Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: SpamAssassin: users

HABEAS_ACCREDITED SPAMMER

  

 
First page Previous page 1 2 Next page Last page  View All SpamAssassin users RSS feed   Index | Next | Previous | View Threaded


richard at buzzhost

Nov 23, 2009, 4:19 AM

Post #1 of 47 (2384 views)
Permalink
HABEAS_ACCREDITED SPAMMER
I'm not really familiar with HABEAS_ACCREDITED_COI and I'm interested to
know who is behind it, and how it relates to the Spamassassin project.

I'm seeing loads of spam from a UK company called datetheuk.com AKA
EasyDate LTD from mail.redut.net [80.75.69.201]. They fished a tagged
honeypot address from Facebook. It was never opt-in and being the kind
of guy I am, I've even tried to opt out (despite not opting in) some ten
times.

What I'm interested is the fact I block at 7, but it was given -9
because:

* -8.0 HABEAS_ACCREDITED_COI RBL: Habeas Accredited Confirmed Opt-In or
Better
* [80.75.69.201 listed in sa-accredit.habeas.com]
* -1.0 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/,
low trust

I'm not dropping all redut.net in the firewall (should keep them hanging
around like a tarpit as they try to connect) - but I would love to know
what got them in scope for such a great lowering of their score?


uhlar at fantomas

Nov 23, 2009, 5:14 AM

Post #2 of 47 (2322 views)
Permalink
Re: HABEAS_ACCREDITED SPAMMER [In reply to]
On 23.11.09 12:19, richard [at] buzzhost wrote:
> I'm not really familiar with HABEAS_ACCREDITED_COI and I'm interested to
> know who is behind it, and how it relates to the Spamassassin project.

HABEAS was company acquired by ReturnPath. It tries to help out differing
between legal marketing companies and spammers.

> I'm seeing loads of spam from a UK company called datetheuk.com AKA
> EasyDate LTD from mail.redut.net [80.75.69.201]. They fished a tagged
> honeypot address from Facebook. It was never opt-in and being the kind
> of guy I am, I've even tried to opt out (despite not opting in) some ten
> times.
>
> What I'm interested is the fact I block at 7, but it was given -9
> because:
>
> * -8.0 HABEAS_ACCREDITED_COI RBL: Habeas Accredited Confirmed Opt-In or
> Better
> * [80.75.69.201 listed in sa-accredit.habeas.com]
> * -1.0 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/,
> low trust
>
> I'm not dropping all redut.net in the firewall (should keep them hanging
> around like a tarpit as they try to connect) - but I would love to know
> what got them in scope for such a great lowering of their score?

You should complain to ReturnPath. Iirc, HABEAS used to sue spammers
misusing their technology. Don't know if ReturnPath continues prac ticing
this.
--
Matus UHLAR - fantomas, uhlar [at] fantomas ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
How does cat play with mouse? cat /dev/mouse


kremels at kreme

Nov 23, 2009, 5:40 AM

Post #3 of 47 (2319 views)
Permalink
Re: HABEAS_ACCREDITED SPAMMER [In reply to]
On Nov 23, 2009, at 6:14, Matus UHLAR - fantomas <uhlar [at] fantomas>
wrote:

> You should complain to ReturnPath

Or just change the scores from -8.0 to +2.0


hajdu.zoltan at duodecad

Nov 23, 2009, 5:54 AM

Post #4 of 47 (2319 views)
Permalink
Re: HABEAS_ACCREDITED SPAMMER [In reply to]
Or just report it...

"Sender Abuse and Complaint Reporting

Any concerns or complaints regarding the Return Path Certification program can be submitted to certification [at] returnpath "

