Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




147 posts

Master Geek
+1 received by user: 1


Topic # 85918 28-Jun-2011 09:31
Send private message

A couple of customers use Orcon and have had issues with mails getting delivered. Both times they've noticed that Orcon has flagged their mails as spam using DSPAM, and suggested that this may be the cause.



This raised a few questions for me, and I'd love to get some informed answers from the Orcon tech team.

1. What benefits are there for Orcon customers in having some emails be marked as spam without notification?

2. Does outbound spam flagging provide any meaningful data to remote systems?

Presumably if any remote system trusted another host's spam assessment, every spambot would add headers flagging mails as NOT SPAM before sending it. I don't see why any mail host would believe the labels applied by a remote system (unless it was specifically told to trust that system).

3. If the idea is to protect the Orcon network reputation by reducing spam, why even deliver emails which are flagged as spam?

4. Wouldn't it make more sense to notify customers that their IP had sent emails which appeared to be spam, either by refusing to send the messages, or by quarantining / flagging and delivering a notification to the account holder or sender?

5. If nothing else, wouldn't it help to engage the X-DSPAM-factors header for outbound mail? That way customers who are flagged as spam can learn that the issue is with their ADSL IP address being blacklisted, or their email containing suspicious keywords, or whatever.

I do understand that protecting the ISPs reputation is important, and that there may be situations or reasons I'm unaware of.

I also realise that there may be other reasons for mail not being delivered, even which are unrelated to the DSPAM headers Orcon adds sometimes.

I hope to learn why this current situation exists, and to ask whether it's the best possible arrangement for Orcon customers.

I'd also like to know which (if any) ISPs add spam detection headers to outbound messages. Is it common practice?

Thanks!

Create new topic


147 posts

Master Geek
+1 received by user: 1


  Reply # 486740 28-Jun-2011 09:38
Send private message

Because it was funny at the time ...

When we enquired with Orcon's support desk, the replies from Orcon support team were flagged as spam by DSPAM.

Yell

Also, http://www.geekzone.co.nz/forums.asp?forumid=82&topicid=71743 - similar topic here.

2915 posts

Uber Geek
+1 received by user: 414

Trusted
Subscriber

  Reply # 486763 28-Jun-2011 10:26
Send private message

For what it's worth, it doesn't help anyway - Orcon's outbound MX is flagged as a spam source by Hotmail.

 
 
 
 




147 posts

Master Geek
+1 received by user: 1


  Reply # 486792 28-Jun-2011 11:25
Send private message

That is actually what I saw as well - loadbalancer1 being rejected by hotmail as spammy - when I tried to duplicate the issue my mail was accepted via mx7. Thanks for confirming.

1881 posts

Uber Geek
+1 received by user: 627

Trusted

  Reply # 486794 28-Jun-2011 11:29
Send private message

This has to be a misconfig on their part.

6294 posts

Uber Geek
+1 received by user: 377

Moderator
Trusted
Subscriber

  Reply # 486828 28-Jun-2011 12:27
Send private message

xurizaemon: I'd also like to know which (if any) ISPs add spam detection headers to outbound messages. Is it common practice?


Not sure if it's common practice, but one of our hosting providers does it.  Very frustrating when alert emails are marked as spam even before they reach the receiver.

We ended up putting in our own secure MTA to get around this.



147 posts

Master Geek
+1 received by user: 1


  Reply # 487330 29-Jun-2011 10:59
Send private message

Orcon responded (via Twitter, where @freitasm had mentioned this thread).

They have said that they will post something soon.

DBP

1 post

Wannabe Geek


  Reply # 488182 1-Jul-2011 10:24
Send private message

This move/mistake by Orcon is drivng me mad!

We have heaps of members, customers and volunteers who use Hotmail addresses (including me) and I can't email any of them. Sometimes I can sneak an email through by stripping it in Notepad first, but often this doesn't work. It doesn't seem to matter whether the email is a forward, reply or an original, with the content also not making a difference.

Hopefully someone from Orcon reads this feedback and so many complaints, as the problem is very serious for our organisation.

Cheers,

Dave 

8020 posts

Uber Geek
+1 received by user: 386

Trusted
Subscriber

  Reply # 488283 1-Jul-2011 15:06
Send private message

Had a similar problem with vodafone, ISP's don't seem to care much about managing their email service much these days.

Better off using Google Apps or Microsoft BPOS/365 where possible.

677 posts

Ultimate Geek
+1 received by user: 27

Trusted

  Reply # 490855 7-Jul-2011 23:29
Send private message

Sorry for the very late reply, I spoke to Quentin and promised an update here. Completely my fault for not doing one sooner.

We have been working on this issue, and we are continuing to pay quite some attention to the mail platform.

As I have information that can be shared I will update this discussion.

