On February 26, 2009 at 06:55 ops.lists@gmail.com (Suresh Ramasubramanian) wrote:
On Wed, Feb 25, 2009 at 11:28 PM, Barry Shein <bzs@world.std.com> wrote:
I realize this is easier in theory than practice but I wonder how much better the whole AOL (et al) spam button would get if they ignored the spam button unless two (to pick a number) different customers clicked the same sender (I know, forged sender etc but something like that) as spam in a reasonably short amount of time like an hour or a day at most.
.. and you think AOL doesnt track these? Come on, barry - try to give large mailops shops with massive userbases some credit for clue level.
I have no idea what they track and it's completely irrelevant. We get a steady stream of "spam" complaints from the AOL feedback loop which is virtually all either (we assume) unsubscriptions from legitimate mailing lists or random misfires, "it was nice seeing you and dad last week" From joe blow, To susie blow, which just probably isn't spam. Now, if you're still following, none (or a microscopic amt) of that would pass the "complaints came from two different sources in a fairly short amount of time" sniff test I proposed. If you track it and don't use it, well, tree falling in the forest and all that. I can see with my own eyes that nothing like this is being done. As far as I can tell from here, and other sites may see it diffferently, the feedback thing is mostly just a "please unsubscribe me from this mailing list I subscribed to and can't remember how to get off" and the occasional "oops, hit the spam button on mom's mail, oh well!"
You have all the clue in the world but you dont even begin to guess at the firehose AOL / Yahoo / we etc have to deal with. Or what we routinely do, as a matter of best practice.
Nor is it my problem. Why should my staff and I spend valuable time subsidizing your business model? Hire more people if you feel overloaded, but don't pass the workload off on others, particularly others in the biz, we have workloads too.
I wont claim perfection, infallibility etc for any of the big 3 (hotmail / yahoo / aol) or even for us (large enough - 76 million users we filter for, 40 million of which we host). But a user report based spam reporting system works quite well on the aggregate.
Perhaps it works for you, but we get a non-stop stream of false positives; unsubscribes (a lot of it), Dad's out of the hospital would love to see you next week, and on and on. I was suggesting a simple improvement which would help: Don't send it as a spam report unless you get two or more complaints about the same msg/source within a short time period. It's good and valuable advice, you can send me a PO... The point is, I'm not complaining, I'm making what I think is a constructive suggestion: Don't send it until you get two or more complaints (as previously outlined.)
And yes, legitimate outfits can wind up blocked (universities because of unfiltered machines on campus, and because of nigerians / phishers hacking user accounts, webhosts because of hacked scripts, or because they end up hosting a high volume spammer in part of a /24 with legit customers near him ..)
I didn't say a word about any of this...
One thing that may need to be improved at one place or the other is false positive handling - make that faster and more efficient, and also publish the "unblock contact path" in block messages you issue, and you would find a lot of the gripes getting resolved. To some extent anyway.
Postmaster work is a place for people with decent mailops / routing skills, yes - but far more than that, it is for people with both soft skills for customer service plus a finely tuned b.s detector. It is complex, and far too long for nanog .. took maawg three or four brainstorming sessions over a year to discuss.
Well, this is all nice, I'm sorry you entirely missed my rather simple and straightforward suggestion, but whatever.
http://www.maawg.org/about/publishedDocuments/Abuse_Desk_Common_Practices.pd...
And then some others relevant to this thread -
http://www.maawg.org/about/publishedDocuments/MAAWG_Email_Forwarding_BP.pdf http://www.maawg.org/port25 http://www.maawg.org/about/publishedDocuments/MAAWG_AWPG_Anti_Phishing_Best_... http://www.maawg.org/about/publishedDocuments
--srs
-- -Barry Shein The World | bzs@TheWorld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD | Login: Nationwide Software Tool & Die | Public Access Internet | SINCE 1989 *oo*