When Anti-Spam Lists go Bad

Email administrators everywhere will have dealt with the dreaded blacklisting problems. Whether it be a customer who has accidentally got them selves listed or your own server sending some backscatter through a misconfiguration we’ve all come across the “request for delisting” and found the tools to prevent the mistake from happening again.

Most of the time the solution is simply; you fix whatever problem you had or sign up to the recipient’s mail providers postmaster system (in the case of Outlook.com) and request the delisting. In a few hours your IP is marked as fine and happily you go about your business.

Sometimes, however, unscrupulous individuals set up services and begin blackmailing email administrators. For example, UCEPROTECT and ivmSIP24 are scammers and should not be trusted because they list entire IP ranges without regard for what those IPs actually are.

For example, my mail server is with DigitalOcean who are a well known and reputable hosting provider and they, naturally, have lots of IPs. Anyone can sign up for a server and so it is bound to happen that a real spammer will create a short lived VPS and send some malicious content. Should every DigitalOcean customer be punished because it is possible someone might send spam? Of course not!

This is where UCEPROTECT and ivmSIP24 step in to wreck the day. They swiftly list the entire IP range as bad and demand payment to delist! They make it clear that payment will not guarantee you from being kept off the list in the future and, of course, if you cease paying (because it is a subscription) you will be put back on it.

The only thing missing from their site is “I am haxor and have haxd your system. You send money to my Bitcoin address or I release private picture hra hra hra”

This type of scam/blackmail/racketeering is nothing new but it is the first time I’ve seen this type of list used by a big email provider – Mimecast. Why in the merry hell is such a large company allowing these cretinous individuals to hold email administrators to ransom.

2 thoughts on “When Anti-Spam Lists go Bad

Add yours

  1. Let me add to how unscrupulous they really are. UCE Protect clearly informs (warns) you that you will not be delisted for 7 days unless you pay their fee – additionally, if you try to send spam again, they will tack on another 7 days. So you can expect to be delisted 7 days after what they refer to as the “Last Impact”. However, here’s the kicker: Once you’re listed, they are blocking your IP. They block your connection before MAIL FROM: or RCPT TO: – so they have no way of knowing what or where you are sending – only that you ARE trying to send them something. And they host legitimate email on the same system that hosts their spam traps. So if you – or, as you mentioned in your post, not necessarily you, but someone else sending from your IP range – inadvertently send one message to one of their spam traps, you will be blacklisted. If you then try to send a legitimate email to someone on their server in the next 7 days, they will label that as new impact and will extend your blacklist period. If I were ever to wish pestilence upon another human being . . .

  2. sorry, i do not understand your problem – if you are sending mails to a spam-trap, which is naturally not easy because those traps are hidden for human users and only readable for scripts, then something went wrong in your system/mailserver and you are listed.
    that’s the reason of blacklisting.
    so, it’s ok and working well…
    the other side, that you have to pay for a quick removal, is another story – but if your system is working well, you only have to wait for 7 days and do nothing 😉

Leave a Reply

Your email address will not be published. Required fields are marked *

Proudly powered by WordPress | Theme: Baskerville 2 by Anders Noren.

Up ↑

Notice: ob_end_flush(): failed to send buffer of zlib output compression (0) in /home/mcgraneu/public_html/wp-includes/functions.php on line 4344