From usenet-imp at exp09.spam.woody.ch Wed Oct 7 11:33:09 2009 From: usenet-imp at exp09.spam.woody.ch (Benoit Panizzon) Date: Wed Oct 7 11:35:09 2009 Subject: [Schelp] Why is 157.161.144.64 blacklisted? Message-ID: Hi 157.161.144.64 is one of our main mailservers. I work at AS6772 responsible for this IP and usualy get the spamcop reports for IP addresses within our AS. We never got any report about spam being sent from that IP. Still it is blocked by spamcop. Without report what caused this blocking we cannot investigate into the problem. What can we do to solve that problem? -Benoit- From MikeE at ster.invalid Wed Oct 7 12:18:58 2009 From: MikeE at ster.invalid (Mike Easter) Date: Wed Oct 7 12:20:07 2009 Subject: [Schelp] Re: Why is 157.161.144.64 blacklisted? References: Message-ID: Benoit Panizzon wrote: > 157.161.144.64 is one of our main mailservers. 157.161.144.64 not listed in bl.spamcop.net http://snipr.com/sdomx > I work at AS6772 responsible for this IP and usualy get the spamcop > reports for IP addresses within our AS. http://www.spamcop.net/sc?track=157.161.144.64 Parsing input: 157.161.144.64 157.161.144.64 not listed in bl.spamcop.net Reporting addresses: abuse@imp.ch > We never got any report about spam being sent from that IP. > > Still it is blocked by spamcop. > > Without report what caused this blocking we cannot investigate into the > problem. > > What can we do to solve that problem? That IP has been listed in SCbl and is currently listed at backscatter. http://www.spamcop.net/bl.shtml?157.161.144.64 The most common causes of blocking systems not intending to spam http://www.backscatterer.org/index.php Testresult for 157.161.144.64: - This IP IS CURRENTLY LISTED in our Database. - Please note that this listing does not mean you are a spammer, it means your mailsystem is either poorly configured or it is using abusive techniques. SCbl rapidly lists and delists, depending on traffic and spam report hits. backscatter keeps the IP listed for 4 weeks before delisting if there's no reports. Your mailserver has a poor reputation at senderbase - several tools show it currently listed in the scbl, but the scbl tool on the spamcop website is the most uptodate showing it currently unlisted. The rDNS is tikki.hosting.scout.ch but it answers as mail.hosting.scout.ch -- the name scout.ch has no abuse.net reg'd address. You can request notifies from SC about particular reports by going here and navigating http://www.spamcop.net/fom-serve/cache/75.html Help for abuse-desks and administrators -- How can I get SpamCop reports about my network? -- Mike Easter kibitzer, not SC admin From usenet-imp at exp09.spam.woody.ch Thu Oct 8 03:46:09 2009 From: usenet-imp at exp09.spam.woody.ch (Benoit Panizzon) Date: Thu Oct 8 03:50:08 2009 Subject: [Schelp] Re: Why is 157.161.144.64 blacklisted? References: Message-ID: Hi Mike Yesterday I also started recording outgoing email traffic and indeed, there is a huge backscatter problem. But I don't know how to solve it. The Problem is that many of our customer use forwards for their email accounts. So there are many forwardings to invalid addresses or accounts where the quotas are full etc. Although we use spam filtering, we don't catch 100% of the spams. So quite a lot of the emails that get forwarded have faked sender addresses and our server then does generate a bounce to this fake address. And I realy don't know how to avoid those bounces. Any suggestions? -Benoit- From V at nguard.LH Thu Oct 8 04:01:31 2009 From: V at nguard.LH (VanguardLH) Date: Thu Oct 8 04:05:09 2009 Subject: [Schelp] Re: Why is 157.161.144.64 blacklisted? References: Message-ID: Benoit Panizzon wrote: > Hi Mike > > Yesterday I also started recording outgoing email traffic and indeed, there > is a huge backscatter problem. But I don't know how to solve it. > > The Problem is that many of our customer use forwards for their email > accounts. > > So there are many forwardings to invalid addresses or accounts where the > quotas are full etc. > > Although we use spam filtering, we don't catch 100% of the spams. So quite a > lot of the emails that get forwarded have faked sender addresses and our > server then does generate a bounce to this fake address. > > And I realy don't know how to avoid those bounces. > > Any suggestions? > > -Benoit- The receiving mail server should reject an e-mail DURING the mail session