As with almost any service it's possible for it to be used maliciously. We have some safeguards in place but there isn't any way to vet every email address or ip. It's one reason why user submissions aren't added automatically to the database, but are instead held pending statistical verification. It's not a perfect system but so far it's worked pretty well.
We generally remove email addresses and ips on request, so if someone does get listed by accident or through malicious actions they can be taken of the list without much trouble. If an email address or ip keeps getting added in error we can whitelist it to prevent it from being added again.
I was wondering if anyone has considered that botscout could be misused to maliciously apply 'spammer' status to an ip or ip range.
As botscout applies a spammer status to any ip that is tested with a known spammer email, it would be easy for someone to modify the code to autosubmit & set any ips they wanted to spammer status.
Has this been looked into? has the option of not flagging ip's so quickly been considered?
Author