spamhaus
As part of their continuing efforts to lock down unrestricted public access to their reputation data, Spamhaus has announced that as of February 14, 2024, they’ll be blocking DNSBL queries made via Digital Ocean’s Cloud Server infrastructure. Read more about it here. This isn’t really a bad thing; those who want can still sign up for the free tier of “DQS” access from Spamhaus for small volume or hobbyist usage. Requiring registration for this (and using their unique subdomain-based process) reminds me a bit of email authentication — the goal is so that Spamhaus can see you as you, not as just some random bits of data in the blob of all the requests coming from public servers. I’ve blogged about this before. So if you’re wondering how to safely query Spamhaus reputation data, read this and be informed. Email admins asleep at the wheel tend to wake up weeks
A number of folks have reached out to me (and posted on various forums) asking about a Spamhaus glitch last Friday night (October 13th), US time. I reached out to Matthew Stith at Spamhaus and he was able to confirm for me that there was indeed a temporary issue then that led to a number of accidental/false-positive listings on the Spamhaus “XBL” Exploits Block List. Matthew confirmed the following: At approximately 1:15 UTC on Saturday, October 14th, there was an unexplained network outage that caused various databases to become unreachable. This resulted in a rule to misfire, leading to a ten minute period of false positive (FP) listings. The number of FPs caused by this outage were no more than 1,000. As per our policy, these FPs were purged, as soon as an engineer was notified. Matthew added, “There are ongoing investigations regarding the cause of the network outage. However
Spamhaus just announced that they’ve “reinvigorated” the ASN-DROP list, now available in JSON format. The point of this whole thing is for network operators (think ISPs and similar) to just totally block off any potential connections with really bad networks that are spewing nothing but spam, phish and other garbage.In theory this should not impact your typical marketing sender, but it’s good all of us to be aware of what this is. They’re blocking, in some cases, some bad guys who would happily take threats to a phyiscal level with Spamhaus people, given the chance. If the bad guys can’t route their bad stuff, they can’t rip people off, and they don’t make as much (ill gotten) money. That’s why Spamhaus folks are sometimes cagey about full names and locations, in case you’re wondering — not because they’re worried about how a Fortune 500 retailer might react to an SBL
Blocklist provider and master spam-filterer Spamhaus had a glitch overnight (Friday to Saturday, August 18-19) starting at about 8:20 pm US central time. The glitch resulted in a bunch of false positive Spamhaus blocklistings. They were accidental and the listings have since been removed. Because of the sheer volume of support tickets received, it sounds as though Spamhaus may not be responding to all of them. Best to watch Linkedin, if possible, for updates.Here’s what Spamhaus posted about this:NOTIFICATION | CSS Listing Errors | Today, between 1:20 am UTC & 2:20 am UTC, a significant number of listings were incorrectly added to the CSS DNSBL. These listings were purged at approx. 8:30 am UTC. Our engineers are currently investigating the root cause of the issue. We sincerely apologize for any inconvenience this may have caused.CSS REMOVAL TICKETS | Further to the issue regarding CSS listings this morning, between 01:20 UTC
These last few years have been something, huh? Something had to give and, in my case, that something was blogging. There were a number of reasons I stopped writing here, many of them personal, some of them more global. I will admit, I was (and still am a little) burned out as it seemed I was saying and writing the same things I’d been saying and writing for more than a decade. Taking time off has helped a little bit, as much to focus on what I really want to talk about. It helps, too, there are a lot more deliverability resources out there than when I started. I don’t have to say it all, there are other voices (and perspectives!) that are adding to the collective understanding of delivery. That’s taken some of my (admittedly internal) pressure off from having to write about specific things to explain, educate and
My recent Kickbox webinar, co-hosted with Matthew Stith from Spamhaus, was a lot of fun. We talked about the history of Spamhaus, what kind of bad guy stuff Spamhaus is trying to track, best practices for domain reputation and we touched on a bunch of other stuff, too.If you missed it, never fear! We’ve posted a recap and recording of the webinar over here on the Kickbox blog. Enjoy!
Did you know? Spamhaus has a free eBook to help email marketers know how to do the right thing.With an introduction by Annalivia Ford, one-time postmaster for AOL (remember them?), this deliverability guide from Spamhaus will walk senders through the concepts of deliverability and email reputation, how to not look like a spammer, and other important things you need to know to stay on the right side of email marketing best practices.And they don’t even make you opt-in to get access to it. Click here to download.And don’t forget to join Spamhaus’ Matthew Stith and me on Tuesday, March 21st at 9am central time for a live webinar where we’ll talk blocklists, Spamhaus, domain reputation and more. You can register here.
Hey, fellow email nerds! It’s webinar time again. What do you know about Spamhaus? If not everything, I hope you’ll join Matthew Stith and myself on March 21st at 9:00 am central time, where we’ll talk about Spamhaus, what it is, how (and why) blocklists work, how it intersects with domain reputation (and why domain reputation is such a big thing right now) and a whole bunch of at least slightly interesting info nuggets. We’ll try very hard to have time for your questions as well. Want in? Register here. Thanks and hope to see you there!
From 17:00 GMT on Feb 16th through 09:50 GMT on February 17th, spam filterer/security service Spamhaus suffered an outage that meant that “data included in the Data Query Service, Rsync, Spamhaus Intelligence API, and Border Gateway Protocol Firewall was not refreshed between these times.”The way most Spamhaus data is shared with the world allows for quite a bit of redundancy and resilience against downtime, in that DNS queries can be cached, DNS zones are handed out to and stored by different remote DNS servers. Meaning that while some of Spamhaus core systems may have been offline during this time, spam filtering continued unabated. They’re saying that their ability to make any updates (additions or removals) was effectively blocked during the downtime, meaning anybody waiting for removal from a Spamhaus list probably had to wait a bit longer for a response than usual. And also, perhaps spam filtering effectiveness was down
This is a question I get a lot. Does Gmail use any blocklists? Or, somebody will tell me that they’re having Gmail issues, and they’ve plugged their own IP address into an online blocklist lookup tool, and they are sure that any results found (blocklisting issues) must somehow be part of the underlying cause of their deliverability woes. Except, that’s just about never the case. Here’s why.There are a zillion blocklists out there. Speaking specifically just about DNSBLs (IP-based blocking lists), there’s a good 90+ of them. But blocklists are a bit like blogs, in that anybody can publish them and the fact that it’s been published doesn’t mean that anybody is guaranteed to be actually looking at the what has been published. The net here is that there are a lot of blocklists that, if your IP or domain ends up listed by them, this does not mean that