An Educational Kerfuffle in Anti-Spam Land
By Ken Magill
Anti-spammers have been skirmishing over the final touches of a best-practices document that has been in the works since 2004.
How important was the kerfuffle to marketers? Not very. But it was somewhat entertaining and it offers the opportunity to gain some insight into a group of people marketers love to hate: operators of anti-spam blacklists.
A project of the Anti-Spam Research Group, the document in question’s aim is to lay out best practices for blacklist operators.
“The idea was there really should be some guidelines out there that say: ‘If you’re going to run a blocklist [anti-spammers’ preferred term for blacklists], these are the things you need to think about and these are the things that people who have been running blocklists for five, seven, 10 years have worked out is an effective way to run a blocklist [and] a good way to manage interactions with people who get listed,” said Laura Atkins, principal at deliverability consultancy Word to the Wise, in an interview with The Magill Report. “The BCP [best common practices] is the collective wisdom of people who have been running blocklists for a long time.”
Anti-spam blacklists, or blocklists, are lists of IP addresses of emailers the lists’ operators have deemed to be spammers. Email inbox providers and administrators can set up their mail-sorting systems to reference any combination of these lists to help them determine if incoming email is spam or not.
A marketer who ends up on a widely used blacklist—Spamhaus, for example—can experience severe email delivery troubles.
Anyone can set up an anti-spam blacklist. It is estimated that there are about 150 of them in operation. Some are more responsible than others.
“Any idiot can run a blocklist and a lot of idiots do,” said John Levine, author of Internet for Dummies and chair of the Anti-Spam Research Group.
“All the others, everyone kind of looks at and says, ‘yeah, whatever,’” said Atkins.
As a result, a marketer can get listed on any of about 147 different blacklists and it won’t matter.
“It’s important for marketers to understand that there are a lot of blocklists out there and that not all of them are worth paying attention to,” said Atkins.
She said sometimes marketers will find out they’re listed on some Podunk blacklist while at the same time see that their email is being blocked by an ISP and wrongly assume the blacklist is responsible for blocking their email.
“Just because you find out that an IP address is on a blocklist does not mean that that blocklist is responsible for your mail bouncing at various ISPs,” she said. “There may be correlations. If you’re doing something that gets you listed on a blocklist, it’s very likely that some ISP may take exception to that and block you mail or temp fail you or whatever, but that does not mean the ISP is using that blocklist. ISPs are very selective about the blocklists they use.”
Which brings us to the recent conflict over the Anti-Spam Research Group’s efforts at crafting a best-practices document for blacklist operators.
Among the document’s recommendations is that blacklist operators should not charge blacklisted emailers to get delisted.
“Charging emailers for delisting incentivizes all the wrong things,” said Neil Schwartzman, anti-spam expert and executive director of the Coalition Against Unsolicited Commercial Email.
Added Levine: “It makes it hard not to turn it into a shakedown.”
However, one participant in the discussion, Claus von Wolfhausen, technical director of little-known German blacklist UCE Protect, took issue with the no-charge-for-delisting clause.
Why? Because UCE Protect charges for expedited delisting.
The folks at UCE Protect were so incensed by the group’s consensus that blacklisters shouldn’t charge for delisting that they staged a short strike during which they refused to delist anyone.
Then, von Wolfhausen became so incensed, he quit the group:
“[Y]our BCP 07 [best practices document] is at best a joke and nothing that a professional person will ever take serious,” he wrote in his final message to the group.
“All people that have voted for it have clearly given proof that they are really blind or incompetent and their only reasoning to vote for this BCP was to harass the UCEPROTECT-Network,” he continued. “That means the UCEPROTECT-Network will gladfully ignore this group and it's decisions or votings from now.” [quotes are exact]
But here’s the entertaining part: During the discussion, von Wolfhausen claimed his network protects 1.5 million email boxes.
“That number is so small, it rules out all the major ISPs,” said Levine. “Even Claus admitted he’s trivial.”
In other words, whatever von Wolfhausen decides to do means little to nothing to emailers.
A key lesson is that widely used blacklists are not vendetta lists, said Levine.
“Claus thinks [by charging for delisting] he’s punishing the bad guys, which is ridiculous,” he said. “The sole goal of people who operate widely used blocklists is to protect the inboxes of their users from email they don’t want.”
In any case, for those who choose to slog through it, BCP 07 offers insight into the way the major blacklist operators think. Access it here.