Results 1 to 13 of 13
  1. #1

    Server, not spamming, blocked by Spamhaus

    We've got a client who has a server hosted with a pretty well known hosting company. I was wondering why an important site went cold - dead. I ended up finding out about the below item. They tell me they know that the VPS in question and the IP addresses aren't a problem. However, they are shutting down the entire block. This means that Microsoft systems are shut down, e.g. Hotmail, Outlook, Outlook 365 etc.

    The question is what to do when Spamhaus tells you to get lost because others, who can be filtered out, aren't going to be filtered out by IP address and they are shutting all of you down? Right now it looks like needing to get a separate SMTP server or service elsewhere, which defeats the whole purpose of having set up the VPS. Moving... what a total PITA that would seem to be, especially since 2 sites have a few GB worth of images, data, etc. I don't think there is an alternative way to deal with this and when Spamhaus tells you off, you're screwed. Would appreciate input of others who have encountered this before terminating the relationship with the hosting company.


    ---------------

    Subject: Re: SBL00000 192.1.1.168/16

    Hello,

    Our monitoring of this network has shown far to much spam being send from it and hosted on IP space there. At this time, we must continue to advise our users that it is not safe to accept, or filter, traffic from the network.

    We understand that your systems are probably not part of this problem, but the problem is with the entire network you are hosting with. Until they finally decide to step-up and spend some effort to lock down the abusers signing up on their network, we cannot remove this (and other) listings tied to this network.

    We hope that the network owners are implementing the changes to solve this issue they have eluded to in the past, but if this does not resolve, we suggest looking into other ways to route your SMTP email traffic.

    --
    Regards,

    The Spamhaus Project Removals Team
    http://www.spamhaus.org

  2. #2
    As far I know Spamhaus blocks the entire block when they are seeing large number of spam from same block and DC does take any action to prevent further abuse from their IP addresses.
    || Web Hosting Blog - Web Hosting security & latest web hosting industry Announcements
    || Web Hosting Discussion - A Web Hosting community

  3. #3
    Join Date
    Mar 2014
    Posts
    292
    Sign up for a $5 VPS and route your outbound mail through it.

    Simple quick fix, and easy to change later on if you run into it again.

  4. #4
    Join Date
    Nov 2010
    Posts
    107
    Have you asked your provider for a new IP on a different range?

  5. #5
    Join Date
    Nov 2004
    Location
    Australia
    Posts
    1,737
    Easy. Use sendgrid, mandrill or one of the other transactional mail sending plugins/systems. Also AWS's SES would work.

    These all setup as standard outgoing SMTP servers so setup is usually trivial.

  6. #6
    Join Date
    Feb 2005
    Location
    localhost
    Posts
    5,473
    Quote Originally Posted by badhat View Post
    I was wondering why an important site went cold - dead.
    Why would the site go dead were they sending emails?
    Respectfully,
    Mr. Terrence

  7. #7
    Thanks guys - it's what I anticipated, no ability to clear the IP address easily. It took some additional tickets but they offered to route the email via another IP, which I'm guessing is a mail server since they didn't offer to relocate the VPS to another IP. I'm going to move them elsewhere since they can also get a slight hardware upgrade at a lower cost for what is needed.

    MrTerrence - they send out a few dozen emails a month for a small community site. The problem is unfortunately the elsewhere and, as Kailish12 said, they block the block.

  8. #8
    Join Date
    Jun 2012
    Posts
    423
    Quote Originally Posted by brianoz View Post
    Easy. Use sendgrid, mandrill or one of the other transactional mail sending plugins/systems. Also AWS's SES would work.
    We automatically mark emails from these networks as spam across our MTAs. I know a few other admins that do the same.

    I have yet to see a valid email coming from them that's not hitting our honeypots with spam, and I have yet to receive a single complaint from our customers that an email from these networks is ending up in their Junk folders by mistake.

    Just sayin'.

  9. #9
    Join Date
    Feb 2005
    Location
    localhost
    Posts
    5,473
    Quote Originally Posted by badhat View Post
    MrTerrence - they send out a few dozen emails a month for a small community site. The problem is unfortunately the elsewhere and, as Kailish12 said, they block the block.
    Are they sending it to opt-in contacts with no complaints? if not it could happen again at your new provider.
    Respectfully,
    Mr. Terrence

  10. #10
    Quote Originally Posted by Mr Terrence View Post
    Are they sending it to opt-in contacts with no complaints? if not it could happen again at your new provider.
    Thanks for the warning - it is 100% not the client and definitely the block as Spamhaus says in their email. In addition, the email had the block listed, not the VPS IP address so they banned the entire block. All of the client's work is opt in by the user, simple registration forms and notification of new replies. Users aren't getting any replies, don't return, etc. New users don't get registration emails and think the places are dead.

  11. #11
    Guys - thanks so much for the alternatives. I'm now in the process of moving them to another host since I just can't trust that this won't happen again and I can only wonder what other problems we might have. With a slightly faster VPS using SSD and a little quicker processor, it's a win-win by just moving and not having to resort to alternatives. Ironic that the billing was coming up for renewal in 5 days. I reported this issue to them with pelnty of lead time and it never got cleared properly.

  12. #12
    Join Date
    Nov 2004
    Location
    Australia
    Posts
    1,737
    Quote Originally Posted by AcheronMedia-VK View Post
    We automatically mark emails from these networks as spam across our MTAs. I know a few other admins that do the same.

    I have yet to see a valid email coming from them that's not hitting our honeypots with spam, and I have yet to receive a single complaint from our customers that an email from these networks is ending up in their Junk folders by mistake
    Can't argue with that!

    Do you block SES as well? That would seem a little unfair as they are pretty careful about spam - or at least I thought they were?

    It's disappointing that these aren't filtering spam as well as I'd have expected!

  13. #13
    Join Date
    Jun 2012
    Posts
    423
    Quote Originally Posted by brianoz View Post
    Do you block SES as well? That would seem a little unfair as they are pretty careful about spam - or at least I thought they were?

    I should've said we mark toward spam, not as spam, and yes SES included. We don't really block them, just increase score and our clients always receive them, just not in the INBOX but Junk folder, if the spam threshold is reached.

    But according to my statistics, more than 95% of the mails from these networks are finally marked as spam because they are spammy additionally to our spam score markup, mostly carrying blacklisted URLs, or having too images and too little text, stuff like that which cumulatively causes SpamAssassin to object. Some would've reached the threshold even without our markup just based on regular SpamAssassin checks.
    Last edited by AcheronMedia-VK; 01-21-2015 at 06:08 AM. Reason: typos

Similar Threads

  1. New email address blocked by Spamhaus - or is it an smtp authenticiation problem?
    By Host Ghost in forum Hosting Security and Technology
    Replies: 1
    Last Post: 08-27-2014, 11:35 PM
  2. Spamhaus block 255 ips because one is spamming?
    By internetbug256 in forum Hosting Security and Technology
    Replies: 17
    Last Post: 10-10-2012, 07:39 AM
  3. IP Blocked By Spamhaus
    By Isriyanti in forum Hosting Security and Technology
    Replies: 5
    Last Post: 08-12-2007, 09:16 PM
  4. Replies: 12
    Last Post: 08-25-2005, 03:22 AM
  5. spamming, SPEWS, and Blocked IPs
    By rokali in forum Web Hosting
    Replies: 5
    Last Post: 08-06-2003, 04:10 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •