spamhaus

My recent Kickbox webinar, co-hosted with Matthew Stith from Spamhaus, was a lot of fun. We talked about the history of Spamhaus, what kind of bad guy stuff Spamhaus is trying to track, best practices for domain reputation and we touched on a bunch of other stuff, too.If you missed it, never fear! We’ve posted a recap and recording of the webinar over here on the Kickbox blog. Enjoy!

Did you know? Spamhaus has a free eBook to help email marketers know how to do the right thing.With an introduction by Annalivia Ford, one-time postmaster for AOL (remember them?), this deliverability guide from Spamhaus will walk senders through the concepts of deliverability and email reputation, how to not look like a spammer, and other important things you need to know to stay on the right side of email marketing best practices.And they don’t even make you opt-in to get access to it. Click here to download.And don’t forget to join Spamhaus’ Matthew Stith and me on Tuesday, March 21st at 9am central time for a live webinar where we’ll talk blocklists, Spamhaus, domain reputation and more. You can register here.

Hey, fellow email nerds! It’s webinar time again. What do you know about Spamhaus? If not everything, I hope you’ll join Matthew Stith and myself on March 21st at 9:00 am central time, where we’ll talk about Spamhaus, what it is, how (and why) blocklists work, how it intersects with domain reputation (and why domain reputation is such a big thing right now) and a whole bunch of at least slightly interesting info nuggets. We’ll try very hard to have time for your questions as well. Want in? Register here. Thanks and hope to see you there!

From 17:00 GMT on Feb 16th through 09:50 GMT on February 17th, spam filterer/security service Spamhaus suffered an outage that meant that “data included in the Data Query Service, Rsync, Spamhaus Intelligence API, and Border Gateway Protocol Firewall was not refreshed between these times.”The way most Spamhaus data is shared with the world allows for quite a bit of redundancy and resilience against downtime, in that DNS queries can be cached, DNS zones are handed out to and stored by different remote DNS servers. Meaning that while some of Spamhaus core systems may have been offline during this time, spam filtering continued unabated. They’re saying that their ability to make any updates (additions or removals) was effectively blocked during the downtime, meaning anybody waiting for removal from a Spamhaus list probably had to wait a bit longer for a response than usual. And also, perhaps spam filtering effectiveness was down

This is a question I get a lot. Does Gmail use any blocklists? Or, somebody will tell me that they’re having Gmail issues, and they’ve plugged their own IP address into an online blocklist lookup tool, and they are sure that any results found (blocklisting issues) must somehow be part of the underlying cause of their deliverability woes. Except, that’s just about never the case. Here’s why.There are a zillion blocklists out there. Speaking specifically just about DNSBLs (IP-based blocking lists), there’s a good 90+ of them. But blocklists are a bit like blogs,  in that anybody can publish them and the fact that it’s been published doesn’t mean that anybody is guaranteed to be actually looking at the what has been published. The net here is that there are a lot of blocklists that, if your IP or domain ends up listed by them, this does not mean that

Here’s an easy tip that I wanted to share with everyone. It’s something I knew about myself but didn’t take into consideration (I guess I got tripped up in my own “do as I say, not as I do” kind of thing). As mentioned, recently I set up my own mailbox provider to host my own mail, and as part of that, I set up a new domain name. (I didn’t HAVE to set up a new domain name, but it made setup a bit easier; I could dedicate the whole domain to my new project, and I could simply jettison the domain if I decide to shut the service down later.)I set the server up and tried sending the first few test messages, and immediately started to see Spamhaus blocks. The error messages basically said something like “mail blocked due to domain being listed on zrd.dq.spamhaus.net.” ZRD? A quick

A friend warned me of a scenario that could have the potential to freak people out, if misunderstood. It looks like this:This person is using Spamhaus to filter inbound mail.They seem to be rejecting mail from Gmail due to a Spamhaus listing.The Spamhaus website DOES suggest there might be an SBL entry (a blocklisting) for Gmail.So…Spamhaus is blocking Gmail? NO, no no. Gmail is not blocklisted by Spamhaus. Promise. Here’s what’s actually happening.Using Spamhaus is good, but querying Spamhaus using open/public DNS resolvers is bad. Spamhaus is actually rejecting those queries — they’re not blocking mail from Gmail. The person running into this problem needs to switch over to using the Spamhaus DQS (Data Query Service), and that ought to just flat out fix things.As noted above, the rejections are actually because the email administrator of the mailbox provider or mail server in question has configured Spamhaus in a way

Hey, email nerds! Are you like me, running various random EC2 instances with scripts or applications that do a bunch of spam and email message analysis, checking (among other things) all the domains and IPs you find? Okay, there aren’t millions of us, but I know I’m not alone out there! Email nerds unite! Anyway, if you’re querying Spamhaus’s blocklists directly from your AWS-hosted infrastructure, be aware: Beginning October 18th, Spamhaus is likely to block those queries, responding instead with a 127.255.255.254 response code. Why? It sounds like AWS is a large source of traffic for Spamhaus, and it’s hard for them to sort out who’s who– including who should be getting access for free and who shouldn’t be. Don’t fret, though. Just sign up for the Spamhaus Data Query Service (DQS), and you should be able to keep the access flowing.Is this really surprising at this point? Not to me.

Timely! I just blogged recently talking about what you should do if you get blocklisted by Spamhaus, and now Spamhaus just posted this: Poor sending practices trigger a tidal wave of informational listings. What does it all mean and should you be concerned? Let me explain.What Spamhaus is referring to is a recent uptick in SBL entries (blocklistings) for ESP/CRM senders — informational listings — that were almost like a big ole bomb dropped out of nowhere. ESPs were waking up to a dozen or more listings for their clients, seemingly out of nowhere, wondering what changed.To make this a little bit easier to handle, these new listings are “informational” in nature. “Informational listings” are something that Spamhaus has done for a while now, where they will warn you of an SBL listing, but not actually configure the listing to cause mail to block. It means the client or company sending

After finding some shockingly bad advice out there on other websites (no, I’m not the type to name and shame), I thought that it might be a good idea to write up my own thoughts on what senders should do if blocklisted by Spamhaus, published over on the Kickbox blog.I could have gone into much more detail here, but my goal was do get a high level overview completed quickly, and I’ll probably include followups on other Spamhaus bits (like the DBL) in future posts. (And keep in mind that I’ve got a whole section on Spam Resource dedicated to Spamhaus.)