On Thursday, September 28, 2006 6:26 PM -0500, Miles Bader wrote: > Anyway, the point is that simplistic assumptions like "if it > arrives at a spamtrap, it must be spam" are just that -- simplistic. > Spamcop ought to have measures in place to deal with the inevitable > cases where their assumptions turn out to be wrong.
If an address has never sent email, it is obviously impossible for it to opt in to anything and any mail that it receives is unsolicited. If someone guesses an address at a domain and sends it mail, that is also unsolicited. If someone makes a typo when entering their email address, it may be an honest mistake but it is still an unsolicited message and it came from your server. You are responsible for everything that comes out of your server, intentional or not. I suppose one could postulate that DNSBL's should all be required to have a human view every potential listing, to avoid a small number of false positives due to honest mistakes. OTOH, it would be just as unreasonable to suggest that a large public list such as Debian-user should have an administrator manually approve every confirmation email before sending, to avoid any abuse to innocent third parties. Both are impractical. One can manipulate legitimate servers into abusing innocent third parties, or to falsely incriminating themselves as spammers. When that happens, it is incumbent on the owner of the server to take action. That's part of the responsibility of running an server on the net. > Unfortunately many anti-spam sites, in their zeal to attack spam, > seem to not care very much about what collateral damage they inflict. While there is no excuse for operating a DNSBL without a reasonable level of care, it is not possible to manually review every listing/delisting event. Nor is it possible to avoid all errors in an automated process where forgery is possible. Mistakes will occur from both ends and both parties have to cooperate. Thumbing our noses at a DNSBL that many people consider worthwhile is not good policy. -- Seth Goodman -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