with the sending mail server. It should determine if the targeted account (by its username) is valid or not, if its mailbox is full, etc. and, if so, reject the mail transfer (i.e., error). The sending mail server then handles the rejection by sending back an NDR (non-delivery report) to the sender. If the mail server accepts all e-mails and then later determines if they are undeliverable but which s long after the mail session has terminated with the sending mail server, the receiving mail server has no more information than would a user reading e-mails. Since the return-path headers were added by the sender (as part of their message sent during the DATA command), the sender's client can put whatever it wants in those headers. Well, spammers aren't going to identify themselves but they will point to non-existent domains (which your mail server will immediately recognize cannot have NDRs delivered to), to valid domains but invalid usernames (so your mail server wastes time connecting to the target domain only to find out your NDR is undeliverable, or they specify a valid e-mail address and some innocent gets your misdirect NDR. If your mail server doesn't reject during the mail session, it only has the same return-path headers that end users would have when they send their fake bounces. Forwarding services don't deliver into a mailbox so they won't know if the e-mail they pass on is actually deliverable or not. By the time they get around relaying forward the e-mail, the mail session with the sending mail host is gone. I'm not sure how a forwarding mail server should handle rejected forwarded e-mails since there is no guaranteed info in the e-mail as to who was the real sender. So it seems you cannot issue NDRs backward to the sender. By the time you get a rejection on your forward, you don't know who is the sender anymore. From usenet-imp at exp09.spam.woody.ch Thu Oct 8 05:06:48 2009 From: usenet-imp at exp09.spam.woody.ch (Benoit Panizzon) Date: Thu Oct 8 05:10:08 2009 Subject: [Schelp] Re: Why is 157.161.144.64 blacklisted? References: Message-ID: Hi > If your mail server doesn't reject during the mail session, it only has > the same return-path headers that end users would have when they send > their fake bounces. Forwarding services don't deliver into a mailbox so > they won't know if the e-mail they pass on is actually deliverable or > not. By the time they get around relaying forward the e-mail, the mail > session with the sending mail host is gone. I'm not sure how a > forwarding mail server should handle rejected forwarded e-mails since > there is no guaranteed info in the e-mail as to who was the real sender. > So it seems you cannot issue NDRs backward to the sender. By the time > you get a rejection on your forward, you don't know who is the sender > anymore. And this is the problem I don't know how to solve. Local delivery is no problem. Email get's rejected during handshake if a account does not exist or if it's full. But how to solve the forwarding problem? Not even rewriting the sender according to SRS solves that problem because the trojan of course do not use SRS signed sender addresses. -Benoit- From MikeE at ster.invalid Thu Oct 8 08:01:41 2009 From: MikeE at ster.invalid (Mike Easter) Date: Thu Oct 8 08:05:08 2009 Subject: [Schelp] Re: Why is 157.161.144.64 blacklisted? References: Message-ID: Benoit Panizzon wrote: > there is a huge backscatter problem. > The Problem is that many of our customer use forwards for their email > accounts. > > So there are many forwardings to invalid addresses or accounts where the > quotas are full etc. If I'm understanding this correctly, you are running a mailserver for accounts which are configured to forward to dead mailboxes. Why is that? Don't be in that kind of mailbusiness. Shut down any accounts which (try to) forward to dead mailboxes/ nonexistent accounts. I don't run a mailserver, but I asssume that if you visit a newsgroup for your mailserver's software, someone will tell you how to write a script. -- Mike Easter kibitzer, not SC admin From V at nguard.LH Thu Oct 8 15:14:34 2009 From: V at nguard.LH (VanguardLH) Date: Thu Oct 8 15:15:08 2009 Subject: [Schelp] Re: Why is 157.161.144.64 blacklisted? References: Message-ID: Benoit Panizzon wrote: > Hi > >> If your mail server doesn't reject during the mail session, it only has >> the same return-path headers that