Back to Community Threads
4
Is there a way in SmarterMail to report Spammers
Question asked by David O'Leary - 9/25/2024 at 4:00 PM
Unanswered
When I get a SPAM message in the webmail client, I want to be able to easily report that sender as a spammer. I don't just want to no longer get SPAM from them. I want to damage the sending domain's sending reputation. These senders pass SPF, DKIM, and DMARC so they are verified senders and somehow I got on their lists and I want them to pay. 

Any good ways to do that?
Owner of Efficion Consulting

11 Replies

Reply to Thread
0
J. LaDow Replied
9/25/2024 at 5:24 PM
THIS +100
MailEnable survivor / convert --
1
Douglas Foster Replied
9/26/2024 at 6:14 AM
There are two parts to the reputation issue:   
  • Commercial products collect data while protecting their clients.  You can influence their reputation databases by becoming their customer and using their feedback mechanisms.  Feedback from non-customers is likely to be ignored.
  • SpamHaus is the one public product that I have used.   They have to decide whether an assertion of malicious sender is legitimate or a malicious attack itself.   Consequently, SpamHaus says that they have a secret data collection process and they do not accept unsolicited reputation information.  So there is no known way to influence them directly.  
Some people have suggested creation of a reputation sharing mechanism between SmarterMail users, and I am happy to facilitate an informal process by sharing my reputation lists, just send me a private message.   

But before you ask, consider how you are going to use the data, because any list of bad actors is going to be big.   I do not consider either SmarterMail or Declude to be usable repositories for a long list of blocked names.  Currently, my email address block list is just under 4000 entries and my Server name block list is just under 1000 names.   Both lists grow almost daily based on incoming data.

My design uses custom Declude filters, SQL stored procedures, and indexed SQL tables so that:
  • A block on a domain name, whether in an email address or a host name, applies to both the domain name and all subdomains, unless an override entry is configured for a specific subdomain.
  • A block on an email address applies whether the address appears as the Mail From address or the message's From header entry.
Without these aggregation tricks, the lists would need even more entries, and the result would still have holes caused by unlisted subdomains.
1
Jay Dubb Replied
9/26/2024 at 12:31 PM
My question would be, report them to whom?  I'm sure that would be a popular option if there was a way to automate reporting, but the million-dollar question is where.  There's not a centralized global clearinghouse for spam reporting, so my assumption would be this would have to be a multi-pronged backend app to submit headers to SpamCop, Spamhaus, and several noteworthy others.  Not a small task.
 
3
mh Replied
9/26/2024 at 1:07 PM
This is not something that would work well, and could easily be abused by reporting competitors and other legit email as spam "just because". You'll have to build your spam rules and such around blocking as much as you're able. Emails that may pass SPF/DMARC and such don't necessarily mean the whole company needs a reputation change if there was a single PC or account that was compromised into sending out things as well. While the suggestion sounds good, it is not really feasible.
2
Jay Dubb Replied
9/26/2024 at 2:52 PM
Correct.  And what one person considers spam might be another person's "glad I received this" email.  We've participated in feedback loops for years, and it's amazing how many people report legit list-mail as spam after they voluntarily *subscribed* to the list at some point in the past (and we have the subscribe logs as documentation).  Years ago we saw tons of AOL subscribers reporting 'spam' which came to us via feedback loop, that was legitimate person-to-person email.  Clearly they did a Select-All on their Inbox and hit the Spam button, which we always thought AOL made WAY too easy.

Side note:  I'm amazed at how much spam our system gets on a daily basis from Gmail and Microsoft Online.  Tons of compromised accounts spewing it like geysers, but they are "too big to block".
 
0
Douglas Foster Replied
9/26/2024 at 3:29 PM
Not compromised accounts, computer generated ones 
0
David O'Leary Replied
10/8/2024 at 9:15 AM
At the very least, SmarterMail should allow for reporting to the Abuse address for the domain. Seems like it should also allow for reporting abuse to the host. Mail accounts hosted by Google and Microsoft allow this. Amazon SES allows you to see how many people are making complaints about your emails. 

Seems like there should be some kind of escalation mechanism that handles abuse reports (domain abuse account, host abuse account, hosting facility abuse account, owner of the IP range, ... )
Owner of Efficion Consulting
0
Why dont we start hosting a centralized list of reported spammers/domains??

Over time this will be a significant tribute to keeping the server spamfree....
0
John Quest Replied
10/10/2024 at 8:33 AM
At the very least, SmarterMail should allow for reporting to the Abuse address for the domain. Seems like it should also allow for reporting abuse to the host. Mail accounts hosted by Google and Microsoft allow this. Amazon SES allows you to see how many people are making complaints about your emails. 

Seems like there should be some kind of escalation mechanism that handles abuse reports (domain abuse account, host abuse account, hosting facility abuse account, owner of the IP range, ... )

Sadly in today's enviornment of people do not care, that is not in any way reliable. While true that RFCs stipulate that a domain have an abuse@ valid email address, many do not or are ignored. 

Simply put, there is no consistent known way to report abuse/spam/fufu to every domain.
1
David O'Leary Replied
10/14/2024 at 11:51 AM
Things have changed though from years ago when there was nothing we could do about SPAM. Now that we can require SPF, DKIM, and DMARC since the big players (Google and Microsoft) now require them, we can definitely identify where mail is coming from. It is no longer a problem that we can't do anything about. If no one else is putting together a universal email Abuse mechanism, it seems like a golden business opportunity. 
Owner of Efficion Consulting
1
John Quest Replied
10/15/2024 at 8:28 AM
Things have changed though from years ago when there was nothing we could do about SPAM. Now that we can require SPF, DKIM, and DMARC since the big players (Google and Microsoft) now require them, we can definitely identify where mail is coming from. It is no longer a problem that we can't do anything about. If no one else is putting together a universal email Abuse mechanism, it seems like a golden business opportunity. 

Sadly, that is not true. Malicious and spam actors readily utilize those very same tools that many believe will stop spam and malicious actors. 

THAT, combined with an overwhelming large amount of legit email senders and receivers that are either ignorant or refuse to conform to such standards quickly prove your statement wrong.

Remember, if the war was that easy, it would be over already.
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

Recommended SPAM SettingsSmarterMail > Antispam and Antivirus
Find a Compromised AccountSmarterMail > Troubleshooting
554 Error - MTA Poor Reputation FixesSmarterMail > Troubleshooting
My spool is full of pending messages. What do I do?SmarterMail > Troubleshooting
Cannot Send Email MessagesSmarterMail > Troubleshooting