Cheers,

richard [at] buzzhost írta:
> I'm not really familiar with HABEAS_ACCREDITED_COI and I'm interested to
> know who is behind it, and how it relates to the Spamassassin project.
>
> I'm seeing loads of spam from a UK company called datetheuk.com AKA
> EasyDate LTD from mail.redut.net [80.75.69.201]. They fished a tagged
> honeypot address from Facebook. It was never opt-in and being the kind
> of guy I am, I've even tried to opt out (despite not opting in) some ten
> times.
>
> What I'm interested is the fact I block at 7, but it was given -9
> because:
>
> * -8.0 HABEAS_ACCREDITED_COI RBL: Habeas Accredited Confirmed Opt-In or
> Better
> * [80.75.69.201 listed in sa-accredit.habeas.com]
> * -1.0 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/,
> low trust
>
> I'm not dropping all redut.net in the firewall (should keep them hanging
> around like a tarpit as they try to connect) - but I would love to know
> what got them in scope for such a great lowering of their score?
>


richard at buzzhost

Nov 23, 2009, 6:34 AM

Post #5 of 47 (2314 views)
Permalink
Re: HABEAS_ACCREDITED SPAMMER [In reply to]
Thanks to Matus for the explanation, LuKreme for the suggestion on
scoring and Hajdu for the contact details. I am obliged to you and thank
you for your time.


uhlar at fantomas

Nov 23, 2009, 6:39 AM

Post #6 of 47 (2314 views)
Permalink
Re: HABEAS_ACCREDITED SPAMMER [In reply to]
> On Nov 23, 2009, at 6:14, Matus UHLAR - fantomas <uhlar [at] fantomas>
> wrote:
>
>> You should complain to ReturnPath

On 23.11.09 06:40, LuKreme wrote:
> Or just change the scores from -8.0 to +2.0

Yes, why to differ between non-abusing and abusing marketers...
--
Matus UHLAR - fantomas, uhlar [at] fantomas ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Linux - It's now safe to turn on your computer.
Linux - Teraz mozete pocitac bez obav zapnut.


jdfalk-lists at cybernothing

Nov 23, 2009, 1:37 PM

Post #7 of 47 (2309 views)
Permalink
Re: HABEAS_ACCREDITED SPAMMER [In reply to]
On Nov 23, 2009, at 6:14 AM, Matus UHLAR - fantomas wrote:

> You should complain to ReturnPath. Iirc, HABEAS used to sue spammers
> misusing their technology. Don't know if ReturnPath continues prac ticing
> this.

Actually, you're confusing Habeas's first technology (which involved suing misuse of their copywritten header, and was abandoned years ago) with their "safe list" whitelist product, which Return Path now operates. Rather than suing them, we'll simply kick 'em off the list if they don't meet our standards.

http://wiki.apache.org/spamassassin/Rules/HABEAS_ACCREDITED_COI has some basic info, including an address to complain at if you're receiving spam from a safelisted IP.

--
J.D. Falk <jdfalk [at] returnpath>
Return Path Inc


jdow at earthlink

Nov 23, 2009, 1:46 PM

Post #8 of 47 (2309 views)
Permalink
Re: HABEAS_ACCREDITED SPAMMER [In reply to]
From: "J.D. Falk" <jdfalk-lists [at] cybernothing>
Sent: Monday, 2009/November/23 13:37


On Nov 23, 2009, at 6:14 AM, Matus UHLAR - fantomas wrote:

> You should complain to ReturnPath. Iirc, HABEAS used to sue spammers
> misusing their technology. Don't know if ReturnPath continues prac ticing
> this.

Actually, you're confusing Habeas's first technology (which involved suing
misuse of their copywritten header, and was abandoned years ago) with their
"safe list" whitelist product, which Return Path now operates. Rather than
suing them, we'll simply kick 'em off the list if they don't meet our
standards.

http://wiki.apache.org/spamassassin/Rules/HABEAS_ACCREDITED_COI has some
basic info, including an address to complain at if you're receiving spam
from a safelisted IP.

--
J.D. Falk <jdfalk [at] returnpath>
Return Path Inc



As a sort of intolerant b**ch is my interpretation of what you just
said as "Habeas is useless" a reasonable statement? If not, why not?

