[SURBL-Discuss] Other SURBL lists then from surbl.org?

jkinz at kinz.org jkinz at kinz.org
Thu Aug 20 20:48:36 CEST 2009


On Thu, Aug 20, 2009 at 09:02:48AM -0400, jkinz at kinz.org wrote:
> On Thu, Aug 20, 2009 at 07:33:45AM -0400, Eric McClatchie wrote:
> > I am having emails ending up not delivered whenever a certain domain URL 
> > is in the email. When I check surbl.org lists, the domain is NOT 
> > blacklisted. What other lists should I be looking at?
> > 
> > I also notice when subscribing to this list, the approval email went to 
> > spam on gmail!
> 
> I'm not certain, but I think the list they are misusing is 
> from the service at http://www.us.sorbs.net/ .


Eric - I see that others on this email list have identified "email body
content" blacklists like the ones from
http://www.uribl.com/index.shtml.   

Please do follow up their information.

In order to tell exactly whats happening to your emails, you need
to post the actual message your are getting from the blocking
party, or at least post the message and who you sent it to.
Without that info the problem can't be diagnosed.

I knew there was a good reason I wasn't certain about which list it
was..  The list GD(GoDaddy) is miss-using is the "PBL", published by
SpamHaus.

Spamhaus is one of oldest spam fighting organizations.  [God bless 'em! :) ]

The PBL is a list of IP's that [paraphrased] Spamhaus thinks you should
not allow to deliver emails directly to your email system.
eg - "do not accept direct incoming mail delivery connections from
these locations".

Spamhaus has no problems with people on those IPs having domains
on those IP's, as long as they route their email transmissions 
through a legitimate email relay. NB - NOT an Open relay.

Spamhaus has no problem with people having those domain names 
or IP addresses inside the body of the emails either. GD is the
only group on the web known to have that policy. Having a domain
hosted on a dynamic IP is not an issue - Having an domain known
to have been sending out spam IS an issue, and some of those are
on dynamic IP's, but the two sets are not the same, there is just
some overlap between them.

Here is a much better explanation of the GD problem:
http://techtalk.dreamhosters.com/wordpress/2009/07/17/special-report-whos-your-godaddy/

The Key paragraph from that post to remember is :

"GoDaddy has been alerted to this problem, 
admits that it is incorrectly configured, and ...
are not going to do anything about it."

GD's attitude and actions here indicate that one of these 3
scenarios s taken place inside GD:

1. scenario: GD is attempting to increase revenue by stopping email for
anyone using domains on dynamic IP's hoping to convert victims into
customers paying for domain/web hosting services.  

Analysis: possible but unless they are actively pitching those folks to
convert this one is a low probability. {haven't seen any indications they
are pitching the victims).

2. scenario: GD is reducing costs by filtering all email crossing their
boundaries with one unified filter, thereby simplifying their work
on spam filtering.  

Analysis: Not adding the PBL to a spam filtering tool is usually a
matter of editing a few lines of text or a few mouse clicks, and GD
already denies SMTP connections to IP's on the PBL. So GD is actually
increasing their spam filtering costs a great deal <the PBL is BIG> by
doing this.  The only way I see this happening is that either GD does
not have anyone who actually understands how to configure their email
filters or the admin who had all the passwords left without handing them
over, or they have somehow gotten themselves locked out of their own
system. probability: Low.

#3 scenario: Irrational self-lock in; 
someone's ego is tied to the idea,
someone's emotions are motivating them, (Anger?, Revenge?),
groupthink gone toxic,
Posturing "we are the best spam preventers".

Analysis:  Sad, but higher probability than the other two. 


I suppose other possible causes exist, but these seem to be the
most likely.

J.



More information about the Discuss mailing list