end users would have when they send >> their fake bounces. Forwarding services don't deliver into a mailbox so >> they won't know if the e-mail they pass on is actually deliverable or >> not. By the time they get around relaying forward the e-mail, the mail >> session with the sending mail host is gone. I'm not sure how a >> forwarding mail server should handle rejected forwarded e-mails since >> there is no guaranteed info in the e-mail as to who was the real sender. >> So it seems you cannot issue NDRs backward to the sender. By the time >> you get a rejection on your forward, you don't know who is the sender >> anymore. > > And this is the problem I don't know how to solve. > > Local delivery is no problem. Email get's rejected during handshake if a > account does not exist or if it's full. > > But how to solve the forwarding problem? Not even rewriting the sender > according to SRS solves that problem because the trojan of course do not use > SRS signed sender addresses. I would end having to read the documentation for your unidentified mail server software just as you would to find out if there was a configurable option to disable NDR relaying (back to sender using the return-path headers since that'll be the only info available) when the forwarding option was enabled in an account. I would think that any customer that is forwarding to an invalid account would result in their account with you getting terminated. If they aren't willing to keep updated their account with you then they have likely abandoned their account with you as they have for the forwarded account. Users that result in you generating backscatter should be sufficient reason to deactivate or delete their account. You need to generate bounces ONLY for local users (i.e., your customers that have accounts with you). Don't send bounces to off-domain recipients. See http://spamlinks.net/prevent-secure-backscatter.htm. You might want to add text to the forwarding option in your user's accounts or add a help page telling them that NDRs will *not* be sent to senders when your customers enable your forwarding service. If your customers are trying to hide their true e-mail address, that hiding has costs, like no off-domain NDRs when forwarding fails (invalid account, busy server where repeat transmits continually fail past the number of retries, target mailbox is full, or whatever causes an error in forwarding the e-mail). http://spamlinks.net/prevent-secure-backscatter.htm There may be newsgroups or forums that discuss you particular mail server program, like alt.comp.mail.postfix, alt.comp.mail.qmail, comp.mail.sendmail. The sendmail group seems active enough but the others don't seem to get much traffic. There might be more active forums on the mail servers. If, for example, you are using postfix then maybe some articles regarding its backscatter prevention might help, like http://www.postfix.org/BACKSCATTER_README.html. From g.hyde at bigNOSPAMpond.net.au Fri Oct 9 01:42:25 2009 From: g.hyde at bigNOSPAMpond.net.au (Geoffrey Hyde) Date: Fri Oct 9 01:45:07 2009 Subject: [Schelp] Re: Why is 157.161.144.64 blacklisted? References: Message-ID: "Benoit Panizzon" wrote in message news:hak5c0$rgt$1@news.spamcop.net... > Hi Mike > > Yesterday I also started recording outgoing email traffic and indeed, > there > is a huge backscatter problem. But I don't know how to solve it. > > The Problem is that many of our customer use forwards for their email > accounts. > > So there are many forwardings to invalid addresses or accounts where the > quotas are full etc. > > Although we use spam filtering, we don't catch 100% of the spams. So quite > a > lot of the emails that get forwarded have faked sender addresses and our > server then does generate a bounce to this fake address. > > And I realy don't know how to avoid those bounces. > > Any suggestions? Try using a search engine on the internet. If I googled "how to avoid backscatter" (no quotes) I got the following results: http://www.google.com.au/search?hl=en&source=hp&q=how+to+avoid+backscatter&meta=&aq=f&oq= Since you know what your mailserver software is, you should refine your search and search for results that will help you configure the software you're currently using. There is plenty of information on the internet to avoid getting into the pit of backscatter listing, but it's a really long dig sometimes to get yourself