{^_^} Habeas gets a zero score here now.


aawolfe at gmail

Nov 23, 2009, 2:05 PM

Post #9 of 47 (2309 views)
Permalink
Re: HABEAS_ACCREDITED SPAMMER [In reply to]
On Mon, Nov 23, 2009 at 4:46 PM, jdow <jdow [at] earthlink> wrote:
> From: "J.D. Falk" <jdfalk-lists [at] cybernothing>
> Sent: Monday, 2009/November/23 13:37
>
>
> On Nov 23, 2009, at 6:14 AM, Matus UHLAR - fantomas wrote:
>
>> You should complain to ReturnPath. Iirc, HABEAS used to sue spammers
>> misusing their technology. Don't know if ReturnPath continues prac ticing
>> this.
>
> Actually, you're confusing Habeas's first technology (which involved suing
> misuse of their copywritten header, and was abandoned years ago) with their
> "safe list" whitelist product, which Return Path now operates.  Rather than
> suing them, we'll simply kick 'em off the list if they don't meet our
> standards.
>
> http://wiki.apache.org/spamassassin/Rules/HABEAS_ACCREDITED_COI has some
> basic info, including an address to complain at if you're receiving spam
> from a safelisted IP.
>
> --
> J.D. Falk <jdfalk [at] returnpath>
> Return Path Inc
>
>
>
> As a sort of intolerant b**ch is my interpretation of what you just
> said as "Habeas is useless" a reasonable statement? If not, why not?
>
> {^_^}    Habeas gets a zero score here now.
>

Habeas accredited spam has been getting a positive score here for some years.

-Aaron


kremels at kreme

Nov 23, 2009, 4:08 PM

Post #10 of 47 (2308 views)
Permalink
Re: HABEAS_ACCREDITED SPAMMER [In reply to]
On Nov 23, 2009, at 7:39, Matus UHLAR - fantomas <uhlar [at] fantomas>
wrote:

> Yes, why to differ between non-abusing and abusing marketers...

We've been through this before. On my mail, habeas is a very strong
indicator of spam. It does not appear in legitimate mail.

I don't know who these legitimate marketers are, but I don't feel I'm
missing anything.


dan.mcdonald at austinenergy

Nov 23, 2009, 4:23 PM

Post #11 of 47 (2312 views)
Permalink
Re: HABEAS_ACCREDITED SPAMMER [In reply to]
On Mon, 2009-11-23 at 17:08 -0700, LuKreme wrote:
> On Nov 23, 2009, at 7:39, Matus UHLAR - fantomas <uhlar [at] fantomas>
> wrote:
>
> > Yes, why to differ between non-abusing and abusing marketers...
>
> We've been through this before. On my mail, habeas is a very strong
> indicator of spam. It does not appear in legitimate mail.
>
> I don't know who these legitimate marketers are, but I don't feel I'm
> missing anything.
>

Although these don't all appear to be business related, very few would
be marked as spam without the HABEAS_ACCREDITED bonus.
First, the suspicious ones:
$ grep HABEAS_ACCREDITED /var/log/mail/info | grep -v score=- | grep -o
-P '@.+?> ->' | cut -d\> -f 1 | sort | uniq -c | sort -rn
20 @mail.beliefnet.com
8 @dellconsumer.bounce.ed10.net
5 @news.college.us.com
4 @cmpgnr.com
3 @Zip-Times.com
3 @mailengine.nelsonpub.com
3 @mail.classmates.com
2 @yournewsletters.net
2 @mta-inbound.cluster3.convio.net
2 @financial2.net
1 @pbinews.com
1 @me20218.mailengine1.com
1 @mailengine.dermstore.com
1 @e.macys.com


Now, the list thus far this week...

$ grep HABEAS_ACCREDITED /var/log/mail/info | grep -o -P '@.+?> ->' |
cut -d\> -f 1 | sort | uniq -c | sort -rn
64 @mail.beliefnet.com
45 @bounce.linkedin.com
30 @pmcorpsend.com
26 @b.mypoints.com
25 @b.e.bathandbodyworks.com
23 @yournewsletters.net
23 @mailva.evite.com
21 @returns.sales.overstock.com
20 @bounce.homedepotemail.com
18 @dellconsumer.bounce.ed10.net
17 @reply.newsmax.com
17 @info.lanebryant.com
17 @b.e.victoriassecret.com
16 @health.webmd.com
15 @pbinews.com
13 @enews.potterybarn.com
13 @cmpgnr.com
13 @bounce.convio.net
12 @taggedmail.com
11 @us.emarsys.net
11 @prod-mail1.inboxmarketer-mail.com
11 @email.bn.com
10 @bounce.shermanstravel.com
8 @singlesnet.com
8 @ebay.com
8 @b.update.hallmark.com
8 @b.news.lowermybills.com
8 @b2a.mx0.net
7 @unionvoice.org
7 @shopittome.com
7 @mailengine.nelsonpub.com
7 @list.cheapflights.com
7 @financial2.net
7 @bounce.walmart.com
7 @bounce.astrology.com
7 @b.email.brylanehome.com
6 @post.taipan2.net
6 @hsci2.net
6 @flixster.com
6 @express2.email-advantage.com
6 @b.e.drugstore.com
6 @b.e.allposters.com
6 @b.e.1800flowers.com
5 @pminews.com
5 @news.college.us.com
5 @info.catherines.com
5 @clickmail.VacationRentals.com
4 @wb.com
4 @TexasR.fbmta.com
4 @realage-mail.com
4 @mydailymoment.com
4 @membership.ufcu.org
4 @intliv2.net
4 @email.electronicdesign.com
4 @email.businessfinancemag.com
4 @Dennys.fbmta.com
4 @bounce.stnlmailsvc.com
4 @b.e.art.com
4 @australia.care2.com
3 @Zip-Times.com
3 @twconnect.co.uk
3 @reply.collegeboard.com
3 @qmail7.arcamax.com
3 @qmail1.arcamax.com
3 @myusairways.com
3 @mail.classmates.com
3 @Lyrismail.CelebrateExpress.com
3 @ientrynetwork.net
3 @enews.williams-sonoma.com
3 @email.kgstores.com
3 @compusaonline.com
3 @bounce.ivnlmailsvc.com
3 @bounce.hsnlmailsvc.com
3 @bounce.expediamail.com
3 @boardroomdhn.bounce.ed10.net
3 @b.cts.vresp.com
2 @zt03.net
2 @www1.nmgmail.com
2 @sharpdirect.sharpusa.com
2 @response.ideeli.com
2 @r4lmail2.recipe4living-recipes.com
2 @pmemailer.com
2 @peppersandrogersgroup.com
2 @partner.pch.bounce.ed10.net
2 @oxford2.net
2 @ndc-fulmailapp3.walmart.com
2 @mta-inbound.cluster3.convio.net
2 @mmorning.net
2 @manidoo-village.com
2 @mailings5.cygnusb2b.com
2 @LyrisMail.Buycostumes.com
2 @learning2.net
2 @email.azamaracruises.com
2 @e.justmysize.com
2 @cvs.bounce.ed10.net
2 @cp20.com
2 @cantina.fbmta.com
2 @briantracyintl.com
2 @bounce.mkt2180.com
2 @bounce.mkt1031.com
2 @bounce.glnlmailsvc.com
2 @b.email.womanwithin.com
2 @b.email.kingsizedirect.com
2 @b.email.jessicalondon.com
1 @wout3.gliq.com
1 @trk.fcs-newsletters1.net
1 @tmkrmssmtp1.tmkrms.com
1 @specials.firemountaingems.com
1 @response.whatcounts.com
1 @reply.projectsatwork.com
1 @post.hsci2.net
1 @pmedianews.com
1 @orvisnews.com
1 @numbersusa.com
1 @npdor.com
1 @netlogmail.com
1 @myhealthwealthandhappiness.com
1 @MizzouAlumni.org
1 @me20218.mailengine1.com
1 @mam11.gliq.com
1 @mail.us.pampers.com
1 @mail.thefunnystuff.net
1 @mailengine.dermstore.com
1 @mail9.job.com
1 @mail96.subscribermail.com
1 @mail5.job.com
1 @mail4.nextjump.com
1 @mail1.eventbrite.com
1 @LISTSERV.DIRECTMAILEXPRESS.NET
1 @lists.3ho.org
1 @killerdana-alerts.com
1 @jewelrytv.rsys1.com
1 @i-say.com
1 @geicomail.com
1 @ga-mail.teamsterstakeaction.org
1 @ga-mail.action.earthjustice.org
1 @gaiam.rsys1.com
1 @e-rewards.net
1 @enews.potterybarnkids.com
1 @email.whitehat.com
1 @email.thermofisher.com
1 @email.quickenloans.com
1 @email.logisticstoday.com
1 @email.livenationent.com
1 @email.eepn.com
1 @e.macys.com
1 @e.hanes.com
1 @bounces.democratsenators.org
1 @bounces.amreg.com
1 @bounce.messages.bitdefender.com
1 @bounce.cordblood.com
1 @blingo.pch.bounce.ed10.net
1 @b.email.onestopplus.com
1 @arbys.fbmta.com
1 @americangirl-email.com
1 @agoravip.com
1 @actionnetwork.org
1 @1800petmeds.com


