AW: AW: [anti-abuse-wg] how to detect spambots - SPAMTrusted

--On 11 March 2009 16:56:53 +0100 Sascha Wilms <Sascha.Wilms at eco.de> wrote:

>
> I know that for some it's a hard fact not to be allowed to block CSA
> whitelisted entries any more. But because senders know exactly this, they
> know what they have from being CSA whitelisted and what they stand to
> lose if they get kicked off the list when not complying with the rules.
> It is this huge leverage we gain.

So, what's the sanction against me if I apply my spam filters to one of 
your members? Just that you don't send me list updates? I could live with 
that. I'd not be able to enter any contractual obligation, though.

> Currently, we have only significant German ISPs, but at least one major
> European incumbent is about to join. We hope to extend the reach of our
> list to other providers, so that we can increase the leverage.  I have
> talked to some British providers, but so far no commitment (though the
> British marketers are very keen on having something like the CSA in the 
UK).

I'm slightly confused here. Your members are ISPs or Marketers? Perhaps 
you're referring to users of the whitelists here?

If they're ISPs, does that mean that the rules are applied to all email 
sent through the ISP's servers? If they're ISPs, then are you requiring 
that they block outbound port 25 non-whitelisted addresses? And rate 
limiting domestic clients?  That would be something I'd be very keen to 
encourage.

>
> As I said, it is really an industry standard we are promoting here, and
> the more ISPs join, the better we are able to establish the standard on
> an international level. If you guys have more feedback, you are welcome!
>
> rgds
> Sascha
>
>
> -----Ursprüngliche Nachricht-----
> Von: iane at sussex.ac.uk [mailto:iane at sussex.ac.uk]
> Gesendet: Mittwoch, 11. März 2009 16:21
> An: Sascha Wilms; anti-abuse-wg at ripe.net
> Betreff: Re: AW: [anti-abuse-wg] how to detect spambots - SPAMTrusted
>
>
>
> --On 11 March 2009 15:44:04 +0100 Sascha Wilms <Sascha.Wilms at eco.de>
> wrote:
>
>>
>> Hi Ian, hi guys,
>>
>> we actually enforce rules regarding bulk emails through the Certified
>> Senders Alliance. Enforcement can naturally be applied only to those
>> senders participating in the CSA - however, in Germany our service has
>> become the de facto industry standard for email marketers, and the
>> amount of emails sent by certified senders is huge. Thus, we have
>> gained a very good leverage over this industry.
>
> Well, that's all good. I see that in order to discover who's using your
> service, I have to agree not to blacklist any of your users. That's not
> so good. I'm not sure that I'd be interested in whitelisting anyone who's
> signed up to improve their marketing outreach.
>
> However, the fact that you require your users to publish SPF records is
> good.
>
> Are most of your members in Germany? This probably would be something I'd
> be interested in if you had a significant number of UK members.
>
> I do think that you need to get your English language documentation
> looked at by a native English speaking lawyer.
>
>> we at eco maintain a general complaints hotline, and I can't remember
>> having seen any complaint by users or ISPs about a missing opt-out
>> link only. Complaints are about UCEs, and not missing opt-out
>> possibilities. So I guess we are pretty much the only body dealing with
>> the
>> enforcement of those rules like opt-out links, and we have effective
>> sanctions for not sticking to the rules (and opt-out is definitely one
>> of those rules!).
>>
>>
>> Actually, our set of rules goes beyond the stipulations made by the EU
>> directive. And we keep on tightening the rules: SPF has now become
>> mandatory for senders (ISPs are left with the choice whether to use
>> this info); DKIM and double-opt-in, for example, are now recommended
>> criteria and will be turned into mandatory criteria with the next
>> revision of the admission criteria.
>>
>>
>> We consider this industry standard approach more efficient than any
>> legislative approach.
>>
>> Rgds
>> Sascha
>> eco association
>>
>>
>>
>> -----Ursprüngliche Nachricht-----
>> Von: anti-abuse-wg-admin at ripe.net
>> [mailto:anti-abuse-wg-admin at ripe.net]
>> Im Auftrag von Ian Eiloart Gesendet: Mittwoch, 11. März 2009 12:43
>> An: peter h; anti-abuse-wg at ripe.net
>> Betreff: Re: [anti-abuse-wg] how to detect spambots - SPAMTrusted
>>
>>
>>
>> --On 10 March 2009 20:17:50 +0100 peter h <peter at hk.ipsec.se> wrote:
>>
>>>
>>> UCE or spam is illegal in some countries, however legal authorities
>>> does not seem willing to hunt and procecute.
>>
>> Under article 13 of EU DIRECTIVE 2002/58/EC, I think that the sending
>> of UCE is illegal in every member state of the EU, which exemption
>> where the recipient is an existing customer of the organisation sending
>> the email. Even then, the sender has to give an opt out option with
>> every email,  and may only market "similar products or services".
>>
>> I don't know anywhere that this is properly enforced, though.
>>
>> --
>> Ian Eiloart
>> IT Services, University of Sussex
>> x3148
>>
>
>
>
> --
> Ian Eiloart
> IT Services, University of Sussex
> x3148
>



-- 
Ian Eiloart
IT Services, University of Sussex
x3148