spamhaus
Here’s an easy tip that I wanted to share with everyone. It’s something I knew about myself but didn’t take into consideration (I guess I got tripped up in my own “do as I say, not as I do” kind of thing). As mentioned, recently I set up my own mailbox provider to host my own mail, and as part of that, I set up a new domain name. (I didn’t HAVE to set up a new domain name, but it made setup a bit easier; I could dedicate the whole domain to my new project, and I could simply jettison the domain if I decide to shut the service down later.)I set the server up and tried sending the first few test messages, and immediately started to see Spamhaus blocks. The error messages basically said something like “mail blocked due to domain being listed on zrd.dq.spamhaus.net.” ZRD? A quick
A friend warned me of a scenario that could have the potential to freak people out, if misunderstood. It looks like this:This person is using Spamhaus to filter inbound mail.They seem to be rejecting mail from Gmail due to a Spamhaus listing.The Spamhaus website DOES suggest there might be an SBL entry (a blocklisting) for Gmail.So…Spamhaus is blocking Gmail? NO, no no. Gmail is not blocklisted by Spamhaus. Promise. Here’s what’s actually happening.Using Spamhaus is good, but querying Spamhaus using open/public DNS resolvers is bad. Spamhaus is actually rejecting those queries — they’re not blocking mail from Gmail. The person running into this problem needs to switch over to using the Spamhaus DQS (Data Query Service), and that ought to just flat out fix things.As noted above, the rejections are actually because the email administrator of the mailbox provider or mail server in question has configured Spamhaus in a way
Hey, email nerds! Are you like me, running various random EC2 instances with scripts or applications that do a bunch of spam and email message analysis, checking (among other things) all the domains and IPs you find? Okay, there aren’t millions of us, but I know I’m not alone out there! Email nerds unite! Anyway, if you’re querying Spamhaus’s blocklists directly from your AWS-hosted infrastructure, be aware: Beginning October 18th, Spamhaus is likely to block those queries, responding instead with a 127.255.255.254 response code. Why? It sounds like AWS is a large source of traffic for Spamhaus, and it’s hard for them to sort out who’s who– including who should be getting access for free and who shouldn’t be. Don’t fret, though. Just sign up for the Spamhaus Data Query Service (DQS), and you should be able to keep the access flowing.Is this really surprising at this point? Not to me.
Timely! I just blogged recently talking about what you should do if you get blocklisted by Spamhaus, and now Spamhaus just posted this: Poor sending practices trigger a tidal wave of informational listings. What does it all mean and should you be concerned? Let me explain.What Spamhaus is referring to is a recent uptick in SBL entries (blocklistings) for ESP/CRM senders — informational listings — that were almost like a big ole bomb dropped out of nowhere. ESPs were waking up to a dozen or more listings for their clients, seemingly out of nowhere, wondering what changed.To make this a little bit easier to handle, these new listings are “informational” in nature. “Informational listings” are something that Spamhaus has done for a while now, where they will warn you of an SBL listing, but not actually configure the listing to cause mail to block. It means the client or company sending
After finding some shockingly bad advice out there on other websites (no, I’m not the type to name and shame), I thought that it might be a good idea to write up my own thoughts on what senders should do if blocklisted by Spamhaus, published over on the Kickbox blog.I could have gone into much more detail here, but my goal was do get a high level overview completed quickly, and I’ll probably include followups on other Spamhaus bits (like the DBL) in future posts. (And keep in mind that I’ve got a whole section on Spam Resource dedicated to Spamhaus.)
Dear Colleagues at ESPs, We have a problem. More specifically, YOU have a problem. You have a spam problem. One that you’re not taking care of in any way, shape or form. There was a point where ESPs started caring about spam out of their networks. They got blocked enough they had to take action. Because they took action a lot of the big blocklists started being nice. Spamhaus, for instance, would do ‘informational’ listings so that ESPs could fix things rather than going to a direct block. This led management at ESPs to start to think they had this spam thing under control. They stopped worrying too much about spam and compliance. I mean, to management the whole point of having a compliance desk is to stop the blocks. No blocks mean no problems with spam out of the network, right? As someone who gets a lot of B2B
Last week I explained who Spamhaus is, and today I share a link to a guest blog post over there, authored by Alice Cornell, Director of Email Deliverability at Change.org, explaining her deliverability journal and how she helps guide Change.org to maximize inbox placement and minimize deliverability challenges. It’s worth a read!
DELIVTERMS: The (almost) weekly series here on Spam Resource that defines deliverability terminology. Today, I’m going to talk about Spamhaus.Spamhaus, in the context of my day-to-day role as a deliverability consultant, is perhaps best described as a publisher of anti-spam blocklists.They publish a multitude of blocklists:SBL: Their primary IP address-based blocking list. Spamming companies and ISPs are listed here both manually, based upon review and investigation by somebody at Spamhaus, and also in an automated fashion using logic that results in “CSS” listings on the SBL. Entities listed on the SBL (for reasons other than CSS) typically have to contact Spamhaus to discuss potential resolution to an issue before Spamhaus will remove (“delist”) an IP address. Spamhaus generally (but perhaps not always) wants to talk to the service provider or sending platform more-so than the end client.DBL: Their primary domain-based blocking list. This is run in a fashion more automated…
Remember how I warned that querying Spamhaus via public DNS resolvers wasn’t a great idea?”Spamhaus clearly doesn’t want to provide this IP reputation data via [public resolvers] and right now it’s just a question of how effective they are at blocking it. They’re not fully effective at it today, but I’m sure they’ll get better at it over time.”Well, here they are, getting better: This is a clear warning from Spamhaus that while it may work to query Spamhaus via Cloudflare’s 1.1.1.1/1.0.0.1 public DNS service today, it’s not going to work in the near future.
I had a customer ask me yesterday, why is their ESP trying to force them to implement CAPTCHA on their signup forms? They’re not spammers.Well, unfortunately, it’s usually because of stuff like this: As Webbula’s Jenna Devinney explains, bad guys can easily find and script a bunch of pokes at a bunch of webforms, purely to wreak havoc. Maybe it’s random. Maybe it is to annoy somebody they’re mad at. But the net is, they go around signing up Joe Email User for 200 email lists and then Joe Email User starts receiving 200 emails a day that are all spam to him, and it makes him mad. It makes him hate the companies sending that mail, even though it wasn’t really their fault. It makes him report all that mail as spam, and that’ll harm the sender’s IP and domain reputation.Even worse, the bad guys sometimes script submissions to…