NinerNet Communications™
Blog

Corporate Blog

Mail server in and out of capricious blacklist

10 March 2020 02:33:48 +0000

As you’re aware, we work hard to ensure that our mail servers do not get into blacklists. On the rare occasion that one of our IP addresses is blacklisted, we investigate the cause of the problem, fix the problem (often a client with a compromised machine) and (if possible) try to have our IP address removed from the blacklist. Often though, manual removal from the blacklist is unnecessary, as modern, well-maintained blacklists are automated, and offending IP addresses are removed very soon after they no longer show any signs of sending spam.

It’s not often any more that we run into old-style blacklists — blacklists that are poorly maintained, that blacklist huge swathes of the Internet, or that offer no discernible removal process — but there are still some of them out there. Not many are used by mail servers that accept email on behalf of any sizeable number of users, but we have run into one that happens to fit that exact trifecta: urbl.hostedemail.com.

This blacklist is used by Hostedemail(.com), a subsidiary of OpenSRS/Tucows. Good luck getting to their website though, as one doesn’t exist. Their email hosting service is a white-label service sold by their resellers, and they don’t even have a way for other mail server administrators to contact them, to search their blacklist or ask to be taken out of it.

Thankfully though, we are still hanging onto our own long-established reseller account with OpenSRS, and we contacted them about this block of our (non-resold) primary mail server (NC036). We first did this in February when we noticed that email from some clients was being blocked with this error message:

host mx.DOMAIN.com.cust.a.hostedemail.com[216.40.42.4] refused to talk to me: 554 5.7.1 Service unavailable; Client host [178.62.195.26] blocked using urbl.hostedemail.com; Your IP has been manually blacklisted

(It was the reference to being “manually blacklisted” that really got our attention, as this is a hallmark of the aforementioned poorly maintained blacklists.)

OpenSRS responded quickly, and we were removed from the blacklist within about eight hours. But we were surprised to see, a couple of weeks later in March, that we were blacklisted again, so we contacted OpenSRS yet again. The response this time was much slower, but we have again been removed. This time, however, we pressed for an explanation for the block, as we are not listed in about 300 other blacklists that are more widely used. This is part of their response:

I am just replying back on the RBL listing you inquired about and I can confirm the IP was once again de-listed but I did get some additional information for you as requested. I needed to do a bit of checking but the IP 178.62.195.26 is provided by RIPE Network Coordination Centre, the IP assigned to the user by the hosting provider carries the reputation of the rest of the CIDR. The nature of VPS/Shared IPs is to be disposable …. But of course for the time being we have de-listed the IP but assuming nothing changes its [sic] likely it will be listed again in the future.

This kind of outdated thinking is another of the hallmarks of old-style blacklists: blacklisting half of the Internet based on some outmoded way of thinking that died off around the end of the twentieth century. Essentially, Hostedemail.com is blacklisting all IP addresses in major data centres around the world, which is very counterproductive for their own customers.

We’ll be contacting individual clients whose emails were blocked by this blacklist to point them to this post, and we recommend that if your email is blocked with the above message you contact your correspondent by some other means to advise them to move to a more enlightened mail service provider.


Update, 2019-03-19: Our primary mail server is again blacklisted by this one mail provider in the world out of about 300 major blacklists we have checked. OpenSRS/Tucows/Hostedemail warned us this would happen, so we’re not surprised. We can take no further logical action against an illogical practice. We’re sorry to those clients who are affected, but we again suggest that you tell your correspondents to move to an email service provider that doesn’t run their mail servers based on practices from the last century.

Domain block removed

11 June 2012 10:53:57 +0000

The following four domains that were blocked a couple of weeks ago have been unblocked after liaising with the company involved:

  • cfcsprl.com
  • congofret.com
  • impala-wl.com
  • trafigura.com

Thanks for your patience while we worked to resolve this issue.

Domains blocked

21 May 2012 14:55:21 +0000

We have taken the unusual step of blocking mail to and from certain domains on our primary mail server that are not (to our knowledge) sources of spam. These domains are:

  • cfcsprl.com
  • congofret.com
  • impala-wl.com
  • trafigura.com

We have blocked email to these domains because their mail servers — all hosted by the same company — while appearing to be up, do not accept any email. Instead of immediately rejecting email with either permanent (5xx) or temporary (4xx) errors, they hold open the connection from our mail server until it times out. This has a significant negative impact on other email sent by our clients.

Adding to the issue is that the domains associated with the mail servers and nameservers of their hosting provider — smtpdaemon.net and dnsdaemon.net — do not resolve to websites, and the identity of the owner of these domains is hidden behind a WHOIS privacy service. This means that this hosting company does not want to reveal who they are or how to contact them.

We regret the necessity to make this decision, and will revisit it in the future should circumstances change or if new or changed information is brought to light.

As always, please contact NinerNet support should you have any questions or concerns.

NinerNet home page

Subscriptions:

RSS icon. RSS

General Information:

This is the corporate blog of NinerNet Communications. It's where we post announcements, inform and educate our clients, and discuss issues related to the Internet (web and email) hosting business and all it entails. This includes concomitant industries and activities such as domain registration, SSL/TLS certificates, online back-up, virtual private servers (VPS), cloud hosting, etc. Please visit our main website for more information about us.

Search:

 

Recent Posts:

Archives:

Categories:

Tags:

accounts receivable apple billing branding cira contact information domain registration domain registry of canada domain renewals domains domain sales dot-ca domains dot-zm domains down time droc email encryption facebook google happy hosting customers hosting transfer icann invoices iphone kwacha maintenance paying your bill paying your invoice quarterly kwacha rate review rates registrar transfers reputation scams search engine optimisation search engine optimization security seo service hours spam ssl ssl/tls support transparency wordpress zamnet

Resources:

On NinerNet: