Skip to main content

Congratulations, You're BLACKLISTED!

A long time ago, I posted The Trouble With Greylisting.  My latest rant is brought to you by the current state of e-mail server blacklisting.  I'll relate to you the following anecdote, to help with the specifics:

My client recently purchased a new internet pipe from their ISP - (I won't specify, but let's just say they're "Vermont's largest wireline provider.")  Along with this new connection came a new block of public IP addresses.  This has been standard fare - they have switched connections 3 times in the last 2 years, and for a variety of reasons, each time it's been a fiasco to get everything migrated to the new block.

This time it almost went incredibly smoothly (without question, this was at least partly due to the help of an Astaro Security Gateway, and its almost infinite flexibility).  The only snag was when I moved the mail server over to the new IP block.  Within 20 minutes, people were reporting bounces (undeliverable message reports).  The new IP address was blacklisted for sending spam.  I moved the server to another IP in the block, and an hour or so later, received another report of the same issue.  For the record, this server is totally clean, and sends maybe 50 totally legit messages an hour, during peak.

The only explanation is that some (perhaps all?) of the IPs that were given to us were previously used by spammers.  As I played the scenario through in my head, it all made sense.  Due to the severely overtaxed IPv4 address space, addresses are constantly recycled.  Furthermore, every IP address in that space has probably used by a spammer at some time or another, given the number of spammers in the world.  Ok, perhaps that's a bit of an exaggeration, but still...  It was enough for me to get the picture.

I moved the mail server back to the known good IP, and then set out to start the long and arduous process of delisting all these IPs.  Even though I don't plan to use more than one for sending mail, I need to have options, as obviously I can't predict what is going to happen to my IP reputation, regardless of what is actually my fault.

Throughout the process, one interesting thing I got to see was the variety of different types of blacklists out there.  They range from reasonable and responsible (think Spamcop), to strange, and obscure.  Some blacklists are very straightforward about removal requests.  The policy is simply "check yourself, and then click the removal button."  Some blacklist providers investigate reports of spam before listing a host.  However, the lower end providers take a very lazy approach to blacklist management.  They blacklist everything based on loose criteria, don't expire anything, and make it very difficult for hosts to request removal.  One delisting form was actually punctuated with a lecture about how

So, to review, we have 2 problems:

1. (some) ISPs sell IP blocks with no guarantees about the reputation of IPs within that block

2. (some) Blacklist providers use lazy tactics to manage their lists, including listing without due process, with complicated and indefinite delisting requirements, and without expiration of highly outdated listings.

With these 2 factors at work, it's a very disconcerting direction for private mail hosting in general.


Popular posts from this blog

Reaper, Linux, and the Behringer X-Air - Complete Studio Solution, Part 1

Introduction and Rationale This is part one of a major effort to document my experiences with recreating my home studio, entirely using Linux.  Without getting into too many of the specifics, a few months ago I decided that I was unhappy with Windows' shenanigans - to the point that I was ready to make a serious attempt to leave it behind.  For most in this situation, the obvious choice is to switch to Mac OS.  With its proven track record, support, and options for multimedia production, it is naturally the first alternative to consider if your goal is to simply use something other than Windows. For me the choice was not so simple. I despise Mac OS and, in general, the goals and philosophies put forth by Apple in an effort to ostensibly provide users with an "easy" working environment.  It does not help that I have also failed to find any aspect of the Mac OS UI intuitive, but I realize that this is a subjective matter. With my IT background and user-control* favori

Timbaland rips off a Demoscene artist

I knew this day would come. The new Timbaland/Nelly Furtado song "Do It" uses a song made in 2000 by Finnish demoscene artist "Tempest" (Janne Suni). It's a 4 channel .mod (the ripoff is from a playback using the C64 SID soundchip). The song was hosted on's servers (the main repository for all everyones demos and tracked music, etc.). As you might expect, no permission or royalties were paid to Tempest. Just to clarify, we're not talking about some kind of coincidence here. There is no question that this track was used to create the song "Do It". In an interview, Timbaland tries to downplay it, saying things like "he sampled it from a video game". (This track was not written for a video game- it was actually written for the 2000 demoscene music competition, in which it won 1st place). Regardless, he basically claims he has no legal obligations because it's just like all the other pop artists that sample other m

The Hellscape that is Google’s Web in 2023

Alternate title: "were we better off in 2015 2007?" Time now for another anti-capitalist, “get off my lawn” posting for all the folks out there who won’t see it anyway, because they don’t read real blogs for the reasons specified in this very article. The web has existed for 30 years now. One would think our ability to access information on it would keep getting better. However, I watch as web search is instead devolving every year, to the point where people are giving up and hoping for the next thing.  While this sounds dire, this kind of behavioral change has historical precedent. Remember running your own mail or web server, or better yet, having a phone that you might actually answer calls to, even if you don’t recognize the caller’s number?  Yes, those ideas are gone too. It's all thanks to the uncontrolled thirst for advertising. Let’s walk through the experience of someone doing a simple Google search for “how to control poison ivy”.  The desired outcome would be