--
Daniel J McDonald, CCIE # 2495, CISSP # 78281, CNX
www.austinenergy.com


richard at buzzhost

Nov 23, 2009, 11:58 PM

Post #12 of 47 (2298 views)
Permalink
Re: HABEAS_ACCREDITED SPAMMER [In reply to]
On Mon, 2009-11-23 at 17:08 -0700, LuKreme wrote:
> On Nov 23, 2009, at 7:39, Matus UHLAR - fantomas <uhlar [at] fantomas>
> wrote:
>
> > Yes, why to differ between non-abusing and abusing marketers...
>
> We've been through this before. On my mail, habeas is a very strong
> indicator of spam. It does not appear in legitimate mail.
>
> I don't know who these legitimate marketers are, but I don't feel I'm
> missing anything.
>
AMEN TO THAT!
The only person(s) who should be deciding what is or what is not
unwanted commercial email, is the recipient. Any commercial 'whitelist'
is by design, an utter travesty of an idea.

I can see the IP's of Return Path getting adding to my IP Tables drop
list. They can join Constant Contact, Dot Mailer, IHM and 'The Planet'.


hajdu.zoltan at duodecad

Nov 24, 2009, 12:17 AM

Post #13 of 47 (2294 views)
Permalink
Re: HABEAS_ACCREDITED SPAMMER [In reply to]
Habeas (nowdays ReturnPath) certifies their clients, forces them to provide unsubscription options in their advertising messages, etc. If
there wasnt any unsubscribe option then contact their support/abuse team. They list many important parties who sends transactional messages
and so on, that you propably dont want to miss.

richard [at] buzzhost írta:
> On Mon, 2009-11-23 at 17:08 -0700, LuKreme wrote:
>> On Nov 23, 2009, at 7:39, Matus UHLAR - fantomas <uhlar [at] fantomas>
>> wrote:
>>
>>> Yes, why to differ between non-abusing and abusing marketers...
>> We've been through this before. On my mail, habeas is a very strong
>> indicator of spam. It does not appear in legitimate mail.
>>
>> I don't know who these legitimate marketers are, but I don't feel I'm
>> missing anything.
>>
> AMEN TO THAT!
> The only person(s) who should be deciding what is or what is not
> unwanted commercial email, is the recipient. Any commercial 'whitelist'
> is by design, an utter travesty of an idea.
>
> I can see the IP's of Return Path getting adding to my IP Tables drop
> list. They can join Constant Contact, Dot Mailer, IHM and 'The Planet'.
>
>


richard at buzzhost

Nov 24, 2009, 1:48 AM

Post #14 of 47 (2291 views)
Permalink
Re: HABEAS_ACCREDITED SPAMMER [In reply to]
On Tue, 2009-11-24 at 09:17 +0100, Hajdú Zoltán wrote:
> Habeas (nowdays ReturnPath) certifies their clients, forces them to provide unsubscription options in their advertising messages, etc. If
> there wasnt any unsubscribe option then contact their support/abuse team. They list many important parties who sends transactional messages
> and so on, that you propably dont want to miss.
>
I can assure you I *do* want to miss it. If I want information on a
company or a product, I WILL LOOK FOR IT. I don't want it unsolicited in
my inbox.

The sender had an unsubscribe option, but for the last 30 days I've
tried that daily, only to get more and more spam from them. They are, in
fact, emailing MY DOG. I left his email address on a facebook group
comment regarding Farmville of all things, and they fished it from
there.

