I would suggest that pay for play delisting fees, like those at
backscatterer.org, blur the line extremely between the spammers who
abuse us and the services that try to make money off legitimate
servers who follow RFCs. And too, what's to say that the spammers
themselves are intimately involved in the pay for play delisting
services? Why, spammers can create the need for the delisting payments
simply by increasing the spam output and make more money and and at
both ends.
Ron Smith
postmas...@pmbx.net
"Having an email problem is painful, but character-building."
On May 28, 2009, at 9:47 AM, Neil Schwartzman wrote:
On 28/05/09 9:35 AM, "Matt" <lm7...@gmail.com> wrote:
Is there a reason the Barracuda blacklist is not in the official
checks by
Spamassassin yet? I keep thinking sometime "sa-update -D" will add
it but
have yet to see it.
I would like to add some perspective to potential use of the BRBL.
Three weeks ago, I began requesting de-listings of any IP (active or
suspended) on Certified that was listed on the Barracuda BRBL. When I
started on April 29 there were 431 such IPs, as of today there are
22, of
those there are 5 repeat listings.
Of interest is the verbiage Barracuda sends to listees, stating
repeatedly
that the IP is on a compromised host. I suspect this is incorrect as
these
IPs never had listings on other DNSBLs dealing with such issues,
like the
CBL. They also assert the mail is not CANSPAM compliant. This
would imply
either using the Lashback DNSBL or similar service if such exists,
or manual
parsing of the payload. None of the listed IPs showed up on the
Lashback
list.
I dont know what to make of this.
One aspect of note is their heavy reference during the delisting
process to
their pay-for-play whitelist, Emailreg.org (I signed up one of my
domains
at the service to see how it worked). They suggest that registration
therein
will help to avoid inadvertent listings, but that does raise the
question
how a listing due to compromise or lack of CANSPAM compliance could
ever be
inadvertent.
I certainly do not think we should ever suggest or recommend to
clients to
make use of the Emailreg.org service, it works on a per domain basis
and
this could become very expensive for large senders at $20/each.
Also, it is
not clear if domains and sub-domains are treated as equivalents.
-----------------------------------------------------------------
Thank you for contacting Barracuda Networks regarding your issue.
Your
issue is important to us. We have assigned a confirmation number:
BBR21243333460-MUNGED to this case.
We apologize for any inconvenience that this may have caused you.
Since
this is is your first request for this IP, the reputation of this IP
address
will be temporarily upgraded from "poor" for 48 hours *or* until we
complete
our investigation. When our investigation is complete, you will
receive a
decision via email. It may take up to 1 hour for the changes in the
Barracuda Reputation System to propagate to all the Barracuda Spam
Firewalls
in the world.
There are a number of reasons your IP address may have been listed as
"poor", including:
1. The email server at this IP address contains a virus and has been
sending
out spam
2. The email server at this IP address may be configured incorrectly
3. The PC at this IP address may be infected with a virus or botnet
software
program
4. An individual in the organization at this IP address may have a PC
infected with a virus or botnet program
5. This IP address may be a dynamic IP address which was previously
utilized
by a known spammer
6. The marketing department of a company at this IP address may be
sending
out bulk emails that do not comply with the CAN-SPAM Act
7. This IP address may have a insecure wireless network attached to
it which
could allow unknown users to use it's network connection to send out
bulk
email
8. In some rare cases, your recipients' Barracuda Spam Firewall may be
misconfigured
--
Neil Schwartzman
Director, Accreditation Security & Standards
Certified | Safelist
Return Path Inc.
0142002038
The opinions contained herein are my personal stance and may not
reflect the
viewpoint of Return Path Inc.
