This file is one of the evidence, example or data files that accompanies the "Nadine" Story, an account of commercial mailing lists gone amok. See the main page for the details.
To: "Garcia, Josephine" <Josephine.Garcia@247Media.com> Subject: Re: TS0958 RBL Candidacy and General E-mail Domain Ban: enlist.com From: Home Office Networks Postmaster <postmaster@HONet.com> Date: Thu, 27 Jul 2000 07:19:20 -0700 Hello, The issue at hand is perfectly exemplified by your communication quoted below. >>>>> THERE IS NO NADINE@HONET.COM. <<<<< There may actually be such a person as >Nadine Smith [Street Address] [City, State, ZIP] >DOB: [Date of birth] whose personal information you have now revealed to a total stranger, but she does not have an account here, and never has. I've never heard of her, and I am the only person who could possibly add her to honet.con's mail server. THE SIGNUP WAS BOGUS. All email to nadine@honet.com ends up in my "postmaster@honet.com" mailbox, and I have to handle it, along with hundreds of other similar pieces of email per week to non-existing local addresses. Rather than try to unsubscribe all of these addresses from hundreds of lists, I simply block ALL further traffic from the sending domains for an indefinite period. This means that even legitimately signed-up users here will not get mailings from the offending domains. I am by no means the only mail server administrator that does this. Delivere.com takes absolutely no steps to assure that any addresses they have been given were given to them by the actual owners of those addresses. This opens everybody involved to serious risks: delivere has no protection against fraudulent and/or malicious signups. If the email address is given to delivere in return for some delivery of value, delivere is easily defrauded. The actual owner of an address may find that she has to go around unsubscribing herself from lists she never subscribed to. The proprietor of a mail server finds that more and more of his bandwidth and server capacity is taken up by mail sent to bogus subscriptions. For example, I could sign your address up at one of their sites and you would then have to remove yourself from all of the subsidiary lists that the address gets added to. If I wanted to harrass you, I could do this daily or weekly. Worse still, if I wanted to harm delivere, I could sign up the addresses of several dozen well-known fanatical anti-spam activists, and all of delivere's mail servers would soon find themselves being blocked at many domains world-wide. The emerging industry standard is: confirmed voluntary subscription, also called "closed loop opt in". If delivere did this, none of these things can happen, because the owner of a newly-submitted address gets a message saying "Somebody signed up your address to receive mail from us. Please confirm this by replying to this message. If it was not you, do not reply, and your address will be dropped from our list." If no further e-mail from any of the sources that have been sending to "nadine@honet.com" show up in my server's logs after 30 days, I will remove the blocks that presently deny all traffic from all those sources. If you would like further information on verified subscription systems, I will be happy to provide it. honet.com maintains several subscription lists that use these techniques. Michael Rathbun [snip copy of original Josephine Garcia email]Back to The Nadine Story.