SpamCop considered harmful

Once upon a time, there was the Internet. The grass was green, the sun was shining, and everybody was happy. Along comes human nature. How much easier is it to make money by tricking people than taking an honest job? Yes, spam comes along. In the early days, mailservers were configured to just accept anything from anyone to anyone. This was quickly abused by spammers to use other peoples resources to send mail, so called open relays.

Next on scene: blacklists. Very effective in the beginning. I was one of the people to start the Open Relay DataBase, ordb.org (now defunct). In fact, some blacklists were so effective that the bad guys went on to use other ways to send their malware, and the ordb blacklist was no longer effective, and shut down.

Spammers have became so good in hiding their tracks, that blacklists aren’t effective anymore. They find a way to mix their rubbish with perfectly valid mail, and just refusing to accept mail from a specific IP-address will surely get you less spam, but you’ll also lose a lot of mail you did want to receive. Lots of other techniques exist to filter out spam from ham. Personally, I use a system based on Bayes’ statistics that “reads” my mails and from a statistical analysis of previous mails, which I told it I did or did not want, determines if it’s something I want. Also, there are a number of scoring techniques that assign a score to several criteria, this can be bayesian statistics or a number of blacklists or any other character of the message, and when that score gets over a certain threshold, the mail is refused or quarantined.

Now, why is SpamCop considered harmful? SpamCop has existed for a long time. It started by a comminity based blackist. Anybody in the community could submit an IP-address for blacklisting. This community is everybody with an internet connection. Do I trust everybody on the whole internet? Do I trust them to be knowledgeble enough on the techinical aspects of email filtering to determine which address should be listed? Most certainly not! SpamCop should never be used to refuse email. Maybe one might use it for scoring, but never should a SpamCop listing be used to refuse mail.

Today, I found out that SpamCop also added spamtraps. Even more, they are secret. A message to a friend of my got denied because of it and further examination showed that my “System has sent mail to SpamCop spam traps in the past week (spam traps are secret, no reports or evidence are provided by SpamCop)”. Aha! Evil me! But where is the evidence? Where did I go wrong? How do I fix it? Clearly, I am guilty unless proven innocent.

So I cannot repeat this enough. If you value your email, if you value your friends/collegues/etc. to be able to contact you, do not use SpamCop for blacklisting.

Leave a Comment