Re: [IMail Forum] CBL removal

Tue, 23 Jan 2007 17:05:49 -0800 

Darin,
If they shared their spamtraps, or any information that could help to identify them, it would pretty much make that spamtrap useless because it could be easily polluted. I doubt that they will help. I'm sure they get dozens of such requests each day and wouldn't have the time even if they were willing. 


I have a strict policy of not allowing bulk-mail from my hosted mail 
service.  I allow 250 messages per day per address, and I don't allow 
them to game the system by doing 250 on one and then switching to 
another and doing 250 there.  While we am certainly not a large E-mail 
host (we mostly provide E-mail gateway spam blocking), we have never 
been blacklisted by any source that I am aware of, i.e. AOL, Comcast, 
Hotmail, and various RBL's.  I credit it to both our very high spam 
block rates and also our policies of restricting hosted E-mail to 
non-automated, non-bulk communications.  We do provide list services for 
those that need bulk mail, though we do not service mailings that are 
primarily advertising (must be primarily informative), and we have this 
sent from unique IP's in order to separate it from hosted E-mail.



You might want to consider splitting this traffic apart.  Sandy has 
indicated that IMail can do this by binding a domain to an IP that is on 
a seperate NIC.  I haven't tried this, so I can't vouch for it, but if 
it works, that would be a pretty good solution.  NIC's are much cheaper 
than new servers and software, and you won't have issues with CBL and 
others if in fact it is your user's bulk-mail that is the cause.



If your users are the cause, and they are hitting spam traps, then this 
means that without a doubt, they are either harvesting addresses or 
purchasing addresses (which were harvested).  I would generally think 
that autoresponders are the more likely cause.


Matt




Darin Cox wrote:

We only send notices for banned attachments to the recipient, not 
sender, so that shouldn't be it.
 
As for other possible email to a spamtrap, we have one customer 
who sends out a few thousand emails a week to their customers, and a 
few that send up to a hundred or so messages on an infrequent basis, 
but in general we have discouraged email marketing among our customer 
base, except to their actual customers.  And by customers I mean that 
they actually do business with, not simply opt-in.
 
Good point about leakage from dictionary attacks and autoresponders.  
I've asked them what they can reveal about any messages received in 
their spamtraps so we can track down the root cause.
 
BTW, they have dropped a permanent whitelist for IMail customers now 
with IMail 2006.1 available.  However, they will extend the relist 
exemption for longer than the standard 3 days to give mail admins time 
to upgrade.
 
Darin.
 
 
----- Original Message -----

*From:* Matt <mailto:[EMAIL PROTECTED]>

*To:* [email protected] 
<mailto:[email protected]>

*Sent:* Tuesday, January 23, 2007 6:22 PM
*Subject:* Re: [IMail Forum] CBL removal

Darin,


The only way to get on their list is to have your server send a 
message to their spam traps AND to have a symptom that is reminiscent 
of a zombie (DUL IP space, IP in the reverse DNS entry, different HELO 
names on multiple samples, and others).  My guess is that it could be 
due to backscatter from sending banned executable attachment notices 
to forged senders or users with autoresponders replying to leaked spam.


Matt



Darin Cox wrote:

Right.  Unfortunately due to webmail issues, we have to wait for 
2006.2 before we can use the upgrade we purchase Nov 2005.
 
CBL told us they just whitelisted us for 3 days.  I thought they had 
a list to exempt IMail servers?


Darin.

 
 
----- Original Message -----

*From:* John T (Lists) <mailto:[EMAIL PROTECTED]>

*To:* [email protected] 
<mailto:[email protected]>

*Sent:* Tuesday, January 23, 2007 5:48 PM
*Subject:* RE: [IMail Forum] CBL removal


In Imail 2006.1 and above, you can configure what name is used during 
the HELO.



 


**John T**

**eServices For You**


**** 


*"Life is a succession of lessons which must be lived to be understood."*

*Ralph Waldo Emerson (1802-1882)*


** 

 


-----Original Message-----

*From:* [EMAIL PROTECTED] 
<mailto:[EMAIL PROTECTED]> 
[mailto:[EMAIL PROTECTED] *On Behalf Of *Darin Cox

*Sent:* Tuesday, January 23, 2007 1:35 PM
*To:* [email protected]
*Subject:* Re: [IMail Forum] CBL removal


 

I just confirmed that we're off.  Hopefully we were added to the list 
of IMail servers that they exempt so it does not happen again.



Darin.


 

 


----- Original Message -----

*From:* Matt <mailto:[EMAIL PROTECTED]>


*To:* [email protected] 
<mailto:[email protected]>


*Sent:* Tuesday, January 23, 2007 4:21 PM

*Subject:* Re: [IMail Forum] CBL removal


 

Their removal tool always worked when I tried it.  I'm sure there is 
a little delay, but not longer than maybe 3 hours.  The only time 
they will not automatically delist is if the same IP has been 
repeatedly delisted and relisted.