I will believe that Return Path are fantastic when I see them drop this
customer. As the smell of $$$££££ is too sweet - I'm sure they will just
drop the email address concerned and turn a blind eye to how they built
their 'opt in' list in the first instance.


kremels at kreme

Nov 24, 2009, 3:08 AM

Post #15 of 47 (2288 views)
Permalink
Re: HABEAS_ACCREDITED SPAMMER [In reply to]
On 24-Nov-2009, at 01:17, Hajdú Zoltán wrote:

> forces them to provide unsubscription options in their advertising messages, etc. If there wasnt any unsubscribe option


Sorry, not good enough. The support SPAMMERS who sned messages to addresses that never subscribed, period.

And the simple fact is, they show up in SPAM and they don't show up in ham, so it makes no difference what their intentions are, they ARE a spam sign. That's just a fact.

--
I WILL NOT FAKE SEIZURES
Bart chalkboard Ep. 8F23


mattg at assembly

Nov 24, 2009, 9:20 AM

Post #16 of 47 (2269 views)
Permalink
Re: HABEAS_ACCREDITED SPAMMER [In reply to]
Daniel J McDonald wrote:
> Although these don't all appear to be business related, very few would
> be marked as spam without the HABEAS_ACCREDITED bonus.
> First, the suspicious ones:
> [snip]


FWIW, a good number of those in your list I'm pretty sure
are legit opt-in "newsletters" (term used loosely... they
mainly consist of ads and "special offers"). Sure, the're
stupid and ultimately useless from my point of view, but
AFAICT they are sent only to people who've requested them
(at least in my experience, with my users).

Obviously every admin has to decide what to block and not
to block, but I just wanted to add a data point. I try
not to block stuff my users have signed up for, as inane
as the messages may be (to me).


mattg at assembly

Nov 24, 2009, 9:25 AM

Post #17 of 47 (2270 views)
Permalink
Re: HABEAS_ACCREDITED SPAMMER [In reply to]
Matt Garretson wrote:
> FWIW, a good number of those in your list I'm pretty sure
> are legit opt-in "newsletters" (term used loosely... they
> mainly consist of ads and "special offers"). Sure, the're


Followup to myself: I have no opinion on the HABEAS issue,
but a couple years ago I decided to disable the rules
altogether, and still don't really see a need to score
either way on the accreditation.


mysqlstudent at gmail

Nov 24, 2009, 9:46 AM

Post #18 of 47 (2269 views)
Permalink
Re: HABEAS_ACCREDITED SPAMMER [In reply to]
Hi,

> Obviously every admin has to decide what to block and not
> to block, but I just wanted to add a data point. I try
> not to block stuff my users have signed up for, as inane
> as the messages may be (to me).

The trouble is, which users have actually subscribed and wish to
receive free credit checks every other day, and which is the victim?
You certainly can't tell from the message itself...

I've shut down a few of those, and haven't yet received a complaint
that they're missing anything important, and in the end I probably
look better for it.

Regards,
Alex


jeff at delphioutpost

Nov 24, 2009, 2:23 PM

Post #19 of 47 (2258 views)
Permalink
Re: HABEAS_ACCREDITED SPAMMER [In reply to]
From: LuKreme <kremels [at] kreme>
Date: Mon, 23 Nov 2009 17:08:11 -0700

On Nov 23, 2009, at 7:39, Matus UHLAR - fantomas <uhlar [at] fantomas>
wrote:

> Yes, why to differ between non-abusing and abusing marketers...

We've been through this before. On my mail, habeas is a very strong
indicator of spam. It does not appear in legitimate mail.

I find it a little hard to believe that your spam is so much different from
my spam. On my mail, not one single spam message (out of 228k total) hit
HABEAS for all of 2009. The few messages (480 out of 11k) that hit HABEAS
were all ham, either professional organizations/newsletters, transactions
from places like Vanguard or retail stores that I have a relationship with.

I don't know who these legitimate marketers are, but I don't feel I'm
missing anything.

You WILL 'block' legitimate mail. However, It's your email, so you
can do anything you want. If you think HABEAS is so bad just set the
HABEAS scores to zero and save the network bandwidth.