out of it. Cheers ... Geoffrey Hyde From jay at spam-block.net Sat Oct 17 10:28:37 2009 From: jay at spam-block.net (Jay Teutenberg) Date: Sat Oct 17 10:30:10 2009 Subject: [Schelp] 216.176.160.0/20 is not my netblock Message-ID: Ive tried and tried to get spamcop to stop sending me notices about this old netblock. Help! and I hope everyone has them blocked, I got notice after notice.. arin whois info does not show me. spamcop admins have supposedly removed manual entries. whats left? From MikeE at ster.invalid Sat Oct 17 17:22:58 2009 From: MikeE at ster.invalid (Mike Easter) Date: Sat Oct 17 17:25:08 2009 Subject: [Schelp] Re: 216.176.160.0/20 is not my netblock References: Message-ID: Jay Teutenberg wrote: Subject: 216.176.160.0/20 is not my netblock > Ive tried and tried to get spamcop to stop > sending me notices about this old netblock. Arin sez the notify is kadavis@ptci.com which ptci has no reg'd abuse.net contact SC's old cache sed the (old) notify was jwbrewster@ptci.com -- but the tool has a refresh cache button which I clicked and now the tool sez the (new) notify is kadavis@ptci.com > Help! Not that it helps to tell /me/ here but I don't know who 'you' are re a contact abuse address. You put a bogus From address in the newsmessage and it doesn't look like anyone named Jay Teutenberg which you used as a nym/handle here should be getting any notifies about the /20 according to the jwbrewster and kadavis info. Arin also provides info about the rabuse-handle TECHN363-ARIN which provides several contact addresses which also don't look like Jay Teutenberg Email: kadavis@ptci.com Email: ajprovenzano@ptci.com Email: jsmccully@ptci.com Email: sgkadavy@ptci.com Email: jwbrewster@ptci.com > and I hope everyone has them blocked, > I got notice after notice.. arin whois info > does not show me. spamcop admins have > supposedly removed manual entries. There's a website mechanism to communicate: http://www.spamcop.net/fom-serve/cache/91.html How can I contact a real person about this? -- Mike Easter kibitzer, not SC admin From jay at spam-block.net Sat Oct 17 22:59:53 2009 From: jay at spam-block.net (Jay Teutenberg) Date: Sat Oct 17 23:00:08 2009 Subject: [Schelp] Re: 216.176.160.0/20 is not my netblock References: Message-ID: "Mike Easter" wrote in message news:hbdcjh$m0n$1@news.spamcop.net... > Jay Teutenberg wrote: > Subject: 216.176.160.0/20 is not my netblock > >> Ive tried and tried to get spamcop to stop >> sending me notices about this old netblock. > > Arin sez the notify is kadavis@ptci.com which ptci has no reg'd > abuse.net contact > > SC's old cache sed the (old) notify was jwbrewster@ptci.com -- but the > tool has a refresh cache button which I clicked and now the tool sez the > (new) notify is kadavis@ptci.com Thats what Im saying, this was a block I returned about 5 years ago. Currently Im in 12.174.25.0/24, not sure if ATT has that updated as mine or not. > >> Help! > > Not that it helps to tell /me/ here but I don't know who 'you' are re a > contact abuse address. You put a bogus From address in the newsmessage > and it doesn't look like anyone named Jay Teutenberg which you used as a > nym/handle here should be getting any notifies about the /20 according > to the jwbrewster and kadavis info. Thats what Im saying, I shouldnt be getting notices, but I am. As far as a bogus from address, I dunno, Im using OE, and the reply to has jay@spam-block.net. > Arin also provides info about the rabuse-handle TECHN363-ARIN which > provides several contact addresses which also don't look like Jay > Teutenberg > > Email: kadavis@ptci.com > Email: ajprovenzano@ptci.com > Email: jsmccully@ptci.com > Email: sgkadavy@ptci.com > Email: jwbrewster@ptci.com > >> and I hope everyone has them blocked, >> I got notice after notice.. arin whois info >> does not show me. spamcop admins have >> supposedly removed manual entries. > > There's a website mechanism to communicate: > > http://www.spamcop.net/fom-serve/cache/91.html How can I contact a real > person about this? thanks, I'll try that. > > > > -- > Mike Easter > kibitzer, not SC admin > From user at domain.invalid Sat Oct 17 23:13:34 2009 From: user at domain.invalid (Farelf) Date: Sat Oct 17 23:15:08 2009 Subject: [Schelp] Re: 216.176.160.0/20 is not my netblock In-Reply-To: References: Message-ID: Mike Easter wrote: > Jay Teutenberg wrote: > Subject: 216.176.160.0/20 is not