Matt



Darin Cox wrote:


Anyone know how long it takes CBL to respond to delist requests, or 
if there's a way to expedite it?



 


We got listed last night due to the IMail hostname issue.


 

I'm amazed at the number of large providers, e.g. Time Warner and 
MSN/Hotmail, that block on a single blacklist.  Not a good practice.  
Though I probably shouldn't be too surprised given the issues with 
MSN/Hotmail, and the spam problems experienced typically by Time 
Warner users.



Darin.


 

 


----- Original Message -----

*From:* Matt <mailto:[EMAIL PROTECTED]>


*To:* [email protected] 
<mailto:[email protected]>


*Sent:* Tuesday, January 16, 2007 10:01 AM

*Subject:* Re: [IMail Forum] OT: SSL Cert's


 

If you are a Wild West Domains (GoDaddy) reseller, I believe that you 
can turn off such things.  I recently changed over to them because I 
wanted my customers to self-bill and their prices can't be beat.  I 
turned off everything except for domains in the interface, and that 
keeps it from cross-selling non-domain items during the process.



It may be that one of the check boxes during checkout might enable 
the messages that push such things.  It would be alarming if they 
were actually pushing things for GoDaddy when I am a Wild West 
Domains reseller, and it would be odd for them to push services as a 
part of my reselling that I don't offer.


Matt



Darin Cox wrote:

We get them where we are the registrant.  About once a month.


Darin.


 

 


----- Original Message -----

*From:* Heimir Eidskrem <mailto:[EMAIL PROTECTED]>


*To:* [email protected] 
<mailto:[email protected]>


*Sent:* Tuesday, January 16, 2007 9:45 AM

*Subject:* Re: [IMail Forum] OT: SSL Cert's


 

We have probably 50+ domains where are the registrant and I can not 
recall receiving any emails like that.

But its good to know they do pursue our customers.

Thanks,




Darin Cox wrote:


Are you the registrant, or is your customer?  If your customer is the 
registrant, you can bet that they are receiving emails from GoDaddy 
advertising hosting services.  You may have been lucky and not had 
any jump ship yet.



Darin.


 

 


----- Original Message -----

*From:* Heimir Eidskrem <mailto:[EMAIL PROTECTED]>


*To:* [email protected] 
<mailto:[email protected]>


*Sent:* Tuesday, January 16, 2007 9:18 AM

*Subject:* Re: [IMail Forum] OT: SSL Cert's


 

We have tons of godaddy domains that we own and control for our 
customers.
Never had one problem with godaddy solicitation and no bad reports 
either.


Please explain what kind of problems you ran into.



Matrosity Tech Support wrote:


We'll be moving away from godaddy due to their solicitation of 
customers. Probably use tucows as a registrant since they don't host 
websites.


Bill Foresman

MatrosityHosting.com

850.656.2644


*From:* [EMAIL PROTECTED] 
<mailto:[EMAIL PROTECTED]> 
[mailto:[EMAIL PROTECTED] *On Behalf Of *Darin Cox

*Sent:* Tuesday, January 16, 2007 8:41 AM

*To:* [email protected] 
<mailto:[email protected]>

*Subject:* Re: [IMail Forum] OT: SSL Cert's

Well.. $10-$13.95/yr.  That's quite a deal.


We have not had any trouble at all with the GoDaddy intermediate 
cert, and it is a one-time installation, but it sounds like RapidSSL 
is cheaper, turns them around just as fast, and has the advantage of 
the root cert so no need to install the intermediate cert.



Darin.

----- Original Message -----

*From:* Matt <mailto:[EMAIL PROTECTED]>


*To:* [email protected] 
<mailto:[email protected]>


*Sent:* Tuesday, January 16, 2007 8:32 AM

*Subject:* Re: [IMail Forum] OT: SSL Cert's

Anthony,


RapidSSL is owned by GeoTrust and uses their root so it is recognized 
with every browser that GeoTrust is.  GoDaddy's certs do not have the 
same browser coverage as GeoTrust/RapidSSL, and it therefore they 
aren't as good as they look.



To boot, a place called ServerTastic has unbelievable prices on the 
certs.  Just buy your credits from them:



    
http://www.servertastic.com/store/product.asp?numRecordPosition=1&P_ID=222 
<http://www.servertastic.com/store/product.asp?numRecordPosition=1&P_ID=222>



Domains that aren't flagged by their anti-fraud measures (things like 
"bank" or "finance" in the domain name) take about 3 minutes from 
start to finish if you have everything in front of you.


Matt



Anthony Polselli wrote:


Someone here mentioned RapidSSL.com for SSL cert's, they are a lot 
cheaper then Verisign.  But in searching the net, godaddy.com has one 
for $19.99 per year, and another for $89.99 per year.  Has anyone 
used RapidSSL or GoDaddy and had good luck?  Any problems with using 
them?  What do others use?


Thanks,

Anthony Polselli

Matrix Information Systems, Inc.

Phone: (858) 202-0300


 

 

























					Reply via email to