Results 1 to 20 of 20
  1. #1

    How do I avoid IP blacklists?

    G'day

    I am considering using a dedicated server for some up and coming projects.

    one of those projects is an anti spam mail server.

    So it is very important for me to avoid being listed by an ip blacklist.

    the trouble is IP Blacklists use a scattergun approach so although I have an impecable history someone in my IP block may cause the mail to be blocked

    for example I find out this morning the entire subnet I am on is being blocked. 66.230.155.nnn

    How do I protect myself from this ?

  2. #2
    Join Date
    Dec 2002
    Location
    Dallas, TX
    Posts
    222
    You would probably have to go through a dedicated server company that would offer you an entire subnet of IPs for a server. I believe nocster.com can do this, but a lot of their IPs have SPAM listing comments on them.

  3. #3
    Purchasing a subnet is somewhat beyond my reach

    I was wondering if perhaps there was a resource that could be used to look at an IP and its history to see if it had ever been blocked

    If an IP escapes this then the host is probably good.

  4. #4
    Join Date
    Dec 2002
    Location
    Dallas, TX
    Posts
    222
    The problem is if you get an IP and then another server comes along on the same subnet, SPAMs, and gets the subnet blacklisted. Then you are stuck.

  5. #5
    Join Date
    Dec 2002
    Location
    Dallas, TX
    Posts
    222
    Ask the provider ahead of time for an IP for testing. Or tell them you need an IP that is not listed in a SPAM database. Have them use a resource like dnsstuff.com to check it.

    You will still run a risk of getting blacklisted down the road since you will be sharing the subnet with other servers.

  6. #6
    Almost all the hosts I have used till date have their IPs blacklisted on some of the servers I wish to deal with..
    Wholesale Domain Prices for Retail Customers - Rushtoweb.com

  7. #7
    Almost all the hosts I have used till date have their IPs blacklisted on some of the servers I wish to deal with..
    Thats why I believe IP blacklists are as bad as spammers.

    Q/ what's the difference between a spammer and an IP blacklist operator?
    A/ Nothing, neither cares who they hurt with what they do.

  8. #8
    Join Date
    Jan 2003
    Location
    Lake Arrowhead, CA
    Posts
    789

    Re: How do I avoid IP blacklists?

    I believe IP blacklists are as bad as spammers.
    A list is just a list. The problem is administrators who will use subnet blacklists without regard to the (almost always plainly published) false positives subnet lists create.


    How do I protect myself from this ?
    1) Only host with providers who are actively anti-spam. No reputable blacklist will continue to list an IP after being notified by the upstream provider that the spammer has been removed. If your provider won't deal with spammers; find another.

    2) The key word above is reputable. Don't use or support subnet lists or lists which refuse to unblock. You'll almost always be on "someones" blacklist, but who cares? Only ignorant (or just dense) mail administrators are going to use those kind of lists.

    3) When you do find your users blocked by those lists, go straight to the ISP using the list and inform them.


    Like anyone else, I occasionally find our user's email blocked by small town ISPs using out of date RBL data or massive subnet lists and with very few exceptions, simply informing them of the problem is enough. If they don't listen, go straight to their users (the one's who aren't receiving mail). Once the ISP hears their own subscribers complaining, they will invariably fix the problem rather quickly.
    http://www.srohosting.com
    Stability, redundancy and peace of mind

  9. #9
    A list is just a list.
    Yeah right thats what they all say... "I am only providing a list. people don't have to subscribe."

    Spammers say: of course people want our email, just look at how many people purchase from them.

    both are just trying to legitimise themselves, and failing woefully in my opinion.

    I have never signed up with an ISP who condones Spam. and I religiously pass on the information whenever I learn about it

    Most of the time it is not the ISP's fault. someone left a copy of formmail lying around or a fly by night account or whatever.

    And the ipbl operators say things like well don't let it happen again and your listing will expire in 7,10,14 days or whatever.
    some simply don't respond.

    In the meantime my customers decide my service sucks and go elsewhere.

    I stand firm but what I said

    What I want to know is how to weed out the slacker ISP's from the more diligent ISP's

    They all say they don't tolerate spam.

    thanks jasonl813 dnsstuff was a help

  10. #10
    I am considering using a dedicated server for some up and coming projects.
    For dedicated hosting you can ask your provider to you offer just new subnet of IPs, without bad history.

  11. #11
    Join Date
    Oct 2002
    Location
    North America
    Posts
    1,229
    Look folr a hosting provider who has an excellent history with IP blacklists: they've not been blacklisted, or if they have they've acted quickly to get delisted. (It is possible, but requires work on the part of the provider. This is why it's important to find a good one.)

