Topica.com's SBRS

Unanswered Question
Aug 19th, 2008

We've received two "block removal" requests from Topica.com recently. Their SenderBase reputation score is a fairly low -3 for many of their "silver" SMTP servers, but some of their servers like the "gold" and "platinum" ones have neutral or good reputations. I even see a TRUSTe seal for some others. :?

I've confirmed with IronPort support that the negative SBRS was intentionally set and not some fluke. I don't know much about Topica.com. They aren't currently found on many RBLs. I'd rather not make an exception in the policies for them; my instinct is to tell them to go pound sand. Probably the better response it ask them to work it out with SenderBase. Has anybody else come across this problem and how did you handle it?

Thanks,
Brandon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
valter_ironport Tue, 08/19/2008 - 21:01

Hi Brandon,

The SBRS is a very dynamic. IronPort use more than 100 parameters to set the reputation. The best they can do is to make sure they are not sending spam or malware to the Internet using the IPs address used to send email.

You can also create an IronPort Customer Support ticket so we can investigate the issue.

Regards,
Valter

Donald Nash Wed, 08/20/2008 - 00:10

Topica pestered us for a while as well, back in June and July. In response to the first request, I politely refused and explained about SenderBase and how their bad scores probably had good reasons behind them. I checked our logs and found some spammy looking subject lines coming from them (I didn't try to correlate with message disposition as spam/ham), so their bad SBRS didn't surprise me. Topica's representative responded with some hand-waving about SenderBase not being as accurate as we think it is, but didn't provide any documentation as to why we should believe him. I didn't say this to him, but what I was thinking was that I trust IronPort more than I trust Topica.

In response to the second request a couple of weeks later, I basically said, "Nothing has happened in the past two weeks to give us cause to reconsider, and we don't foresee this changing. Future requests of this sort will be ignored." I also told him to quit spamming all our WHOIS contact addresses, since he already knew the one correct address to use from his previous contact with us. On a more humorous note, I saw that the boilerplate letter this time included language about SenderBase, which amused me.

In response to the third request (which again went to all our contact addresses instead of just to the correct one), I basically told him to get lost, whereupon he said that he'd keep asking us until we did what he wanted. He also bragged about his qualifications, like that's going to impress anyone. After explaining to him about the legal definition of harassment, I added him to an IronPort filter script that implements a simple mail-from blacklist, so now his mail is bounced back to him. I could have used our other mail-from blacklist that drops instead of bounces, but I wanted him to know for certain that we were blocking him. I also told him that if he tries to evade the blacklist by using a different e-mail address (which he threatened to do), then I'd blacklist all of Topica. He handily provided their entire IP address range hoping that I'd whitelist it. I haven't heard from him since.

This guy amazed me with his utter unprofessionalism. He's exactly what I'd expect from a spammer. He also struck me as being not too different from my two year old son: keep asking the same question over and over and then throw in a temper tantrum, and maybe you'll get your way.

bpoyner_ironport Wed, 08/20/2008 - 13:30

Thanks for the reply Don. Hopefully it's of use to other IronPort customers getting these requests from Topica as well.

If our users were asking where their Topica emails went, that would be one thing. But the only one complaining is Topica.

My boss wants me to reply to their unblock request with an explanation for the block. I saw coming what you described, which is Topica doing a bunch of hand waving and dismissal of the spamming accusations. I'm sure they'll try to launch into a debate with me rather than do the one thing that clears it all up -- clean up their SBRS. :roll:

Donald Nash Wed, 08/20/2008 - 16:39


I'm sure they'll try to launch into a debate with me rather than do the one thing that clears it all up -- clean up their SBRS.


Funny you should mention that. In our first encounter with them, I suggested that they sign up for a third-party certification service like SenderScoreCertified or Habeas (although I didn't actually mention any by name). I explained that this would help them with everyone, so they wouldn't need to pursue separate whitelistings from each individual institution that was blocking them. This suggestion fell on deaf ears. He didn't even acknowledge that I had made it, but instead just launched into his hand-waving about SenderBase.

In retrospect, I'm not surprised. These services work by having the organization that is seeking certification post a bond that will be debited when a confirmed spam complaint comes in. If you really are sending spam then a certification service will not work for you.

The important thing is, don't play their game. Tell them why they're being blocked, tell them what they can do to correct it, and tell them that the situation is non-negotiable. If they persist, well, you've got the tools to deal with that in as punitive a fashion as you see fit.

Actions

This Discussion