When Anti-Spam Lists go Bad

Email administrators everywhere will have dealt with the dreaded blacklisting problems. Whether it be a customer who has accidentally got them selves listed or your own server sending some backscatter through a misconfiguration we’ve all come across the “request for delisting” and found the tools to prevent the mistake from happening again.

Most of the time the solution is simply; you fix whatever problem you had or sign up to the recipient’s mail providers postmaster system (in the case of Outlook.com) and request the delisting. In a few hours your IP is marked as fine and happily you go about your business.

Sometimes, however, unscrupulous individuals set up services and begin blackmailing email administrators. For example, UCEPROTECT and ivmSIP24 are scammers and should not be trusted because they list entire IP ranges without regard for what those IPs actually are.

For example, my mail server is with DigitalOcean who are a well known and reputable hosting provider and they, naturally, have lots of IPs. Anyone can sign up for a server and so it is bound to happen that a real spammer will create a short lived VPS and send some malicious content. Should every DigitalOcean customer be punished because it is possible someone might send spam? Of course not!

This is where UCEPROTECT and ivmSIP24 step in to wreck the day. They swiftly list the entire IP range as bad and demand payment to delist! They make it clear that payment will not guarantee you from being kept off the list in the future and, of course, if you cease paying (because it is a subscription) you will be put back on it.

The only thing missing from their site is “I am haxor and have haxd your system. You send money to my Bitcoin address or I release private picture hra hra hra”

This type of scam/blackmail/racketeering is nothing new but it is the first time I’ve seen this type of list used by a big email provider – Mimecast. Why in the merry hell is such a large company allowing these cretinous individuals to hold email administrators to ransom.

Leave a Reply

Your e-mail address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Proudly powered by WordPress | Theme: Baskerville 2 by Anders Noren.

Up ↑