antispam at khopis
Nov 18, 2009, 4:30 PM
Post #4 of 4
(478 views)
Permalink
|
jidanni [at] jidanni wrote:
>> http://www.streamsend.com/returnpath_safelist.htm :
>> "SpamAssassin - Safe List rules help give green light to email"
Interesting ... what do they hope to accomplish? Are they implying
they have some kind of blessing hidden (or not) within the SA default
settings (perhaps the ham indices like DNSWL)? Perhaps instead they
are proposing third-party SA whitelisting rules ... but then those
would be openly available (and they're not, or they're poorly linked).
I can only conclude that their service is just a collection of
suggestions for bypassing filters, which certainly seems to be the
aspiration of their blog at http://blog.streamsend.com/
>> Not my email though.
>> header J_STREAMSEND X-Mailer=~/StreamSend/i
>> score J_STREAMSEND 10
This seems to be the most common kind of StreamSend-related material
online (discounting uninformative reviews of the service and their own
marketing material, which is quite broad-reaching).
They're firmly lodged in URIBL_GREY (I found hits in June 2008 and
April 2009 at least), they were in JM_SOUGHT this past January as
__SEEK_YRSN7R (svn r730688), and there are plenty of how-tos for
blocking them in various software like postfix and SA.
Looking at the third-party reviews, StreamSend doesn't look like
anything special; no reputation be it good or bad ... though many of
these reviews say they lack a spam filter tester, which has become a
core business model, so the reviews are quite aged.
The SpamAssassin project would only be interested in blocking them if
they exhibit some gross negligence when it comes to opting out or some
over-aggressive practices. Other than that, it's up to the indices
like URIBL and SOUGHT to nail them on more specific (and thus more
time-sensitive) abuses.
Michael Scheidell wrote:
> they are a return path client? they are using return path's ip so
> that the outbound emails are whitelisted? or are they a division of
> return path?
Right, I see that at http://www.streamsend.com/returnpath_toolset.htm
... Interesting, but not surprising. That just means they use Return
Path's system to clean (and relay?) content they send for their
customers. This should do a good job of avoiding DNSBLs.
As with DNSWL and SPF/DKIM, anything that might be conceived as a way
to bypass spam detection is a useful tool to a mass-mailer. There's a
reason SA lacks strong negatively scored rules. Habeus was abused and
removed for this reason (StreamSend participated in that!).
Does StreamSend monitor this list? With their purported
spam-fighting-curtailing, I'd figure almost certainly... Do they have
comments, or do they prefer to stay in the dark?
Speaking of anti-anti-spam, this is pointless as it can't be trusted:
> _________________________________________________________________________
> This email has been scanned and certified safe by SpammerTrap(r). For
> Information please see http://www.secnap.com/products/spammertrap/
> _________________________________________________________________________
|
