I am going to go on a bit of a rant here, so let me warn you up front. In fact I was so upset by the attitude of Spam Cop that I have taken the unusual step of posting on both my own personal blog and on here, something I don't think I have done in my 2 years of writing on Network World. But the word needs to be spread about what I think is a very wrong attitude and policy.
In my 20+ years of working in technology and the Internet I have learned many lessons. One of the things I have learned is that when the medicine is worse than the sickness, it is time to get a new medicine. We need a new medicine to replace Spam lists like Spam Cop.
Yesterday I was mailing with some of my fellow board members of the West Boca Tackle Football league. I do so pretty regularly because as a board member there are always things that need to get done. All of a sudden my email was being refused by one of the ISPs of one of the members of the board. I got that nice bounce message with a link to find out why my mail was being refused as spam.
I followed the link and it took me to Spam Cop that explained the IP my GoDaddy-based email server was on was in a block of IPs that had made it onto the Spam Cop list. I know it happens from time to time and I did what I always do. I wrote a very nice note to the admin address given, explaining that I am not sure why my IP would be there, we do not spam, but would they please remove it. It has always worked in the four or five times this has happened in all of these years.
Last night I got a long-winded reply from Spam Cop by someone by the name of Don D'Minion (that should give you an idea of what we are dealing with here). Don sent me I guess his standard letter, that Spam Cop has nothing to do with blocking my email. They are not in the equation, but that ISPs are sick and tired of all the spam and “They no longer have any sympathy for the innocent bystanders, such as yourself, who are using a mail server which has found its way onto one of the several major blocking lists.” But in any event Mr. D'Minion said there was nothing he or Spam Cop could do because they are not blocking me.
Well, I call bull on Spam Cop. They are directly responsible for my mail being blocked wrongfully first of all. It is their list that the ISP is using. If that IP address is not on the list, my mail is not blocked. So at least have the decency and courage to get out from behind the ISP’s skirts and state the truth!
Secondly, the “heck with the innocent bystanders" stuff is just wrong. If the police said lets just start shooting because there is a criminal in the area and shot a bunch of innocent bystanders it makes them as bad or worse than the criminal. Same thing for Spam Cop. If you are not going to try and distinguish between the real people spamming and the innocent people (BTW they had a whole bunch of IPs in this particular block, I imagine a good chunk of GoDaddy folks), then you have lost the reason you got into this in the first place and you have no business doing this anymore.
The silver lining here is the more innocent people who get blocked, the more legitimate email that doesn't go through, the more likely the customer who uses the ISP using spam cop will leave to go somewhere else and the more likely that ISP is to eventually stop using over aggressive spam police like Spam Cop.
Now I know that spam is a serous problem. There are lots of good companies fighting the good fight against it. But when the philosophy becomes to throw the baby out with the bath water, it is time to switch methods.There are too many good technologies and services out there that don't sacrifice the innocent to punish the guilty. Any company that would do that has lost its way. They are so busy trying to win the war, that they forgot who they are fighting for.
As co-founder and Managing Partner at The CISO Group, Alan Shimel is responsible for driving the vision and mission of the company. The CISO Group offers security consulting and PCI compliance management for the payment card industry. Prior to The CISO Group, Alan was the Chief Strategy Officer at StillSecure. Shimel was the public persona of StillSecure as it grew from start up to helping defend some of the largest and most sensitive networks in the world.
Shimel is an often-cited personality in the technology community and is a sought-after speaker at industry and government conferences and events. His commentary about the state of security, open source and life is followed closely by many industry insiders via his blog and podcast, "Ashimmy, After All These Years" (www.ashimmy.com). Alan is now also a regular contributor to The CISO Group’s security.exe blog and podcast. Follow him on Google.
Alan has helped build several successful technology companies by combining a strong business background with a deep knowledge of technology. His legal background, long experience in the field, and New York street smarts combine to form a unique personality.
Disclosure: The CISO Group sells a software-as-a-service PCI compliance application called SAQPro. The company is independent and does not represent any other vendor's products as a reseller.
Policy on comments: Respectful discussion is welcomed! However comments that use inappropriate language, consist of name calling or personal attacks, or include accusations of wrongdoing are not appropriate. Those comments will be deleted or edited.