    Lurk on the security newsgroups. See who seems to have an excellent, clean rep. Ask them point blank what their history has been with blacklists. Then go comb a few of the IP blacklist sites to see if the provider, or any C-class blocks belonging to the provider, has ever been listed for an extended period of time.
    Lesli Schauf, TLM Network
    Linux and Windows Hosting: Scribehost

  12. #12
    Join Date
    Jan 2003
    Location
    Lake Arrowhead, CA
    Posts
    789
    Yeah right thats what they all say...
    Did you even read the rest of my post?

    Sure they all say that, and it doesn't matter one bit. Whether or not you think a simple list of IP addresses is in and of itself inherently evil is irrelevent unless you also have means to somehow stop IPBLs from existing altogether. In cases where you are blacklisted without reason, you have to deal with (and educate) the people using the lists, not just fight the lists themselves. There's no way around that. If you could easily deal with the list provider, you probably wouldn't have been listed unfairly in the first place (and wouldn't be posting this question).



    In the meantime my customers decide my service sucks and go elsewhere.
    If you resolve the issue, why would your customers leave? In the entire history if ip blacklists, I have never been unable to convince an ISP of their error if they were blocking a server without valid reason. If you want to do something about the problem: stop wasting your time battling lists directly and go straight to the mail providers who block your user's mail. Sure, they say "we don't maintain the list", but if they use an invalid rbl, then it's their fault and it's up to you and me and every other admin/provider to teach them this.

    Outside of never getting listed in the first place (taking care to research your provider), convincing ISPs not to use subnet lists is the only long term solution.
    Last edited by SROHost; 03-30-2004 at 06:52 PM.
    http://www.srohosting.com
    Stability, redundancy and peace of mind

  13. #13
    Originally posted by SROHost
    Did you even read the rest of my post?[/B]
    ...
    convincing ISPs not to use subnet lists is the only long term solution
    Yes I did, thankyou.

    We have obviously had different experiences.

    On one of my websites I send out hundreds of emails every day, they are for a double optin list. now at least half are forged addresses.
    people trying to get my product without providing a true address.

    Consequently I get a large number of bounced emails. I can't go through them individually and I certainly cannot spend the time it would take to educate rogue ISP's. who by the way are just trying to give their customers the best experience.

    They niavely sign up for an some antispam software that uses a blocking list. And because my email is blocked I can't approach them if I wanted to.

    The lists themselves are at fault. they either shoot far too wide, or they use less than best practices.

    for example honeypots.

    All it takes is one person to crack a siht with you and drop a honeypot address into your optin list and you are blacklisted poste haste.

    Therefore the list maintainers themselves are at fault (there is far fewer of them to try and educate than ISP's).

    But it seems they are intent on punishing rogue ISP's REGARDLESS of the collateral damage.

    Have they stopped spam? I sincerely doubt one spammer has gone out of business because of them. Why? Because spammers like IP blacklist maintainers, simply don't care.

    But I can gaurantee that many peoples customers have gone away unhappy, not realising that the email was sent but not received.

    They may even think that they have unwittingly submitted to a spam mail list.

    Outside of never getting listed in the first place (taking care to research your provider)
    Is that not why I started this thread ?

  14. #14
    Join Date
    Jun 2003
    Location
    VA, USA
    Posts
    504
    Sorry, I'd have to agree that the lists are hogwash. I've luckily never had a problem with getting listed on one or ended up with an IP that was listed on one. But the horror stories I've heard of people being wrongly listed, etc are just too much. Another solution needs to be found to spam, not some list admin that can decide to block a xxx.xxx.*.* because he felt it was better that way. (Yes I know I'm being extreme, but you get the idea)

    As I said, there needs to be another solution.

    Matt Walters
    http://mattwalters.net/ - Weblog

  15. #15
    Join Date
    Aug 2001
    Posts
    1,210
    Originally posted by Managedlinks
    On one of my websites I send out hundreds of emails every day, they are for a double optin list. now at least half are forged addresses. people trying to get my product without providing a true address.
    If your list allows people to sign up with forged addresses, it is not confirmed opt-in. I don't know what "double opt-in" is supposed to mean, but whatever it is, it doesn't appear to be working for you.

    The lists themselves are at fault. they either shoot far too wide, or they use less than best practices.
    Personally, I would concentrate on fixing my mailing list before trying to lay the blame for my troubles on the spammer databases.

