Recently we’ve seen an increase in the number of customers who have contacted us with problems sending email. When connecting to our mail servers they have had an error trying to send.
On checking mail server logs we’ve discovered that the reason they are having problems is that our mail servers have rejected the connection. On checking the connecting IP address it seems their IP address is blacklisted at various Real Time Blacklists (RBLs) that track IP addresses used for spamming.
Of course our customers are not spammers (although sometimes they are and we deal with them accordingly, but that’s for another post), but they are unfortunate enough to have either been allocated a dynamic address that was previously used by a spammer or they have an IP address that is in a larger block of addresses that it blacklisted.
Our mail servers, as do the mail servers of most ISPs, perform a number of checks on all incoming mail and the IP addresses that connect to them. They do this in the name of security and spam prevention and they don’t do a bad job of this. In the last week an average of 71% of mail processed was identified as spam and stopped before it got to our customers. That’s a good thing. Sure we don’t catch everything, but we get most of it.
So back to the issue of customers blacklisted. As you can imagine, those affected customers were pretty upset. We explained the reasons why they had been prevented sending mail and all bar a very few were unhappy about it. We told them that they needed to contact their access provider as we were not the company that issued their IP address and as such did not manage that network space. It is the responsibility of the access provider to clean up their network after all, however this is really part of the problem.
The larger access providers it seems either don’t care or don’t have the resources to clean things up. I do understand to an extent, as there are many blacklists (enter an IP address into http://www.mxtoolbox.com/blacklists.aspx and see how many come up – and that’s just some of them) and they all have different de-listing processes and some even charge money. The worst part of all (or the best depending on your point of view) is that anyone can set up a blacklist. You, Me, your Aunt Jane, anyone. The hard bit of course is getting people to use it, but once it’s up and running the power you wield is immense.
Once an IP address is in your blacklist anyone who refers to it will ban that address. As the person with the banned address the first you find out about it is when you try to send email and find out you can’t. Confusion. You wonder why. Is it your computer? Are your settings wrong? You check, double check. You call in a friend who “knows a bit about computers” and he/she has a look. They don’t get it either. After much wailing and gnashing of teeth you call your mail provider and they confirm you are blacklisted. You’re angry. How dare they, why am I blacklisted? The nerve.
After firing threats and harsh language to your mail provider either you or the person who manages that IP address must then first find out where it’s blacklisted (not always easy, but again – see http://www.mxtoolbox.com/blacklists.aspx). Then you/they have to go through the process of getting de-listed. It might be form filling and promising not to do it again, or it may involve parting with cash usually in dollars and usually called a “donation”, although viewed in another light it could be called extortion.
Whether it be you with your one IP address or your access provider with thousands of addresses this is no fun at all. It’s frustrating. It’s time consuming and costly.
Spam is a global menace and I for one am rather sick of being offered a new watch, everything I need to achieve a larger penis, maintain an erection and my share of a million dollars or so. Let’s not also forget the fake messages from “your bank” asking you to re-enter all of your information again or worse still to verify your phone number and account number. (You’ll get a phone call in a week or two from “your bank” asking to confirm the rest of the information in a security check. Shortly after you’ll lose all of your money.)
Why is spam sent then? Believe it or not it’s because for every million million messages maybe point five percent of those receiving them will actually want a new watch and a larger penis. (That’s about five thousand people by the way) and as you can imagine that’s enough people to make a few quid. And as long as people keep responding spammers will keep sending. It’s big business too. Have you ever wondered why some hackers hack into computers, or why viruses are sent? The answer in most cases is spam. That virus might have a payload that infects your computer silently. Like the hacked computer yours can then be added to an automated network, or botnet, and rented out to whoever needs it to send their spam. Picture tens or hundreds or thousands of computers all sending out as many messages as they can (thousands an hour each).
This is big business alright. Not only are those behind the spam in it to make money but those operating the botnets. If you haven’t already guessed, this crime is very organized and while governments around the world continue to fight organized crime as they always have, the criminals will always stay one step ahead, as they always have. Money talks and generally it is they who have the most to gain who will fight hardest to protect themselves.
From our point of view as a provider of mail services where do we stand? Well there is no doubt we need to fight spam and we have a number of weapons at our disposal. Among the most effective of those are the RBLs. It’s a bit “sledgehammer to crack a nut” sometimes but it is very effective and until somebody comes up with an alternative mail technology or a better way to fight spam there is precious little else.
So what happens when you find your IP address is blacklisted? Is it our fault? Should we remove our filters and allow you to send your mail, and in so doing allow the spammers to send too? When you’ve considered everything your answer surely has to be No, even if it is a begrudging one.