I'm not sure that I'd be interested in whitelisting anyone who's signed up to improve their marketing outreach.
Just to put this right: we do not certify ANYONE. We only certify those senders who reveal themselves as trustworthy. We take a very thorough look at who applies for certification. We reject applicants when they cannot comply with our requirements, or when we get the impression that they are not trustworthy. And for those who get through the certification procedure anyway: we still have our sanctioning mechanisms. Sascha -----Ursprüngliche Nachricht----- Von: iane@sussex.ac.uk [mailto:iane@sussex.ac.uk] Gesendet: Mittwoch, 11. März 2009 16:21 An: Sascha Wilms; anti-abuse-wg@ripe.net Betreff: Re: AW: [anti-abuse-wg] how to detect spambots - SPAMTrusted --On 11 March 2009 15:44:04 +0100 Sascha Wilms <Sascha.Wilms@eco.de> wrote:
Hi Ian, hi guys,
we actually enforce rules regarding bulk emails through the Certified Senders Alliance. Enforcement can naturally be applied only to those senders participating in the CSA - however, in Germany our service has become the de facto industry standard for email marketers, and the amount of emails sent by certified senders is huge. Thus, we have gained a very good leverage over this industry.
Well, that's all good. I see that in order to discover who's using your service, I have to agree not to blacklist any of your users. That's not so good. I'm not sure that I'd be interested in whitelisting anyone who's signed up to improve their marketing outreach. However, the fact that you require your users to publish SPF records is good. Are most of your members in Germany? This probably would be something I'd be interested in if you had a significant number of UK members. I do think that you need to get your English language documentation looked at by a native English speaking lawyer.
we at eco maintain a general complaints hotline, and I can't remember having seen any complaint by users or ISPs about a missing opt-out link only. Complaints are about UCEs, and not missing opt-out possibilities. So I guess we are pretty much the only body dealing with the enforcement of those rules like opt-out links, and we have effective sanctions for not sticking to the rules (and opt-out is definitely one of those rules!).
Actually, our set of rules goes beyond the stipulations made by the EU directive. And we keep on tightening the rules: SPF has now become mandatory for senders (ISPs are left with the choice whether to use this info); DKIM and double-opt-in, for example, are now recommended criteria and will be turned into mandatory criteria with the next revision of the admission criteria.
We consider this industry standard approach more efficient than any legislative approach.
Rgds Sascha eco association
-----Ursprüngliche Nachricht----- Von: anti-abuse-wg-admin@ripe.net [mailto:anti-abuse-wg-admin@ripe.net] Im Auftrag von Ian Eiloart Gesendet: Mittwoch, 11. März 2009 12:43 An: peter h; anti-abuse-wg@ripe.net Betreff: Re: [anti-abuse-wg] how to detect spambots - SPAMTrusted
--On 10 March 2009 20:17:50 +0100 peter h <peter@hk.ipsec.se> wrote:
UCE or spam is illegal in some countries, however legal authorities does not seem willing to hunt and procecute.
Under article 13 of EU DIRECTIVE 2002/58/EC, I think that the sending of UCE is illegal in every member state of the EU, which exemption where the recipient is an existing customer of the organisation sending the email. Even then, the sender has to give an opt out option with every email, and may only market "similar products or services".
I don't know anywhere that this is properly enforced, though.
-- Ian Eiloart IT Services, University of Sussex x3148
-- Ian Eiloart IT Services, University of Sussex x3148