[black_puppydog]

The root comment literally explains that that's BS.

Every post master knows that it is done. But it doesn't have to be that way, although it certainly can feel like it when a company like google decides to not budge on the matter.

[Avamander]

> But it doesn't have to be that way

Sure, if you want spam. Don't like it, get people to deploy DKIM, then the domains will be used for reputation purposes.

What the root comment says is BS, the industry uses these methods for a very real and practical reasons.

[tomatocracy]

Even if you have DKIM, SPF and DMARC all set up, at least Microsoft still seems to give a decent weight to IP reputation and assign a negative reputation to unknown/low use IPs.

[Avamander]

Absolutely, my second sentence says how that could change.

I would have thought that it's fairly self-explanatory that anti-spam measures utilize the strongest signals. If sender domain becomes that, it will get more weight.

So if in the future email providers could reject both SPF-less domains and DKIM-unsigned letters, IP's would definitely become less relevant. So, get people to deploy those things.

[amenod]

Sorry, but this is bullshit. If I employ relevant techniques to protect my domain and the protection works, and I am not sending spam (which I am not), then Google (no idea what MS does) should not care about the IP I am sending my e-mail through. I have proved that the e-mail is tied to my domain and they know that my domain is not spamming - what more do they want?

Even better - Google could help small mail server admins by actually providing the information that landed their e-mail in the spam folder. If the protection is tied to the domain, no spammer will be helped by this knowledge.

And I understand that maybe a new domain might be suspicious at first, but after a few years of unchanged ownership (backed by whois data) there is simply no reason to put any mail messages from these domain to spam. Whatever the IP is.

Stop making up excuses for them. They are negligent at best, malicious at worst. Can't wait till they get hit by a lawsuit over this.

[Avamander]

> If I employ relevant techniques to protect my domain and the protection works, and I am not sending spam (which I am not), then Google (no idea what MS does) should not care about the IP I am sending my e-mail through.

They definitely take the IP less into account if other things are more trustworthy. Totally ignoring it would be short-sighted from them. There are many cases where the domain is fine but looking at the IP and its usage patterns helps prevent abuse. Be it misconfigured (and then abused) SPF, stolen DKIM keys, public website that's email-capable getting compromised, these things happen a lot.

> Even better - Google could help small mail server admins by actually providing the information that landed their e-mail in the spam folder. If the protection is tied to the domain, no spammer will be helped by this knowledge.

They have a significant amount of content-based filtering, knowing that helps spammer reword their crap and bypass those.

> I have proved that the e-mail is tied to my domain and they know that my domain is not spamming - what more do they want?

That's also part of the thing, you can't prove and enforce this for both envelope and header from at the same time. Not to mention how minuscule the amount of perfect and strict SPF+DKIM+DMARC is out in the wild. At this point in time IP's are a very strong signal.

> Stop making up excuses for them. They are negligent at best, malicious at worst.

I haven't made a single excuse, I'm explaining why things work the way they do. You calling it bullshit won't make it so.

[BenjiWiebe]

No, it can be a different way and still not have spam, by trusting/tracking domains instead of IP addresses.

[denton-scratch]

It's cheaper and easier to munch through lots of throwaway domains than to keep moving IP neighbourhoods, isn't it? I don't know - is free domain tasting still a thing?

If you filter by IP block (or address!), it might be a block that has changed hands and is no longer spammy. Or it might be a block from the Zen Policy Blocklist, which blocks ranges that the responsible ISP has submitted as domestic or retail blocks that are supposed to send outbound mail through the provider's smarthost.

If you filter by domain, that could be the envelope sender, the From:, the Reply-to:, or the domain of the SMTP client. Only the last is reliable; and you also have the IP address for the client. In my experience, the IP address is more useful, for longer, than the domain name. But any good blocklist should age quickly (i.e. old stuff should drop off the list).

[Avamander]

> It's cheaper and easier to munch through lots of throwaway domains than to keep moving IP neighbourhoods, isn't it?

Depends on your approach. If you hack IoT devices then you have a lot of IP's. If you hack Joomla sites, you have a bunch of domains.

> I don't know - is free domain tasting still a thing?

Yes. There are also discounts and stuff like that.

[Avamander]

I did write how using domains for reputation purposes instead could happen. The second sentence.

[cmroanirgo]

DKIM in no way helps to get past the cartels' "reputation" filters. I send maybe one email every few months to microsoft accounts & it's always received as spam. My server setup & ip have been solid for a decade. It's only ever the globalist providers that block me. Google is 50/50 I get through. Everyone else (eg Protonmail) is no problem.

[Avamander]

It absolutely does. Also that was an "if, then potentially" sentence about reputation tracking in the future.

In your case, it's likely that your volume and sending patterns aren't consistent and trustworthy enough to keep track of your domain and IP reputation.

You have to understand that they get millions of letters from new domains each day, sent from compromised Wordpress blogs and the alike. If you want to be deliverable, you have to be consistent and not suspicious.

Or, more likely, there's some other mistake in your configuration somewhere.

[ghshephard]

You also wrote:

    The need to warm up new IP's has existed for a while and a lot of providers do it. Any postmaster with experience knows how and why it's done.

I think the point people are trying to make, and I'm sympathetic to, is that if an ultra-low volume email poster, with a full-set of SPF DKIM and DMARC credentials configured and zero history of sending spam - that the majors (Yahoo/Google/Microsoft) could start off by not sending email from that domain immediately to spam, just because it isn't a well established and trusted IP address.

Alternatively - come up with something akin to D&B registration system so people can attest that they won't engage in spammy behavior.

[Avamander]

> I think the point people are trying to make [...] not sending email from that domain immediately to spam, just because it isn't a well established and trusted IP address.

Yes, and I'm saying what's the prequisite for that to happen. As long as it's okay (which it currently is) to send unsigned mail, IP addresses have larger weight. DKIM needs more deployment for that to change.

There's absolutely no way that IP-based reputation schemes will be deprecated before alternatives are viable. Sure it would be nice for a few people here, but no, won't happen before the ecosystem improves.

> Alternatively - come up with something akin to D&B registration system so people can attest that they won't engage in spammy behavior.

Already exists. That too gets abused.

[ghshephard]

Oh - that is interesting - would you mind sharing what the registration system is?