my netblock > >> Ive tried and tried to get spamcop to stop >> sending me notices about this old netblock. > > Arin sez the notify is kadavis@ptci.com which ptci has no reg'd > abuse.net contact > > SC's old cache sed the (old) notify was jwbrewster@ptci.com -- but the > tool has a refresh cache button which I clicked and now the tool sez the > (new) notify is kadavis@ptci.com > >> Help! > > Not that it helps to tell /me/ here but I don't know who 'you' are re a > contact abuse address. You put a bogus From address in the newsmessage > and it doesn't look like anyone named Jay Teutenberg which you used as a > nym/handle here should be getting any notifies about the /20 according > to the jwbrewster and kadavis info. > > Arin also provides info about the rabuse-handle TECHN363-ARIN which > provides several contact addresses which also don't look like Jay > Teutenberg > > Email: kadavis@ptci.com > Email: ajprovenzano@ptci.com > Email: jsmccully@ptci.com > Email: sgkadavy@ptci.com > Email: jwbrewster@ptci.com > >> and I hope everyone has them blocked, >> I got notice after notice.. arin whois info >> does not show me. spamcop admins have >> supposedly removed manual entries. > > There's a website mechanism to communicate: > > http://www.spamcop.net/fom-serve/cache/91.html How can I contact a real > person about this? > > > All correct - but Jay has been down this route before: http://zeta.cesmail.net/pipermail/scspamcop/2009-April/008585.html et seq. Something strange has happened - perhaps no more than the manual over-rides being inadvertently restored or perhaps there are individual reporters who heeded some earlier imperative and added Jay as an additional reporting address. If the latter case, it may be a little difficult - though presumably any such individual reporters can be contacted, one-by-one, by replying to their reports - http://www.spamcop.net/fom-serve/cache/96.html From edekuyf at gmail.com Wed Oct 21 14:07:03 2009 From: edekuyf at gmail.com (Erik) Date: Wed Oct 21 14:10:08 2009 Subject: [Schelp] Malicious report of Spam: Copy of post in spamcop.mail Message-ID: Dear, A message of mine was reported as spam by a person who seems to have only malicious intentions. The e-mail in question was sent from my mail addres edekuyf@gmail.com and had the subject "Fwd: Ideefix op Samenbeter.be: Gemakkelijk en gratis!" The data are the following: Message-ID: <4ADF24AD.1000502@derocker.name> Date: Wed, 21 Oct 2009 17:11:41 +0200 From: Kris De Rocker I have sent this message out to about 20 people of which I received the e-mail address from the responsible person at Ideefix (a studentgroup, reported in the mail subject) The message contained an invitation to visit freely and without cmmercial goal my website www.samenbeter.be It was only my intention to make people aware of my project and never to bother them or harm them in any way. However, one person called Kris De Rocker feld the urgent need to report my mail as spam because he received it two times. I do not know what the intentions of this person are, but could you please check whether my e-mail addres edekuyf@gmailcom or my website www.samenbeter.be are reported to Spamcops as a distributor of spam. If so, could you please undo this and report it to me, so I can take the proper (legal) actions against this person who only seems to have maicious intentions. Thanks in advance, Erik Erik De Kuyffer From MikeE at ster.invalid Wed Oct 21 15:32:41 2009 From: MikeE at ster.invalid (Mike Easter) Date: Wed Oct 21 15:35:08 2009 Subject: [Schelp] Re: Malicious report of Spam: Copy of post in spamcop.mail References: Message-ID: Erik wrote: > A message of mine was reported as spam by a person who seems to have > only malicious intentions. SC reporters are supposed to use some judgment in reporting spam. What you describe below I would not consider 'malicious' (or mailicious either). See the last link. Antispammers like to get into discussions about what is and what is not spam. My personal favorite definition is at MAPS. There are other similar definitions such as the one at spamhaus. In MAPS definition, there are critical analysis elements in which the very fine points are left to the judgment of the recipient, not the sender. See the first link. > The e-mail in question was sent from my mail addres edekuyf@gmail.com > and had the subject "Fwd: Ideefix op Samenbeter.be: Gemakkelijk