The bigger fool



  • Who is the bigger fool, the email block list maintainer to blocks IP addresses that do not meet their criteria for being blocked, or the mail admin who uses them?

    We got an email from a customer about an anomaly on a credit card transaction. It happens. When we replied to inform her we'd be doing a refund, it bounced, based on a particular block list. Said block list is for IPs that appear to be dynamic, based on whether or not the sending IP has rDNS, and whether or not that rDNS meets their idea of naming conventions. Their web page, for more info, has an automated check for those two criteria. Our IP, of course, passed both, as it should. But we were on the dynamic list anyway. Sigh. There's a simple form to get it removed, and it now shows we are not on any of their lists any more. Stupid false positive, but no TRWTF.

    Stupid #1: The company hosting the email for our customer caches the DNS info for these block lists.

    Stupid #2: The company applies spam filters to their contact addresses. Non-standards compliant.

    TRWTF: They have a "contact us" web form to contact them. Fairly common, and effective way to protect your email addresses from web scraper spamtards. You fill in your name, address, and type in your message, and hit Submit. Which opens up a new email in your default email client, say, Outlook. With their email addresses filled in. And nothing else.

    That's right, they put the email addresses they wish to protect from spammers in a mailto: link in the <FORM> field.

    I do not expect an answer from them. But at least the email I sent through Gmail didn't bounce.



  • @taustin said:

    Who is the bigger fool, the email block list maintainer to blocks IP addresses that do not meet their criteria for being blocked, or the mail admin who uses them?
     

    Blind leading blind?

     @taustin said:

    We got an email from a customer about an anomaly on a credit card transaction

    Being a customer, I presume you have alternative contact details (phone number, etc).@taustin said:

    and hit Submit. Which opens up a new email in your default email client

    I had that on a govt form that promised all feedback would be anonymous and confidential. Only noticed the mailto: link once I hit submit and it tried to embed the form data in one long query string in Outloox Express.

    (yes, it was at a cyber cafe and they had OE installed)



  • @Cassidy said:

    @taustin said:

    Who is the bigger fool, the email block list maintainer to blocks IP addresses that do not meet their criteria for being blocked, or the mail admin who uses them?
     

    Blind leading blind?

     Blind leading the stupid, more like.

    @Cassidy said:

     @taustin said:
    We got an email from a customer about an anomaly on a credit card transaction

    Being a customer, I presume you have alternative contact details (phone number, etc).

     Ordinarily, maybe. Most retail stores do not have such information on most cash customers. In this case, it was a failed transaction due to technical problems, so no, we didn't. And the email from the customer didn't include any phone number.

    @Cassidy said:

    @taustin said:
    and hit Submit. Which opens up a new email in your default email client

    I had that on a govt form that promised all feedback would be anonymous and confidential. Only noticed the mailto: link once I hit submit and it tried to embed the form data in one long query string in Outloox Express.

    (yes, it was at a cyber cafe and they had OE installed)

    A WTF of its own.



  • @taustin said:

    Ordinarily, maybe. Most retail stores do not have such information on most cash customers. In this case, it was a failed transaction due to technical problems, so no, we didn't. And the email from the customer didn't include any phone number.
     

    I was of the assumption that with it being a query about a CC transaction that there'd be enough info to track the customer, but yeah - I see what you mean.

    I use some RBLs for my mail server but learned early on not to blindly trust them outright. The owner/maintainer of one RBL would add your domain/IP to the list if you raised a complaint about them, defeating the purpose of the list.  Another required payment for removal. Those were dropped pretty early on in my experiments.

    I've not had a great deal of false positives, and spamassassin seems to tag most stuff further up the chain that's managed to sneak past the frontline bouncers.



  • @taustin said:

    Who is the bigger fool, the email block list maintainer to blocks IP addresses that do not meet their criteria for being blocked, or the mail admin who uses them?
    How about anyone who thinks they're a 'block list'.



  • @Cassidy said:

    @taustin said:

    Ordinarily, maybe. Most retail stores do not have such information on most cash customers. In this case, it was a failed transaction due to technical problems, so no, we didn't. And the email from the customer didn't include any phone number.
     

    I was of the assumption that with it being a query about a CC transaction that there'd be enough info to track the customer, but yeah - I see what you mean.

    The credit card transaction will give us a name, but nothing else (and I believe it's illegal for the credit card company to share anything else with us, and certainly a violation of their policies).

    @Cassidy said:

    I use some RBLs for my mail server but learned early on not to blindly trust them outright. The owner/maintainer of one RBL would add your domain/IP to the list if you raised a complaint about them, defeating the purpose of the list.  Another required payment for removal. Those were dropped pretty early on in my experiments.

    The web page for the list in question warns that it's pretty aggressive, and you should be careful. Nothing wrong with that. The WTF is that our IP was on it despite not meeting the criteria to be on it as state in the "passed" results from the automatic tests.

    There's at least one list that adds pretty much any IP that the maintainer is aware of. For real. I gather he just adds the originating IP for all incomong email automatically.

    So yeah, these lists can, if they're maintained correctly, be used as a criteria, but shouldn't really be use as the criteria. In other words, while it's useful to use it to assign a heavy weight to scoring incoming messages, it shouldn't be enough in and of itself to block on.



  • @PJH said:

    @taustin said:
    Who is the bigger fool, the email block list maintainer to blocks IP addresses that do not meet their criteria for being blocked, or the mail admin who uses them?

     How about anyone who thinks they're a 'block list'.

    I'm sure the maintainer of the list in question would say the same thing. He probably has lots of time to talk to himself, not having that much incoming email and all.

    But, since we are, in fact, being blocked by it, it is, in fact, being used as a block list.



  • @taustin said:

    @PJH said:

    @taustin said:
    Who is the bigger fool, the email block list maintainer to blocks IP addresses that do not meet their criteria for being blocked, or the mail admin who uses them?

     How about anyone who thinks they're a 'block list'.

    But, since we are, in fact, being blocked by it, it is, in fact, being used as a block list.

     

    By the mail admin, not the list maintainer.

    The RBL websites point out that they do no blocking, they just maintian a list - how it is used (as a block list) is down to the user, not the maintainer.

    </pedant>

    @taustin said:

    So yeah, these lists can, if they're maintained correctly, be used as a criteria, but shouldn't really be use as the
    criteria. In other words, while it's useful to use it to assign a heavy
    weight to scoring incoming messages, it shouldn't be enough in and of
    itself to block on.

    That.

     

     


Log in to reply
 

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.