Maybe I'm wrong on this, and I'm not a mailadmin anywhere nor have I been or pretended to have been in the past. But I'm pretty sure FB only sends you mail based on the prefrences you choose, and I know this is the answer you where given so mostly a statement. How does that equal spam :) ------Original Message------ From: Reed Loden To: nanog@nanog.org Subject: Re: Spamcop Blocks Facebook? Sent: Feb 26, 2010 12:46 AM On Thu, 25 Feb 2010 19:14:37 -0800 Shon Elliott <shon@unwiredbb.com> wrote:
Anyone from Facebook or Spamcop lurking around to look into this? It's quite annoying.. I can't imagine how many other users are scratching their heads on this one...
I'm a long-time SpamCop member, so I forwarded your mail to the deputies. They are aware that facebook's servers have been sporadically listed, and one of them specifically said the following: "Not much we can do about the listings. They're sending spam to our traps in large enough numbers that raises the score to a listing level. If Facebook were to follow best practices the spam complaints and trap hits would drop to levels that keeps them from getting listed." ~reed -- Reed Loden - <reed@reedloden.com> Sent from my BlackBerry device on the Rogers Wireless Network
Hmm this just me of this post, where supposedly Facebook will be making the move into Webmail for its users. Interesting. Coincidence or not!?!? http://techcrunch.com/2010/02/05/facebooks-project-titan-a-full-featured-web... -Matt Dodd On Feb 26, 2010, at 1:12 AM, deleskie@gmail.com wrote:
Maybe I'm wrong on this, and I'm not a mailadmin anywhere nor have I been or pretended to have been in the past. But I'm pretty sure FB only sends you mail based on the prefrences you choose, and I know this is the answer you where given so mostly a statement. How does that equal spam :) ------Original Message------ From: Reed Loden To: nanog@nanog.org Subject: Re: Spamcop Blocks Facebook? Sent: Feb 26, 2010 12:46 AM
On Thu, 25 Feb 2010 19:14:37 -0800 Shon Elliott <shon@unwiredbb.com> wrote:
Anyone from Facebook or Spamcop lurking around to look into this? It's quite annoying.. I can't imagine how many other users are scratching their heads on this one...
I'm a long-time SpamCop member, so I forwarded your mail to the deputies. They are aware that facebook's servers have been sporadically listed, and one of them specifically said the following:
"Not much we can do about the listings. They're sending spam to our traps in large enough numbers that raises the score to a listing level. If Facebook were to follow best practices the spam complaints and trap hits would drop to levels that keeps them from getting listed."
~reed
-- Reed Loden - <reed@reedloden.com>
Sent from my BlackBerry device on the Rogers Wireless Network
Maybe I'm wrong on this, and I'm not a mailadmin anywhere nor have I been or pretended to have been in the past. But I'm pretty sure FB only sends you mail based on the prefrences you choose, and I know this is the answer you where given so mostly a statement. How does that equal spam :)
Invitations. Kind of Bulk. Never asked. Unwanted. Coming again and again. Boring. Spam. They keep storing email addresses without their consent. Not even mentioning project Titan. If FB users sends emails to themselves, that's their problem indeed. If they complain about these emails, that's FB problem to have dumb users. If recipients with nothing to do with FB receive unwanted emails, that's FB problem to find a way to stop that.
deleskie@gmail.com wrote:
Maybe I'm wrong on this,
You are I'm afraid.
and I'm not a mailadmin anywhere nor have I been or pretended to have been in the past. But I'm pretty sure FB only sends you mail based on the prefrences you choose, and I know this is the answer you where given so mostly a statement. How does that equal spam :)
The default is for everything 'on'. They will send to any email address with notifications and mail regardless of signup and they don't honor bounces in any 'email address doesn't work so don't mail it' lists they might or might not employ. Regards, Michelle
If I leave all boxes checked to send mail/notices/app requests to everyone in my list, or if I give FB my gmail password to pull all my contacts and send them an invite, its pure @ my request, sure FB is happy I do it, but it is no way spam. Its like calling 5 ICMP packets a DDoS. -jim On Thu, Mar 4, 2010 at 3:16 AM, Michelle Sullivan <matthew@sorbs.net> wrote:
deleskie@gmail.com wrote:
Maybe I'm wrong on this,
You are I'm afraid.
and I'm not a mailadmin anywhere nor have I been or pretended to have been in the past. But I'm pretty sure FB only sends you mail based on the prefrences you choose, and I know this is the answer you where given so mostly a statement. How does that equal spam :)
The default is for everything 'on'. They will send to any email address with notifications and mail regardless of signup and they don't honor bounces in any 'email address doesn't work so don't mail it' lists they might or might not employ.
Regards,
Michelle
On Thu, Mar 04, 2010 at 03:16:25PM -0400, jim deleskie wrote:
If I leave all boxes checked to send mail/notices/app requests to everyone in my list, or if I give FB my gmail password to pull all my contacts and send them an invite, its pure @ my request, sure FB is happy I do it, but it is no way spam.
This is dead wrong. You're not authorized to solicit bulk email on behalf of third parties: only they are. In the absence of solicitation from the *recipients*, bulk email is spam -- by definition. ---Rsk
I'm not going to both on this thread anymore.. waste of time. Sorry for the bulk mail/spam generated by my replies to nanog. I'll stop feeding the trolls now. -jim On Thu, Mar 4, 2010 at 3:25 PM, Rich Kulawiec <rsk@gsp.org> wrote:
On Thu, Mar 04, 2010 at 03:16:25PM -0400, jim deleskie wrote:
If I leave all boxes checked to send mail/notices/app requests to everyone in my list, or if I give FB my gmail password to pull all my contacts and send them an invite, its pure @ my request, sure FB is happy I do it, but it is no way spam.