    -B
    iptables -I INPUT -s 64.88.128.0/19 -j DROP
    iptables -I INPUT -s 66.111.192.0/18 -j DROP
    iptables-save > /etc/sysconfig/iptables

  16. #16
    Join Date
    Aug 2001
    Posts
    1,210
    Originally posted by mwalters
    I've luckily never had a problem with getting listed on one or ended up with an IP that was listed on one. But the horror stories I've heard of people being wrongly listed, etc are just too much.
    It's been my experience that the overwhelming majority of these "horror stories" are just that, stories. At the core of most, you will usually find a legitimate reason for their listing.

    there needs to be another solution.
    I agree. Finding one though is the difficult part.

    -B
    iptables -I INPUT -s 64.88.128.0/19 -j DROP
    iptables -I INPUT -s 66.111.192.0/18 -j DROP
    iptables-save > /etc/sysconfig/iptables

  17. #17
    Originally posted by TMX
    If your list allows people to sign up with forged addresses, it is not confirmed opt-in. I don't know what "double opt-in" is supposed to mean, but whatever it is, it doesn't appear to be working for you.
    A double optin list is the correct way to create a mail list

    It works like this...
    a surfer provides an email address
    you send an email to that address with a code
    the person then uses that code to confirm they received the email

    Thats why it is called double optin.

    The person has to do two things to confirm they are indeed the owner of that address, any unconfirmed address should be discarded and never used again.

    Its at the very first step that people provide forged addresses. this cannot be stopped.

    The bounces I refer to occur at the second step.

    Personally, I would concentrate on fixing my mailing list before trying to lay the blame for my troubles on the spammer databases.
    I hope that this comment is now in perspective once you realise my lists are as good as they can be.

    No list is perfect and some view an improvement as sending a optin confirmation every six to twelve months. that way if the email address has changed hands the new owner can opt out

    but that could also be called spam so I don't do it.

    my experience that the overwhelming majority of these "horror stories" are just that, stories
    We all have a different set of experiences, you obviously do not have much experience in mailing lists (double optin is the standard mail verification system) and therefore are not really qualified to make such statements.

    I have over 100,000 members on my mail list and am also a member of the IETF's anti spam research organisation, known as the ASRG. so I have a small inkling about what is going on.

    .

  18. #18
    Join Date
    Aug 2001
    Posts
    1,210
    Originally posted by Managedlinks
    A double optin list is the correct way to create a mail list

    It works like this...
    a surfer provides an email address
    you send an email to that address with a code
    the person then uses that code to confirm they received the email

    Thats why it is called double optin.
    The correct term for what you just described above is "confirmed opt-in". The term "double opt-in" was originally coined by proponents of the DMA back when there were concerns of confirmed opt-in being legislated, the purpose being to make the process sound like more trouble than it really was/is. Looking at the actual process, "double opt-in" is a misnomer, as anyone with any time under their belt managing mailing lists or dealing with related spam and blocklisting issues should know.

    We all have a different set of experiences, you obviously do not have much experience in mailing lists (double optin is the standard mail verification system) and therefore are not really qualified to make such statements.
    Please see above - My "I don't know what double opt-in is supposed to mean" comment from my previous post was sarcasm.

    A large amount of my experience is in dealing with spam issues, and occasionally cleaning up after poorly configured and poorly managed lists.

    That said, your original post stated that you send out "hundreds of emails every day" with at least half being forged addresses. My response was based on that statement - a statement which essentially said that your lists were dirty. If, otoh, what you meant to say was that it's the confirmation emails that are going out to forged addresses, which seems to be what you're saying now, you probably could have been a little more clear about it.

    At any rate, I know of no reputable blocklist that will drop you due to misdirected confirmation emails unless they were sent in an unusually high volume, or sent repeatedly, ie; "this is your ninth and final opportunity to confirm your membership......"

    -B
    iptables -I INPUT -s 64.88.128.0/19 -j DROP
    iptables -I INPUT -s 66.111.192.0/18 -j DROP
    iptables-save > /etc/sysconfig/iptables

  19. #19
    Join Date
    Mar 2004
    Location
    Chicago, IL
    Posts
    384
    Originally posted by Managedlinks
    I was wondering if perhaps there was a resource that could be used to look at an IP and its history to see if it had ever been blocked
    drbcheck is a good place to start. Make sure you check the extra links like news abuse and spamcop on the results page.

  20. #20
    Join Date
    Mar 2004
    Location
    Chicago, IL
    Posts
    384
    Originally posted by Managedlinks
    I hope that this comment is now in perspective once you realise my lists are as good as they can be.
    Lists can always be improved. You can add suppression lists for example (permanent opt out). You can create a better signup process (if 50% of your signups use forged email addresses, I would consider reviewing your signup process and find a better way to encourage people to use valid ones). You can make changes to make sure you are complying with all of your recipient ISP's spam policies (an ongoing process). Block lists make the mailer work harder, but I don't see that as a bad thing... and I speak from both sides (mailer and recipient hosts).

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •