Topics

Blacklisting - using multiple IP addresses? #suggestion


 

Many, many years ago, I met with the Yahoo Groups team at Yahoo headquarters in Sunnyvale. One of the engineers drew a block diagram of how Yahoo Groups works, which showed that they have a pools of outbound email servers (with a unique IP address) separate from the machines that host the forums. They said that they used a separate set of email servers for the "adult" groups.

It has occurred to me that perhaps Groups.io could have a separate email server for the paid groups and one for the free groups -- to somewhat limit the damage due to blacklisting of IP addresses. There could even be another email server for use when troubleshooting groups suspected of causing blacklisting.

Unfortunately, I doubt that this would be easy to implement.
--cg


 

On Tue, Oct 27, 2020 at 5:40 AM Curt Gowan <curt.gowan@...> wrote:

It has occurred to me that perhaps Groups.io could have a separate email server for the paid groups and one for the free groups -- to somewhat limit the damage due to blacklisting of IP addresses. There could even be another email server for use when troubleshooting groups suspected of causing blacklisting.


Certainly in the past, the reason we've been put on blocklists was because of premium groups direct adding bad addresses to their groups. My suspicion is that with this last wave of Yahoo Group refugees, that's what's happened again. If I had to guess, it's people direct adding email addresses that had been bouncing on Y! Groups for many years now. I don't know how to prevent that behavior.

Mark


John Wirtz SF
 

Mark, 

 

Thanks for all your hard work on this.  It’s a thankless task at times.

 

Re “I don't know how to prevent that behaviour”: you might need to publish some administrator guidelines.  One thing that is necessary is house-keeping.  Administrators need to do a minimum to keep their data up to date, review the meber list at regular intervals specially those that run open groups.

 

I don’t allow anyone to join unless I have some indication they are a genuine person.  If we get an anonymous application and can’t trace the sender, we ask them to provide a minimum of info.  You’d be surprised how many of those request remain unanswered.  So, it’s worth checking.

 

When I first joined the premium service, the one facility I wanted was “direct join”.  All recipients can reject the invitation if they want so I don’t consider it being intrusive.

But I’d request improvement to the member database and the ability to sort, the splitting up of display name into “First “and “Last Name”.  It would be really good if w could set up a weekly/monthly report on bouncing or problematic addresses.

 

I know you can get these reports by downloading various lists but the amount of work afterwards to make them user friendly is prohibitive.

How difficult would  async facility between the system address database and the database section of the site be?  Then investigations and filtering would be possible from within io.groups.

 

 

But the basic requirement is for administrator to be firm with their members, if they don’t want to identify themselves, what is it they are wanting to hide.  We only ask for first name, last name, email and town/city and country of residence.  Not exactly the Spanish inquisition.

 

Hope this helps you look at behavioural change.

 

Cheers

 

John

 

 

 

 

 

 

 

 

From: main@beta.groups.io <main@beta.groups.io> On Behalf Of Mark Fletcher
Sent: 27 October 2020 13:37
To: main@beta.groups.io
Subject: Re: [beta] Blacklisting - using multiple IP addresses? #suggestion

 

On Tue, Oct 27, 2020 at 5:40 AM Curt Gowan <curt.gowan@...> wrote:


It has occurred to me that perhaps Groups.io could have a separate email server for the paid groups and one for the free groups -- to somewhat limit the damage due to blacklisting of IP addresses. There could even be another email server for use when troubleshooting groups suspected of causing blacklisting.

 

Certainly in the past, the reason we've been put on blocklists was because of premium groups direct adding bad addresses to their groups. My suspicion is that with this last wave of Yahoo Group refugees, that's what's happened again. If I had to guess, it's people direct adding email addresses that had been bouncing on Y! Groups for many years now. I don't know how to prevent that behavior.

 

Mark


Bärbel Stephenson
 

John,

People migrating groups from Yahoo have no idea how many bad addresses they have as the yahoo system has been broken for years.
Bigger groups, who migrated before now, often found that up to 1/3 of the addresses in the group are no longer working.  Recently I unsubscribed almost half of the members of a group (over 300 members when migrated) and most of those addresses had never worked after making it to io groups.

Barbara

On Tue, Oct 27, 2020 at 1:58 PM John Wirtz SF <john@...> wrote:

Mark, 

 

Thanks for all your hard work on this.  It’s a thankless task at times.

 

Re “I don't know how to prevent that behaviour”: you might need to publish some administrator guidelines.  One thing that is necessary is house-keeping.  Administrators need to do a minimum to keep their data up to date, review the meber list at regular intervals specially those that run open groups.

 

I don’t allow anyone to join unless I have some indication they are a genuine person.  If we get an anonymous application and can’t trace the sender, we ask them to provide a minimum of info.  You’d be surprised how many of those request remain unanswered.  So, it’s worth checking.

 

When I first joined the premium service, the one facility I wanted was “direct join”.  All recipients can reject the invitation if they want so I don’t consider it being intrusive.

But I’d request improvement to the member database and the ability to sort, the splitting up of display name into “First “and “Last Name”.  It would be really good if w could set up a weekly/monthly report on bouncing or problematic addresses.

 

I know you can get these reports by downloading various lists but the amount of work afterwards to make them user friendly is prohibitive.

How difficult would  async facility between the system address database and the database section of the site be?  Then investigations and filtering would be possible from within io.groups.

 

 

But the basic requirement is for administrator to be firm with their members, if they don’t want to identify themselves, what is it they are wanting to hide.  We only ask for first name, last name, email and town/city and country of residence.  Not exactly the Spanish inquisition.

 

Hope this helps you look at behavioural change.

 

Cheers

 

John

 

 

 

 

 

 

 

 

From: main@beta.groups.io <main@beta.groups.io> On Behalf Of Mark Fletcher
Sent: 27 October 2020 13:37
To: main@beta.groups.io
Subject: Re: [beta] Blacklisting - using multiple IP addresses? #suggestion

 

On Tue, Oct 27, 2020 at 5:40 AM Curt Gowan <curt.gowan@...> wrote:


It has occurred to me that perhaps Groups.io could have a separate email server for the paid groups and one for the free groups -- to somewhat limit the damage due to blacklisting of IP addresses. There could even be another email server for use when troubleshooting groups suspected of causing blacklisting.

 

Certainly in the past, the reason we've been put on blocklists was because of premium groups direct adding bad addresses to their groups. My suspicion is that with this last wave of Yahoo Group refugees, that's what's happened again. If I had to guess, it's people direct adding email addresses that had been bouncing on Y! Groups for many years now. I don't know how to prevent that behavior.

 

Mark


Mo
 

Hi Mark,

Could you not add a temporary rule on Adding along the lines of your "bouncing request" first before the add is processed?  

Regards
Mo


Bill Burns
 

I recently moved a notification-only group from Yahoo. I established it in 2005 with no restrictions on who could join, and it now has about 250 members. After setting up a new group here I sent invitations to all of them, and I now have 66 members.

I would never do a direct add from an old group such as this.

Bill

On 27-Oct-20 10:09 AM, Bärbel Stephenson wrote:
People migrating groups from Yahoo have no idea how many bad addresses they have as the yahoo system has been broken for years.
Bigger groups, who migrated before now, often found that up to 1/3 of the addresses in the group are no longer working.  Recently I unsubscribed almost half of the members of a group (over 300 members when migrated) and most of those addresses had never worked after making it to io groups.
Barbara


 

Mark,

If I had to guess, it's people direct adding email addresses that had
been bouncing on Y! Groups for many years now. I don't know how to
prevent that behavior.
Nor do the people involved.

It /was/ possible to download the Bouncing list, before last year's October surprise. It hasn't been available since then. But even before then the need to subtract that list from the Manage Members list would not have been obvious to all, and a way to do it (other than manually) would have been known to fewer. And then there's Yahoo's false-negatives, which got by the Easy Group Transfer mechanism, and by me for the handful of Yahoo Groups I've helped manually migrate.

Also, I've probably Direct Added a few hundred bouncing addresses to my PTA group (with its inevitable typos, misremembered, misspelled, or illegibly scrawled registration lists). In that process I acted with deliberate disregard for the possibility that the list might contain addresses that would bounce - I have been deliberately using Direct Add plus Groups.io's bounce tracking to vet those lists. It seems like the only practical way.

I did not expect that this could in any way cause a problem for Groups.io.

Certainly in the past, the reason we've been put on blocklists was
because of premium groups direct adding bad addresses to their groups.
I wonder here if the nature of "bad" isn't "bouncing", but rather addresses that do NOT bounce -- but are spamtraps. I would think just bad as in "no such user" addresses have to turn up far too frequently in Direct Ads to be what triggered two blocks so widely separated in time (and not be blocked every day). Especially given that you suspend sending to the hard bouncing addresses rather immediately.
https://en.wikipedia.org/wiki/Spamtrap (for readers who don't know)

How a spamtrap address would get into a Yahoo Groups members list I don't know. Probably it dates back to when Direct Add existed in Yahoo Groups, but that doesn't answer the question of how it ended up in some group owner's list to add.

Shal