Today I'm not all that happy with Shaw as my email provider. I've received 5 exactly identical spams, a stock-promoting email with subject "okay now lets get down to it". The last two arrived many hours after I'd reported the earlier ones to Shaw's spam-reporting service. This is the second time I've noticed such an occurrence - getting more of EXACTLY the same thing hours after I'd reported it as spam!
The previous time I grumbled about it to firstname.lastname@example.org since it was a phishing attempt being sent from a shawmail-user, and also to their customer-support email-id since it demonstrated several serious flaws in their spam-filtering. But having received no response, and seeing no hint that Shaw is mending their ways, what do I do now? I have been faithfully forwarding all spam and only spam to email@example.com, ever since they introduced their spam-filtering, but this appears to be a completely pointless exercise:-(
Date: Sat, 02 Sep 2006 00:13:27 -0500 From: Eugene Reimer
To: firstname.lastname@example.org, email@example.com Subject: Spam and Phishing Earlier today, at 14:35, I reported a spam-email to firstname.lastname@example.org. Then at approximately 23:13 I received another spam-email EXACTLY IDENTICAL to the one reported earlier. I am annoyed! Is there any point in reporting spam-emails to email@example.com ?? Please note that these are not only spams, but are also blatant phishing attempts (pretending to be from PayPal), and the most simple-minded of phishing-detection methods would have so diagnosed them. Note that these spammers/phishers are sending directly to "shawmail".
Shaw is Non-Compliant
Back in April, I wrote to them twice about a different email- and spam-related matter. Basically anyone with an firstname.lastname@example.org email-address is more likely to have emails he/she sends be diagnosed as spam, because shaw.ca is on a "blacklist" for not living up to certain minimal standards of proper conduct as an email provider. Their sin: the fact that emails sent to email@example.com or firstname.lastname@example.org are never read by a human, at least not one with the brain turned on. I have received no response to either of those emails, sent on 2006-04-10 and 2006-04-20. These guys are shameless unrepentant sinners!!
Date: Thu, 20 Apr 2006 22:54:16 -0500 From: Eugene Reimer
To: email@example.com Subject: Shaw.ca is blacklisted A friend reported that email from me was being mis-diagnosed as spam by their spam-detection software, and she sent me a copy that contained the Spam-Assassin report. One preventable item that caused several points in their scoring system is Shaw being non-compliant WRT receiving email at firstname.lastname@example.org and at email@example.com. I hope that you can and will correct this? The site that has Shaw blacklisted for such non-compliance is: http://www.rfc-ignorant.org/tools/lookup.php?domain=shaw.ca I asked about this ten days ago. Can you please let me know whether Shaw intends doing anything about this?
Shaw Non-Compliant And a Source of Spam
2006-Sep19: Another incident where an email I sent was mis-diagnosed as spam: I sent a solicited email to CharityVillage.com; their spam-filtering service ZeroSpam.ca was kind enough to inform me that it was turfing my email; furthermore, Mylo Riley of CharityVillage was good enough to provide the somewhat more detailed report explaining ZeroSpam's reasons for this diagnosis, as shown here:
BAYES_40 Some suspects words (like FREE in caps). DNS_FROM_RFC_ABUSE Envelope sender in abuse.rfc-ignorant.org DNS_FROM_RFC_POST Envelope sender in postmaster.rfc-ignorant.org FORGED_RCVD_HELO Contains a forged HELO (pd8mo1no.prod.shaw.ca does not exist) RCVD_IN_BL_SPAMCOP_NET Received via a relay in bl.spamcop.net (their server 220.127.116.11 is blacklisted by spamcom).
Please note that Shaw.ca is now guilty of several additional infractions, besides the "RFC ignorance" which I'd been aware of previously. Their using a non-existent hostname is likely just sloppiness, at least I don't see how it could profit them. The SpamCop blacklisting is because Shaw is the source of spam! You can query the SpamCop IP-based blacklist; for example, to check the IP-address 18.104.22.168, see www.spamcop.net/w3m?action=blcheck&ip=22.214.171.124.
Shaw is effectively without a "complaints department". You can complain by email, but such emails appear to be discarded without any human seeing them.
Shaw has excellent spam-filtering technology - but it appears that it can be bought. Hmm, taking money from those Phishing fraud-artists would be a crime, wouldn't it?
Because of all their infractions, including being the source of a lot of spam, Shaw is on so many blacklists, that anyone using them for the sending of email runs much too high a risk of his/her emails being regarded as spam.
In Winnipeg, our only alternative for high-speed internet-connectivity is the local phone-company, and we already know they behave like a phone-company, have a worse record than Shaw when it comes to outages, and have somewhat inferior spam-filtering. They do however have a better record in the area of RFC-compliance WRT emails to abuse or postmaster. And who knows whether their spam-filtering can be bought off?
The answer (in Winnipeg or other Shaw-city): buy your internet-connectivity from Shaw, but use some other email-provider. But where does one go for email? Using a free email-provider seems likely to put one into the same sort of dubious company, as there will be many spammers using those services; and I'd be reluctant to pay for something that's supposed to be included in my contract with Shaw. Aha, both Google-mail and Yahoo-mail have recently started using Domain-Key-Signatures, and so using one of them may be the answer I seek. Comments are invited, at firstname.lastname@example.org, for the time being:-)
Reporting spam to Shaw remains pointless. Today I received a 4th copy of the "BMO - Online Alert for Mosaik MasterCard" phishing email, after I'd thrice reported it as spam, the first two times more than two-weeks ago! Incidentally the fraudster's URL is the only thing that changes slightly from one copy to the next, being http://smurl.name/r4c8 http://smurl.name/e4w6 http://smurl.name/63mz http://smurl.name/63mz in my 4 examples. They were sent via elcomsoft.com 126.96.36.199 (in Moscow Russia), two originating from 188.8.131.52 (in Koeln Germany), and two from 184.108.40.206 (in Dortmund Germany). All of them being the sort that's detected by the simplest of scam-detecting methods makes it all the more suspicious that Shaw fails to detect them as spam, never mind as scams. Even the scam-detector that's built-into Thunderbird-v2 detects them as scams. (I've upgraded my Thunderbird emailer since the earlier parts of this rant.) Furthermore, these scamming spams are only a subtle variant of one I've received, and have reported as spam to Shaw, no fewer than TWENTY-TWO times! (Over the past 26-months.)
Yet another copy of the "BMO - Online Alert for Mosaik MasterCard" phishing email received today, this one from 220.127.116.11 (in Koeln Germany), and for the first time I'm not sending it to email@example.com since there's obviously no point in doing so. I've forwarded the recent examples with a brief note to firstname.lastname@example.org and email@example.com, although I'm less than optimistic about that doing any good, since versatel.de rivals Shaw in RFC-ignorance and unitymedia.de looks little better.