en > gratis!" The data are the following: It is curious how you say 'was sent from my mail address' rather than just saying that you sent it. Why don't you just say that you sent it? > Message-ID: <4ADF24AD.1000502@derocker.name> > Date: Wed, 21 Oct 2009 17:11:41 +0200 > From: Kris De Rocker > > I have sent this message out to about 20 people of which I received the > e-mail address from the responsible person at Ideefix (a studentgroup, > reported in the mail subject) You are describing a process of creating a mailing list, albeit a very small one, in an improper manner. See the 2nd link. A mailing list is supposed to be created by those who would be added to a mailing list requesting to be placed on a list -- not by being placed on a list in some other fashion such as you did. "Someone told me I should put your name on this list." doesn't get it. You made a bad list. Some call it a 'dirty list.' > The message contained an invitation to visit freely and without > cmmercial goal my website www.samenbeter.be ... which site appears to be reg'd to someone not you. You created a dirty list for the purpose of benefitting your visitors to a website in which you had an interest. That is what spammers do. > It was only my intention to make people aware of my project and never to > bother them or harm them in any way. Spammers who are scammers or phishers or conners intend to make people aware of their product/site and not to 'harm' them in any way and to only bother them with the existence of their mail/spam. > However, one person called Kris De Rocker feld the urgent need to > report my mail as spam because he received it two times. I don't see that that was a bad report. If he had asked here what about reporting the 'repetitive' receipt of unsolicited mail, I would have supported his reporting it. > I do not know what the intentions of this person are, but could you > please check whether my e-mail addres edekuyf@gmailcom or my website > www.samenbeter.be are reported to Spamcops as a distributor of spam. Spamcop's purposes are to facilitate the reporting of spam to the provider for the source and to the provider for a spamvertised site. What those providers do with the information is up to them. In addition, SC maintains a blocklist based on IP address (not email address) of the source IP of spam. That blocklist is designed to autoremove an IP address which gets listed when the spam stops. > If so, could you please undo this and report it to me, so I can take the > proper (legal) actions against this person who only seems to have > maicious intentions. There is nothing malicious about reporting spam. You made a bad list and spammed it repeatedly (twice at least). http://www.mail-abuse.com/spam_def.html MAPS' Definition of "spam" http://www.mail-abuse.com/an_listmgntgdlines.html Application Note: Guidelines for proper mailing list management http://www.spamcop.net/fom-serve/cache/125.html SpamCop users should know what is and is not appropriate to report as spam to SpamCop. -- Opt-in is email that an individual requested or agreed to receive. -- Mike Easter kibitzer, not SC admin From V at nguard.LH Wed Oct 21 17:02:19 2009 From: V at nguard.LH (VanguardLH) Date: Wed Oct 21 17:05:08 2009 Subject: [Schelp] Re: Malicious report of Spam: Copy of post in spamcop.mail References: Message-ID: Erik wrote: > Dear, > > A message of mine was reported as spam by a person who seems to have only > malicious intentions. > > The e-mail in question was sent from my mail addres edekuyf@gmail.com and > had the subject "Fwd: Ideefix op Samenbeter.be: Gemakkelijk en gratis!" > The data are the following: > > Message-ID: <4ADF24AD.1000502@derocker.name> > Date: Wed, 21 Oct 2009 17:11:41 +0200 > From: Kris De Rocker > > I have sent this message out to about 20 people of which I received the > e-mail address from the responsible person at Ideefix (a studentgroup, > reported in the mail subject) > The message contained an invitation to visit freely and without cmmercial > goal my website www.samenbeter.be > > It was only my intention to make people aware of my project and never to > bother them or harm them in any way. > However, one person called Kris De Rocker feld the urgent need to report my > mail as spam because he received it two times. > > I do not know what the intentions of this person are, but could you please > check whether my e-mail addres