Monday, August 17, 2009

I am the Spam King!

If I have not emailed you back, it's probably because I've been very busy trying to interleave X-Plane coding and packing up the house. But it is also possible that my email response bounced because my web server has ended up on a bunch of anti-spam "black-lists".

Black-listing seems like a good idea at first: we'll gather up a list of all of the IP addresses from which spam comes from, then publish them. Then your local mail server can use that list to filter spam - you never see it!

In practice it doesn't work so well...example: http://www.mipspace.com/. The IP address for my server (XSquawkBox) is now on this list. Why?
MIPSpace is a list of IP Addresses associated with known commercial marketing companies.
Since my server is used for my own personal email and to run the SDK website, I'm not sure why I am on the list. I have sent them an email to clear things, but in general I hit an anti-spam/black-list bounce somewhat frequently now, and frankly I don't have time to separately try to clear my name from every guilty-until-proven-innocent blacklist that pops up and screws up my email.

If I seem disproportionately grumpy about this, it could be due to one of two reasons:
  1. Not replying to emails is generally bad customer service. (Okay, my in-box is backed up four months...that's bad.) I don't like the idea that a customer might perceive us (LR) as being unresponsive because some third party with no skin in the game decides to black-list us.

    The blacklist has no incentive to be accurate - it's not their lost customers if email doesn't go through.

  2. I'm not at all convinced that this is going to cut down unsolicited commercial mail and/or spam.

    In the spam case, spammers can send from botnets - they have access to a huge number of ever-changing IPs. Unless we are prepared to blacklist the entire internet, the blacklists are going to pick up more and more false positives while spammers find ways to harvest fresh, untainted IP addresses. The whole IP-reputation strategy assumes that IPs are hard to change. In practice, IPs are very, very easy to change.

    Commercial mail is a lost cause too - even if I am being solicited for commercial mail I don't want, no program or automatic process is ever going to tell the difference between the confirmation of my invoice and a list of discounts from the same company. When it comes to commercial mail, the reputation damage has to be done to the company, not the IP.

    (The company does have reputation to risk - if we are known as a company that doesn't honnor a "do not subscribe" policy, then customers can choose to not buy our products.)

It could also be because I ran out of Viagra and don't have a diploma from a prestigious non-acredited university.

3 comments:

Alejandro Garcia said...

You, sir, are the problem of internet!!! (joking)

I had the same problem at work. We provide electronic data services so it was a big problem for us but some webs add us as spam. we had to contact them or mail them to unblock our IP.

Should not be a hard problem for you I guess

ryusennin said...

"It could also be because I ran out of Viagra and don't have a diploma from a prestigious non-acredited university."

More probably it's because you forgot your weekly donation to the Colonel N'Golo Liberia Charity Fund.

alpilotx said...

Oh, there is one more which I really like ... we had this happen in our office for the "older" (more widely spread in the net) addresses:
Its great, when spammers use YOUR email address as the sender and all the undeliverable mails com back to YOUR address (each of us had easily hit 5000 undeliverable mails per day while the "campaign" was going :-)))