grey.uribl.com - This lists contains domains found in UBE/UCE, and
possibly honour opt-out requests. It may include ESPs which allow
customers to import their recipient lists and may have no control over
the subscription methods. This list can and probably will cause False
Positives depending on your definition of UBE/UCE. This zone rebuilds
several times a day as necessary.
It still doesn't change the fact that not everyone has "the feeling"
ContantContact sends UBE/UCE
For what it's worth, I do get legitimate mail from contantcontact. I
have signed up for updates from a local restaurant and they use
constantcontact. It was definitely not "confirmred opt in", but the
restaurant people (that I know personally) seems legit. I suspect
there's a lot of this.
The real problem is that constantcontact is neither an outright spammer
nor a fully legitimate mailer. They provide services to third parties,
some of which are spammers. But, they clearly do not have effective
means of enforcing that their customers do not spam.
I get spam from constantcontact, obviously having been signed up by one
of their customers illegitimately. This is fairly frequent (more than
legit mail), and I do forward it to abuse@. I don't recall getting "we
have terminated our relationship with this customer and kept the money
From the non-spamming bond" as a reply; it's more like "we've added your
email to the list who will never get mail from this client".
I may also have reported constantcontact to URIBL. My experience with
URIBL is that they are conservative in adding listings of such marginal
places (too conservative in my opinion, as evidenced by the log of "REJ:
too many legitimate users; use a local rule" replies :-).
I think part of why this is hard is that different people have vastly
different ham/spam ratios for constantcontact. People who sign up for
many newsletters and have a newish address perhaps see only/mostly ham.
I am not into newsletters and my experience is mostly spam.
Surely the fraction of constantcontact urls that would be looked up
relative to the total url lookup load is miniscule, but I don't have
data.
Is anyone from constantcontact here? Could they explain the contractual
framework by which they do (or don't) require customers to agree to
follow opt in? Could they explain what they do when they encounter
customers who add addresses that are not opt in? (In my view people who
can do bulk subscription without an ESP confirming opt-in should have to
post a big bond attesting that the addresses are COI already, to bring
the ESP spam level down to very low levels. Otherwise I consider the
ESP to be a spammer.)
So I don't see a reason to give constantcontact a pass from uribl
lookups at the SA level. (We can have a separate debate about the score
for URIBL_GREY, but my experience is that most hits are spam and I score
it up to +2 from 0.2.)
attachment0 (199 bytes) 