SA Bugzilla – Bug 5977
too many FP's for RCVD_IN_BSP_TRUSTED
Last modified: 2017-08-02 10:03:29 UTC
it is MORE like that having a bonded sender is more likely unwanted spam than not. when we can get spammed to a 'group account' that could not have been found except by web site harvesting, this puts the whole 'bonded sender' program in question. there should NOT be such a huge credit given for these 'bonded spammers'. example: spam received from 72.2.32.94 to a group address. again, no are way there was any subscription. host 94.32.2.72.sa-trusted.bondedsender.org 94.32.2.72.sa-trusted.bondedsender.org has address 127.0.0.10
so this is an FN, not an FP, right? That said, I wouldn't be against removing habeas and bonded sender...
FWI: +1
The whole point of the bonded sender is that you have a place to make a complaint if you see something like this, and the sender will lose real money and lose their bonded sender status if they are spamming and don't stop. As long as that process does work then there is justification for keeping the rule as it will indicate that the sender is not likely to be spamming. If you do report these people and do not receive a satisfactory result, then that would be a bug to report. So far it is working as designed.
While I agree that the proper process is to report these and charge the senders money, one of the main issues right now seems to be that there's no obvious way to report the offenders. The old complaint URL for bondedsender (http://www.bondedsender.org/complaint/) now goes to the generic marketing page. Searching for a complaint or report page or address results in nothing, and there's nothing obvious on the return path site just going around. So I think we need to reach out to them and find out why they've made it so difficult and what should people use as the reporting method/address. If that results in nothing useful, then I'm +1 for removing them, but it's not appropriate to do that w/out some due diligence. FWIW, from the last weekly net run, my results: 0.089 0.0000 1.9826 0.000 0.62 0.00 RCVD_IN_BSP_TRUSTED group results: 0.101 0.0004 1.6258 0.000 0.72 0.00 RCVD_IN_BSP_TRUSTED So things don't seem too outrageous from that perspective.
(reply to comment #4) If the change in ownership has made it more difficult to report problems then I agree with keeping this bug open until these questions are resolved, and I am also +1 for dropping the rule if they are no longer doing their job. Of course, someone has to follow up on the due diligence :-)
*** Bug 5978 has been marked as a duplicate of this bug. ***
I can go ahead and contact Tom Bartel from bug 5476, unless someone else would rather jump on it. In my own investigations (including registering on the senderscore.org site) I could not find any way to report abuse.
btw, it's called "sender score certified" these days. http://www.returnpath.net/senderscore/receiver/feedback/ seems to suggest that a feedback loop is how they expect it to work, but that's only viable for ISPs. We need a better way.
I've sent an email to Tom, cc'ing the PMC list. We'll see what we get back.
(In reply to comment #9) > I've sent an email to Tom, cc'ing the PMC list. We'll see what we get back. Matt, did that result in anything?
Neil Responded back to the PMC with: --------------------- FYI sa-abuse@senderscorecertified.com is now tested, active and pointed at a fresh new RT queue for our perusal. Fire away! And please do inform your community. Thanks for your patience in this regard. If you need anything else, by all means, let us know. ----------------------