This is dead wrong. You're not authorized to solicit bulk email on behalf of third parties: only they are. In the absence of solicitation from the *recipients*, bulk email is spam -- by definition.
---Rsk
On 3/4/2010 1:37 PM, jim deleskie wrote:
I'm not going to both on this thread anymore.. waste of time. Sorry for the bulk mail/spam generated by my replies to nanog.
I'll stop feeding the trolls now.
Nice recovery attempt for a lost cause. -- "Government big enough to supply everything you need is big enough to take everything you have." Remember: The Ark was built by amateurs, the Titanic by professionals. Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml
On Thu, 04 Mar 2010 15:16:25 -0400, jim deleskie said:
If I leave all boxes checked to send mail/notices/app requests to everyone in my list, or if I give FB my gmail password to pull all my contacts and send them an invite, its pure @ my request, sure FB is happy I do it, but it is no way spam. Its like calling 5 ICMP packets a DDoS.
So if all 100 million zombied machines sent you 5 ICMP packets each, you wouldn't feel DDoSed at all? Yeah. Thought so.
On 3/4/2010 1:16 PM, jim deleskie wrote:
If I leave all boxes checked to send mail/notices/app requests to everyone in my list, or if I give FB my gmail password to pull all my contacts and send them an invite, its pure @ my request, sure FB is happy I do it, but it is no way spam. Its like calling 5 ICMP packets a DDoS.
Almost all spam is OK with the sender. It is the recipient of unsolicited bulk email that tend to be offended. As are the recipients of unsolicited commercial email. I tend to get terminally annoyed at unsolicited email and let [word for All-Mighty} sort them out. -- "Government big enough to supply everything you need is big enough to take everything you have." Remember: The Ark was built by amateurs, the Titanic by professionals. Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml
Its like calling 5 ICMP packets a DDoS.
Okay .. here's a fun exercise (granted, as a .edu, the FB stats are statistically over-represented) .. this is yesterday. total email : 1,594,435 from @*facebook* : 17,274 (1.1%) Taken as a total of *legitimate* email that got through the spam filter .. "legit" email : 79,072 from @*facebook* : 16,383 (20.7%) Facebook's "notifications" account for ~21% of the mail making it past the border SPAM appliances. Top subjects (minus name field) : 1260 commented on your status... 993 sent you a message on Facebook... 826 wrote on your Wall... 743 commented on your wall post... 738 commented on her status... 704 added you as a friend on Facebook... 430 confirmed you as a friend on Facebook... 287 commented on your photo... 279 commented on his status... 260 commented on a photo of you on Facebook.. Cheers, Michael Holstein Cleveland State University
On 2/25/10 10:12 PM, deleskie@gmail.com wrote:
Maybe I'm wrong on this, and I'm not a mailadmin anywhere nor have I been or pretended to have been in the past. But I'm pretty sure FB only sends you mail based on the prefrences you choose, and I know this is the answer you where given so mostly a statement. How does that equal spam :)
Facebook, like many similar sites, rather aggressively requests that its users supply their email credentials so that the site can "invite" their contacts. All of them. Every stinkin' email address they can mine. If the user/victim falls for this, the social networking site will scrape every email address it can find in the user/victim's contact list and "invite" them to join. These invitations are often forged to appear as if sent from from the user/victim's email address. Similarly, if anyone on Facebook uses the site to forward content (often Trojanned), then Facebook now has the address of the forwardee and will "invite" and then 'remind" repeatedly. So it isn't the Facebook members that Facebook spams (although they might do that too). It's the non-member addresses they scrape from their members. As it's entire contact lists that get scraped, it's bulk. As the people being "invited" and "reminded" didn't ask for it, it's unsolicited. And it's obviously email. Put those together and you get Unsolicited Bulk Email, AKA spam. And those sites that send with their user's name as the sender are even more egregious because they are forging header information. Social networking site users are not the site's customers. They are the site's product. This product is sold to advertisers and data-miners. -- Jay Hennigan - CCIE #7880 - Network Engineering - jay@impulse.net Impulse Internet Service - http://www.impulse.net/ Your local telephone and internet company - 805 884-6323 - WB6RDV
On Thu, March 4, 2010 3:19 am, Jay Hennigan wrote:
Facebook, like many similar sites, rather aggressively requests that its users supply their email credentials so that the site can "invite" their contacts. All of them. Every stinkin' email address they can mine.
Also, Facebook sends mail from many different IP ranges, and non-Facebook (but @facebook.com) spam mail manages to get sent from overlapping IP ranges on occasion. Facebook tends to send mail from address+id@facebook.com, where 'address' is something like 'notifications' and 'id' is some random string. Some spam mail packages cannot distinguish this from address@facebook.com, which many of the spammers who try to spoof Facebook use (using the same common 'address'es as Facebook does). If you don't watch what you are doing, this can result in significant amounts of false-positives on manual sender-based blacklists. Daniel T. Staal --------------------------------------------------------------- This email copyright the author. Unless otherwise noted, you are expressly allowed to retransmit, quote, or otherwise use the contents for non-commercial purposes. This copyright will expire 5 years after the author's death, or in 30 years, whichever is longer, unless such a period is in excess of local copyright law. ---------------------------------------------------------------
participants (11)
-
Benjamin Billon -
Daniel Staal -
deleskie@gmail.com -
Jay Hennigan -
jim deleskie
-
Larry Sheldon -
Matthew Dodd -
Michael Holstein -
Michelle Sullivan -
Rich Kulawiec -
Valdis.Kletnieks@vt.edu