Regards

Paul




meat popsicle



147 posts

Master Geek
+1 received by user: 1


  Reply # 492452 12-Jul-2011 14:03
Send private message

Thanks Paul. I do hope someone at Orcon will be able to answer the questions in my first post.

It's been a while since I posted them ... To me they look like pretty straightforward and simple queries. I tried to be as succinct as I could!

If some of them are unanswerable, even a reply saying "I can't answer this question because the SIS forbade me to discuss their email monitoring server." would be more useful than nothing at all.

Maybe you could have someone answer just the easy ones?

677 posts

Ultimate Geek
+1 received by user: 27

Trusted

  Reply # 493078 13-Jul-2011 21:04
Send private message

I have snipped this a bit to 'try' and keep it short. Short like a novel...
If i cant answer it because i don't know i will say so, if i plain cant answer it it will be clear.

xurizaemon:

This raised a few questions for me, and I'd love to get some informed answers from the Orcon tech team.

1. What benefits are there for Orcon customers in having some emails be marked as spam without notification?


I am not sure i fully understand your question here. Are you asking why would we mark something as spam X-DSPAM-Result:Spam but not inset a [SPAM] tag in the subject? Or is this something else you are asking?
Also customers can set what they want to happen with mail identified as Spam, and in some cases this may not behave how you would think.


2. Does outbound spam flagging provide any meaningful data to remote systems?


No, unless you have an agreement with that external provider.


3. If the idea is to protect the Orcon network reputation by reducing spam, why even deliver emails which are flagged as spam?


In the effort to reduce Spam you can safely assume that many providers drop a very large amount of inbound email as Spam, from previous positions i know we dropped a significant amount of Spam. I am not sure i can say what significant == but some light googlepedia searching will give you reasonable answers.

However we also try to strike a balance where by the customer can decide what they want to have delivered, some people want the Spam, just marked as such and placed somewhere for later review.
Others just bin it.


4. Wouldn't it make more sense to notify customers that their IP had sent emails which appeared to be spam, either by refusing to send the messages, or by quarantining / flagging and delivering a notification to the account holder or sender?


In effect we do this, although not as elegantly as we would like to, we do this with the worst offenders.
Infected machines are also only one vector for Spam to enter a network like ours so although it might seem a better way it would not be the only way, and it adds complexity to an already complex system.


5. If nothing else, wouldn't it help to engage the X-DSPAM-factors header for outbound mail? That way customers who are flagged as spam can learn that the issue is with their ADSL IP address being blacklisted, or their email containing suspicious keywords, or whatever.


I personally dont think the average customer would have any clue what X-DSPAM-factors is telling them, sure some would but the majority would not.
I think what you may be suggesting is a rating inserted into the message that is easy enough to understand?

Where I have used this in the past it can lead to increased calls to the helpdesk with people asking 'Why are you putting stuff in my email' etc or even more interesting, trying very hard to get the best score - being the highest...

Huh, I was able to put some words around all of those...
No idea if it answers the questions you really had but there you go.

Paul




meat popsicle



147 posts

Master Geek
+1 received by user: 1


  Reply # 493214 14-Jul-2011 08:58
Send private message

ptinson:
xurizaemon:
1. What benefits are there for Orcon customers in having some emails be marked as spam without notification?


I am not sure i fully understand your question here. Are you asking why would we mark something as spam X-DSPAM-Result:Spam but not inset a [SPAM] tag in the subject? Or is this something else you are asking?

Also customers can set what they want to happen with mail identified as Spam, and in some cases this may not behave how you would think.


Apologies, I didn't make it entirely clear that I was referring to your practice of marking *outbound* mail using DSPAM.

So: Assume I'm your customer, and I send a postcard to a friend. When I visit her house, I find that the person I paid to deliver my message has written *SPAM* on it in red ink first. I feel like it's rude to do this without giving the sender notification of some kind (but better would be not to do it).



2. Does outbound spam flagging provide any meaningful data to remote systems?

No, unless you have an agreement with that external provider.


Hmm. So I wonder why Orcon would be going to the overhead of DSPAMing outbound mail, if none is blocked (so there is no improvement in your reputation) and there is no advantage in doing so (unless there is a second part to your answer? " ... and we have arrangements with A, B and C.")



3. If the idea is to protect the Orcon network reputation by reducing spam, why even deliver emails which are flagged as spam?


In the effort to reduce Spam you can safely assume that many providers drop a very large amount of inbound email as Spam, from previous positions i know we dropped a significant amount of Spam. I am not sure i can say what significant == but some light googlepedia searching will give you reasonable answers.

However we also try to strike a balance where by the customer can decide what they want to have delivered, some people want the Spam, just marked as such and placed somewhere for later review.
Others just bin it.