-jeff


jdow at earthlink

Nov 24, 2009, 3:55 PM

Post #20 of 47 (2258 views)
Permalink
Re: HABEAS_ACCREDITED SPAMMER [In reply to]
From: "Jeff Mincy" <jeff [at] delphioutpost>
Sent: Tuesday, 2009/November/24 14:23


> From: LuKreme <kremels [at] kreme>
> Date: Mon, 23 Nov 2009 17:08:11 -0700
>
> On Nov 23, 2009, at 7:39, Matus UHLAR - fantomas <uhlar [at] fantomas>
> wrote:
>
> > Yes, why to differ between non-abusing and abusing marketers...
>
> We've been through this before. On my mail, habeas is a very strong
> indicator of spam. It does not appear in legitimate mail.
>
> I find it a little hard to believe that your spam is so much different
> from
> my spam. On my mail, not one single spam message (out of 228k total) hit
> HABEAS for all of 2009. The few messages (480 out of 11k) that hit HABEAS
> were all ham, either professional organizations/newsletters, transactions
> from places like Vanguard or retail stores that I have a relationship
> with.
>
> I don't know who these legitimate marketers are, but I don't feel I'm
> missing anything.
>
> You WILL 'block' legitimate mail. However, It's your email, so you
> can do anything you want. If you think HABEAS is so bad just set the
> HABEAS scores to zero and save the network bandwidth.
>
> -jeff

I have a compulsion to be as honest as I can. So I'll note that the
MODERN HABEAS seems to be a DNS test rather than a chunk of copyrighted
text. Nonetheless, I have been bitten often enough I simply ignore the
HABEAS tests and get on with my email. There are things that come from
"certified" senders in my snail-mail, too. I jettison them to the
shredder. At least I leave the HABEAS marked email with the SA markup
and check the low scoring spam for misplaced ham. (I have some quirky
people sending me email. Some of them manage to get marked as spam.
Eventually I whitelist them. I also have a fun game with some sources
of email. Sometimes they manage to blow 5 and other times they do not.
It's fun to watch as they try to "tune" their emails.)

{^_^}


kremels at kreme

Nov 24, 2009, 11:23 PM

Post #21 of 47 (2248 views)
Permalink
Re: HABEAS_ACCREDITED SPAMMER [In reply to]
On 24-Nov-2009, at 15:23, Jeff Mincy wrote:
> From: LuKreme <kremels [at] kreme>
>> On Nov 23, 2009, at 7:39, Matus UHLAR - fantomas <uhlar [at] fantomas>
>
>>> Yes, why to differ between non-abusing and abusing marketers...
>
>> We've been through this before. On my mail, habeas is a very strong
>> indicator of spam. It does not appear in legitimate mail.
>>
> I find it a little hard to believe that your spam is so much different from
> my spam. On my mail, not one single spam message (out of 228k total) hit
> HABEAS for all of 2009. The few messages (480 out of 11k) that hit HABEAS
> were all ham, either professional organizations/newsletters, transactions
> from places like Vanguard or retail stores that I have a relationship with.

I get HABEAS mail sent to email addresses that have not been active in 10 years and have never EVER signed up for anything whatsoever. I get HABEAS mail sent to new admin@ email addresses on new domains, domains that have never sent any email at all.

> I don't know who these legitimate marketers are, but I don't feel I'm
> missing anything.
>
> You WILL 'block' legitimate mail.

No I won't, because I don't use spamassassin to BLOCK mail. I simply score it and if it scores over 5.0 it gets moved to the .SPAM folder where people are free to recover it if they want. I've never had a single complaint about HABEAS messages being misstagged as spam.

> However, It's your email, so you
> can do anything you want. If you think HABEAS is so bad just set the
> HABEAS scores to zero and save the network bandwidth.