edekuyf@gmailcom or my website > www.samenbeter.be are reported to Spamcops as a distributor of spam. > If so, could you please undo this and report it to me, so I can take the > proper (legal) actions against this person who only seems to have maicious > intentions. > > Thanks in advance, > Erik > Erik De Kuyffer So, in this listing maintained by Ideefix (that it is a "student group" is irrelevant), has every one of those recipients in that list actually opted in to that mailing list? Or do they have to opt opt AFTER getting e-mails from that mailing list? Many users don't consider opt-opts as valid because it still mandates the delivery of the spam to get the opt-out availability. That's like someone "borrowing" your car but telling you AFTER they borrowed it. Too late. Without permission established beforehand, that person stole your car. Without an opt-in, the unsolicited e-mails are still spam. You have no control over who claims your e-mails are spam. Most users lump unwanted & unsolicited e-mails in with spam e-mails. You need to ensure the recipients really want your bulk mailings, and that means using only an opt-in mailing list (and not with opt ins performed surreptitiously, like assuming if they have an account that they have opted it because somewhere buried in a TOS is mention that they are forced to opt in to have an account). It will take more than 1 or 2 reports of spam abuse to get you blacklisted. Won't go through the entire story but an incident at a restaurant ended with the firing of a waitress (who wasn't doing her job and was a known problem employee for a long time - and I didn't even complain since the manager saw the problem and apologized unprompted when I left). We were outside by our car when the waitress storms up to wail that I got her fired. My retort was, "One complaint didn't get you fired." Without knowing ALL the details, like who compiles the "student" mailing list, how they get on that list, whether those students KNOWINGLY opted into that mailing list or were involuntarily drafted or surrepitiously enlisted, and if perhaps you didn't supply any means of opting out of your mailings (required by CAN-SPAM law) or don't immediately honor those opt out requests, it certainly does appear that you spammed those 20 recipients, and did so more than once. Just because your "project" is important to you doesn't mean it is to them. Right now, the malicious one doesn't seem to be Kris (hint hint). From nobody at spamcop.net Thu Oct 22 10:16:23 2009 From: nobody at spamcop.net (Bar0) Date: Thu Oct 22 10:20:09 2009 Subject: [Schelp] Re: Malicious report of Spam: Copy of post in spamcop.mail References: Message-ID: "VanguardLH" wrote in message news:hbnssq$pgo$1@news.spamcop.net... > Erik wrote: > >> Dear, >> >> A message of mine was reported as spam by a person who seems to have only >> malicious intentions. >> .... >> However, one person called Kris De Rocker feld the urgent need to report >> my >> mail as spam because he received it two times. >> >> I do not know what the intentions of this person are, but could you >> please >> check whether my e-mail addres edekuyf@gmailcom or my website >> www.samenbeter.be are reported to Spamcops as a distributor of spam. >> If so, could you please undo this and report it to me, so I can take the >> proper (legal) actions against this person who only seems to have >> maicious >> intentions. >> >> Thanks in advance, >> Erik >> Erik De Kuyffer > > So, in this listing maintained by Ideefix (that it is a "student group" > is irrelevant), has every one of those recipients in that list actually > opted in to that mailing list? Or do they have to opt opt AFTER getting > e-mails from that mailing list? Many users don't consider opt-opts as > valid because it still mandates the delivery of the spam to get the > opt-out availability. That's like someone "borrowing" your car but > telling you AFTER they borrowed it. Too late. Without permission > established beforehand, that person stole your car. Without an opt-in, > the unsolicited e-mails are still spam. ... Eric is simply using the classic definition of spam , which is: "That which we do not do". As Vernon Schryver often stated, probably everyone spams now and then, (invitations to a party or wedding for example)., But Eric wasn't satisfied whith just once , which apparently was allowed to slide, he had to do it again.