On Sun, Apr 13, 2008 at 5:27 AM, Rob Szarka <szlists@szarka.org> wrote:
At 01:58 AM 4/13/2008, you wrote:
Why should large companies participate here about mail issues? Last I checked this wasn't the mailing list for these issues:
True, though some aspects of mail service are inextricably tied to broader networking issues, and thus participation here might still benefit them. But sadly Yahoo doesn't even seem to participate in more relevant forums, such as the spam-l list.
Maybe their management or legal has told them not to. I know when I worked for a certain company we were forbidden from replying to operational lists or forums for fear of employees responses being used against the company in court or in the news.
But lets just say for a second this is the place to discuss company xys's mail issue. What benefit do they have participating here? Likely they'll be hounded by people who have some disdain for their company and no matter what they do they will still be evil or wrong in some way.
I've never seen someone treated badly for trying to help resolve problems. I think we all know that it can be hard to get things done within a large company and that often the folks who participate on a list like this are taking on work that isn't strictly speaking "their job" when they try to help resolve mail issues. And when a large company that was a mess does a turnaround, they also get praised: just look at the many positive comments about AOL on this and other lists over the past few years.
I have seen plenty of people working for isps being abused even when trying to help solve problems, maybe not on this list but definitely on others. In many larger companies people have defined roles and structured goals they need to accomplish or face termination so they may not have time to participate in other venues. Companies that give their management/employees latitude and encourage working in the community should be praised but not all companies are setup this way. If you don't like how yahoo is responding to issues I would suggest sending certified letters to every person in upper management you can find as these people can typically implement changes.
It is easy for someone who has 10,000 users to tell someone who has 50 million users what to do when they don't have to work with such a large scale enterprise.
I wouldn't presume to tell them how to accomplish something within their particular configuration. But I will, without apology, tell them that they need to accomplish it. For example, I'm quite comfortable saying that Earthlink should follow the minimum timeouts in RFC 1123, though I wouldn't presume to guess whether they should accomplish that by having separate fast and slow queues on different servers, on the same server, or not at all. Likewise, a working abuse role account is a minimum requirement for participation in the Internet email system, and I'm comfortable saying that the email it receives should be read by a competent human.
You can tell Earthlink whatever you want but it doesn't mean they need to follow it. Please read my previous reply about business decisions. I would agree that it is good for business to try and follow industry standards but sometimes business decisions need to be made where standards cannot be implemented. I'm not saying that is the case here and it could just be utter incompetence but not everything is black and white. A working abuse account is not the minimum requirement, I can run a mail system without that abuse account but may get blocked from sending mail to certain systems. Read above for my thoughts on standards. With that being said I do believe all companies should have a working abuse email that is appropriately staffed that can respond to complaints within 72 hours.
I find it funny when smaller companies always tell larger companies what they need to be doing.
When what the larger companies do enables criminal behavior that impacts the very viability of the smaller companies through de factor DoS attacks, it's not funny at all. Yahoo, for example, has chosen a business model (free email with little to no verification) that inevitably leads to spam being originated from their systems. Why should they be able to shift the cost of their business model to me, just because I run a much smaller business?
I would say that you may being a bit over dramatic but that may just be me. The cost of their business model isn't shifted to you, you have the choice to block yahoo email from your systems or you have the choice to deal with the issues that comes along with accepting their mail. Comparing this to DoS attacks is just a little bit over the edge to me. -- Ross ross [at] dillio.net 314-558-6455