I prefer to give it a positive score as in my tests, it is a definite spam sign


--
THIS IS NOT A CLUE...OR IS IT?
Bart chalkboard Ep. 2F16


richard at buzzhost

Nov 24, 2009, 11:53 PM

Post #22 of 47 (2250 views)
Permalink
Re: HABEAS_ACCREDITED SPAMMER [In reply to]
On Wed, 2009-11-25 at 00:23 -0700, LuKreme wrote:
> On 24-Nov-2009, at 15:23, Jeff Mincy wrote:
> > From: LuKreme <kremels [at] kreme>
> >> On Nov 23, 2009, at 7:39, Matus UHLAR - fantomas <uhlar [at] fantomas>
> >
> >>> Yes, why to differ between non-abusing and abusing marketers...
> >
> >> We've been through this before. On my mail, habeas is a very strong
> >> indicator of spam. It does not appear in legitimate mail.
> >>
> > I find it a little hard to believe that your spam is so much different from
> > my spam. On my mail, not one single spam message (out of 228k total) hit
> > HABEAS for all of 2009. The few messages (480 out of 11k) that hit HABEAS
> > were all ham, either professional organizations/newsletters, transactions
> > from places like Vanguard or retail stores that I have a relationship with.
>
> I get HABEAS mail sent to email addresses that have not been active in 10 years and have never EVER signed up for anything whatsoever. I get HABEAS mail sent to new admin@ email addresses on new domains, domains that have never sent any email at all.
>
> > I don't know who these legitimate marketers are, but I don't feel I'm
> > missing anything.
> >
> > You WILL 'block' legitimate mail.
>
> No I won't, because I don't use spamassassin to BLOCK mail. I simply score it and if it scores over 5.0 it gets moved to the .SPAM folder where people are free to recover it if they want. I've never had a single complaint about HABEAS messages being misstagged as spam.
>
> > However, It's your email, so you
> > can do anything you want. If you think HABEAS is so bad just set the
> > HABEAS scores to zero and save the network bandwidth.
>
> I prefer to give it a positive score as in my tests, it is a definite spam sign
>
I absolute have to agree with this. I see it in nothing but unwanted email and spam.
Any form of commercial whitelisting = commercial mail (usually bulk and
unwanted).

A good marketing company would *not* require a whitellist, as their mail
would be fully compliant, score low and come from an IP with a good
reputation. If spammers can tick these boxes, a paid for ESP should have
no difficulty *without* the need for a white list.


uhlar at fantomas

Nov 25, 2009, 2:03 AM

Post #23 of 47 (2248 views)
Permalink
Re: HABEAS_ACCREDITED SPAMMER [In reply to]
On 25.11.09 07:53, richard [at] buzzhost wrote:
> A good marketing company would *not* require a whitellist, as their mail
> would be fully compliant, score low and come from an IP with a good
> reputation. If spammers can tick these boxes, a paid for ESP should have
> no difficulty *without* the need for a white list.

well, a marketing company sending newsletters COULD ask for whitelisting to
prevent them from being rejected or tagged as spam. There are many filters
in the world and many people tending to tag as spam something they have
signed for.

I'm not saying that companies registered in habeas do not spam.
I'm saying that those who do should be reported, which could make habeas
worth using.
--
Matus UHLAR - fantomas, uhlar [at] fantomas ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
(R)etry, (A)bort, (C)ancer


kremels at kreme

Nov 25, 2009, 2:16 AM

Post #24 of 47 (2249 views)
Permalink
Re: HABEAS_ACCREDITED SPAMMER [In reply to]
On Nov 25, 2009, at 3:03, Matus UHLAR - fantomas <uhlar [at] fantomas>
wrote:

> I'm not saying that companies registered in habeas do not spam.
> I'm saying that those who do should be reported, which could make
> habeas
> worth using.

Ah, well that's a whole other issue. Habeas is a commercial enterprise
and I don't work for them, so reporting their abusive customers isn't
my job.


hajdu.zoltan at duodecad

Nov 25, 2009, 2:57 AM

Post #25 of 47 (2247 views)
Permalink
Re: HABEAS_ACCREDITED SPAMMER [In reply to]
Then whos job? :) Habeas doesnt monitor Your Inbox.

If You have the time to write here just for 'flaming' against a ~good concept...
...Maybe it would be a better idea to spend that time on supporting them with Your feedback.

Cheers,

LuKreme írta:
> On Nov 25, 2009, at 3:03, Matus UHLAR - fantomas <uhlar [at] fantomas> wrote:
>
>> I'm not saying that companies registered in habeas do not spam.
>> I'm saying that those who do should be reported, which could make habeas
>> worth using.
>
> Ah, well that's a whole other issue. Habeas is a commercial enterprise
> and I don't work for them, so reporting their abusive customers isn't my
> job.
>
>
>

First page Previous page 1 2 Next page Last page  View All SpamAssassin users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.