Again, I confused things by not being 100% specific that I was referring to outbound mail only. I understand the reasons for inbound spam filtering. Are you able to answer the above question with respect to outbound mail?

3. If the idea (of flagging outbound mail using DSPAM) is to protect the Orcon network reputation by reducing spam (outbound from Orcon's network), why even deliver emails which are flagged as spam (and have been sent by Orcon customers to external networks)?



4. Wouldn't it make more sense to notify customers that their IP had sent emails which appeared to be spam, either by refusing to send the messages, or by quarantining / flagging and delivering a notification to the account holder or sender?


In effect we do this, although not as elegantly as we would like to, we do this with the worst offenders.
Infected machines are also only one vector for Spam to enter a network like ours so although it might seem a better way it would not be the only way, and it adds complexity to an already complex system.


For two customers with "small business" email usage profiles, I have had them contact me because they found that some emails were not reaching their customers. When I investigated I found that they were sending via Orcon (SMTP is part of your service package) and that you were marking their mails as spam without notification.

If only the worst offenders are notified, then it seems like the current situation favours those people who actually send spam (they at least get alerted to the situation) while others have their mail disappear into thin air (or junk folders). That doesn't seem like the best arrangement.

To reduce complexity, perhaps Orcon might consider not running DSPAM on outbound mail, as the benefits may be nil (q2 above) and the cost appears to be high (DSPAM marks >50% of legit mail as spam based on my unscientific assessments).



5. If nothing else, wouldn't it help to engage the X-DSPAM-factors header for outbound mail? That way customers who are flagged as spam can learn that the issue is with their ADSL IP address being blacklisted, or their email containing suspicious keywords, or whatever.


I personally dont think the average customer would have any clue what X-DSPAM-factors is telling them, sure some would but the majority would not.

I think what you may be suggesting is a rating inserted into the message that is easy enough to understand?


From past experience, response time on Orcon support tickets regarding email is best measured in weeks, and many tickets simply seem to go unhandled. Turning on X-DSPAM-factors would allow me to be very specific with the first contact: Hey, loadbalancer1 is blacklisted for Hotmail. Otherwise we have to sit through a couple of cycles with a support "tech" posting back canned replies which don't relate to the issue described.

No, not a dumbed down rating. If you insist on marking messages your customers send as spam, you owe it to your customers to give them the information they need to avoid this treatment. Otherwise your SMTP service, paid for by your customers, is nothing but a gamble.

Technical people may understand the nature of technology and that some messages might not make it. The "average customer" you refer to trusts email the same way they trust the phone, power and postal services.


Where I have used this in the past it can lead to increased calls to the helpdesk with people asking 'Why are you putting stuff in my email' etc or even more interesting, trying very hard to get the best score - being the highest...


You're already putting stuff in their email. I'm suggesting you either stop putting it in the outbound email, or give your customers meaningful information to help them avoid it getting put there.


Huh, I was able to put some words around all of those...
No idea if it answers the questions you really had but there you go.


I really appreciate your replies, and apologise for not being more specific about the outbound nature of this issue when I first asked.

Currently DSPAM marks about 50% of one customer's legitimate email as spam. When we route mail through a provider like Gmail, we see much more correct behaviour (SPF checks honoured and the like). Your DSPAM marks your own support ticket emails as spam. I believe this suggests a poor DSPAM config, but at least it can be disabled or ignored on inbound mail. Outbound DSPAM is not helping!

Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

New Zealand government to create digital advisory group
Posted 16-Dec-2017 08:47


Australia datum changes means whole country moving 1.8 metres north-east
Posted 16-Dec-2017 08:39


UAV Traffic Management Trial launching today in New Zealand
Posted 12-Dec-2017 16:06


UFB connections pass 460,000
Posted 11-Dec-2017 11:26


The Warehouse Group to adopt IBM Cloud to support digital transformation
Posted 11-Dec-2017 11:22


Dimension Data peeks into digital business 2018
Posted 11-Dec-2017 10:55


2018 Cyber Security Predictions
Posted 7-Dec-2017 14:55


Global Govtech Accelerator to drive public sector innovation in Wellington
Posted 7-Dec-2017 11:21


Stuff Pix media strategy a new direction
Posted 7-Dec-2017 09:37


Digital transformation is dead
Posted 7-Dec-2017 09:31


Fake news and cyber security
Posted 7-Dec-2017 09:27


Dimension Data New Zealand strengthens cybersecurity practice
Posted 5-Dec-2017 20:27


Epson NZ launches new Expression Premium Photo range
Posted 5-Dec-2017 20:26


Eventbrite and Twickets launch integration partnership in Australia and New Zealand
Posted 5-Dec-2017 20:23


New Fujifilm macro lens lands in New Zealand
Posted 5-Dec-2017 20:16



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.