some charity and the spammers account with the service is revoked and their ENTIRE IP CLASS is submitted to RBLs. In addition, bounce processing for the spam—er, marketing email is handled by the service. Addresses that bounce are added to the database of bad addresses. Spam complaints are added to the database of opt-out addresses.

THAT service I would allow negative points to in my SA. I can't imagine any other commercial whitelist that I would allow negative points for.

--
"Whose motorcycle is this?" "It's chopper, baby." "Whose chopper
is this?" "It's Zed's." "Who's Zed?" "Zed' dead, baby. Zed's
dead."

What I call spam you may call ham. What I call ham you might call spam.

One ring to control them all er one list to filter them all inherently
cannot
work, especially when people change their minds and decide to
"unsubscribe with extreme prejudice."

{^_^}
----- Original Message -----
From: "LuKreme" <kremels@kreme.com>
To: <users@spamassassin.apache.org>
Sent: Monday, 2009/December/07 09:22
Subject: Re: HABEAS_ACCREDITED WHY BY DEFAULT?


On 7-Dec-2009, at 09:03, Charles Gregory wrote:
> There's a need. A real genuine need for services like Habeas. But they
> need to be *very* well managed and policed. And it seems, from some
> complaints, that this is not happening....


How a service like HABEAS needs to work is that 1) It keeps a massive
database of email addresses that are known to either be bad, or to be users
who have specifically submitted their addresses as not accepting any
unsolicited unconfirmed emails, ever. A spammer — er, marketer, submits
their mailing list and it is 'cleaned' of all those addresses, then
submitted back to the spammer.

The spammer, in order to register with the service has to pay some amount of
money (probably a range of $0-$1,000,000 depending on the size of their list
and profit/non-profit status of the sender) that is held in a third party
trust. This is money that is deposited in addition to whatever charges there
are to clean the list. If the spammer sends any messages to an address that
was scrubbed, then the trust money is donated to some charity and the
spammers account with the service is revoked and their ENTIRE IP CLASS is
submitted to RBLs. In addition, bounce processing for the spam—er, marketing
email is handled by the service. Addresses that bounce are added to the
database of bad addresses. Spam complaints are added to the database of
opt-out addresses.

THAT service I would allow negative points to in my SA. I can't imagine any
other commercial whitelist that I would allow negative points for.

--
"Whose motorcycle is this?" "It's chopper, baby." "Whose chopper
is this?" "It's Zed's." "Who's Zed?" "Zed' dead, baby. Zed's
dead."

> On Sat, 5 Dec 2009, Per Jessen wrote:
>> Won't customers dealing with such a company will have whitelisted them
>> long ago?
>
> For every 'mark' that is out there, stupidly entering their e-mail and
> then getting a bunch of ads for which they didn't realize they had given
> permission, there are people that are equally technologically illiterate
> that don't *think* that they need to do *anything* 'special' to make the
> mail from their favorite drug company arrive in their mailbox. They see
> very little spam (thanks to MY efforts - preen, preen) and so they don't
> think of a spam 'problem' and that the mail they just requested might not
> make it through.

On 07.12.09 11:03, Charles Gregory wrote:
> So I end up with a customer on the phone complaining. So if that drug
> company could get themselves on a 'standard' whitelist which I already
> trust and use, then I don't have to do anything special, and neither does
> my customer.

I find it a bit funny that you blame HABEAS whitelist, while you recommend
"ordinary" whitelist where both have some rules for listing, and I think
HABEAS has even more scrct rules.

I am not telling that you are correct or not, it's just my observation
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Windows found: (R)emove, (E)rase, (D)elete

Charles Gregory wrote:

> There's a need. A real genuine need for services like Habeas.

It almost certainly depends on your environment - like my numbers
showed, over four months, I only had 45 emails that would have gone
down the drain without Habeas. In comparison to what was processed
that is an incredibly low number.


/Per Jessen, Zürich