July 6, 2004

How to get falsely blacklisted for running an open spam relay

Author: Robin 'Roblimo' Miller

It's easy. Just sign up with an ISP that issues dynamic IP addresses. That's how I got on several email "black hole" lists meant to stop spam, even though I don't spam and my system has never operated as an open relay. If you use an ISP that doesn't give you a stable IP address, you may be on one or more spam blacklists, too -- and you may not necessarily know it. Then comes the fun part: Getting off those lists can be a lot harder than getting on them.Last year my wife and I moved to a house where the only broadband Internet service we could get was through a telephone company we'll call "Herizon" (in order to obscure its true identity). Not long after that move, people started telling me that they didn't get emails I'd sent. I'd look in my "sent" folder and see those emails, but I saw no "bounce" messages for them, so as far as I could tell from my end they'd gone through. But this was not a frequent occurence, so I didn't think about it a lot.

Then, one day a few months ago, I stopped being able to post messages to my local LUG's email list. Puzzling. The list owner whitelisted my IP and that took care of that. Then, a few weeks later, I couldn't send to the list again. A month later, I could. But when I could send to the LUG list again, at the same time some of my coworkers noticed that email I sent to OSDN internal corporate email addresses wasn't coming through. I got no bounce messages. It was as if my emails were disappearing into a black hole.

This was, indeed, the case. OSDN's corporate parent, VA Software, uses a prominent black hole list to help filter spam. And my latest IP address was shown on the black hole list as a "potential open relay."

The reason given for this classification by the black hole list administrator was a single email test last September in which the IP address I was assigned in June, 2004, was shown as a "potential" open relay. Perhaps that IP address was running an open relay last September. I have no idea. I had a different IP address back then, so *I* certainly didn't belong on that black hole list.

There are ways to find out if your IP address is on black hole lists. This Multi-RBL check is free, and there are many other free ones out there, plus a growing number of commercial services that will monitor them for a fee.

Most black hole services will take you off their lists if you ask politely. The problem comes when you don't control your IP address, and the ISP that does control it doesn't care (or doesn't know) enough to help you get off the black hole lists.

In my case, I called (remember, it's a fictional company) "Herizon" to ask what they would do if they got a confirmation email from black hole list administrators about (fictional) IP address 4.4.122.xxx. I was on hold for about 10 minutes, then got a live person who identified herself as "Vanessa" -- and sounded like she was about 17 years old. I explained my problem to her, and in return she asked me if I was using Outlook Express.

"How is that relevent?" I asked. "You don't have the slightest idea what I'm talking about, do you?"

Vanessa: "I can help you, sir. Thank you for your patience. What operating system do you use?"

Me: "What operating system would you like me to use? My question has nothing to do with operating systems. I have several operating systems on my home network, and I'm connected to the DSL modem through a wireless access point, anyway."

Vanessa: "What color are the lights on your DSL modem, sir?"

Me: "This has nothing to do with the DSL modem or my computers, which are all working fine. This needs attention from your network admins. You really don't know what I'm talking about, do you?"

Vanessa: "I can help you, sir. Thank you for your patience. Did you say you are using Outlook or Outlook Express?"

Me: "I'm using Linux."

Vanessa: "Is that an email program, sir?"

Me: "No, it's an operating system. But this doesn't relate to the problem I called about."

Vanessa: "Please hold on, sir."

(30 seconds of hold music)

Vanessa: "Sir, thank you for your patience. We don't support that operating system."

Me: "Of course not. It does't need constant support, and no one who uses Linux would ask you for support, anyway."

Vanessa: "Thank you for..."

Me: "Okay, I'm running out of time. Please get your supervisor."

(90 seconds of hold music)

A new voice came on the line. "This is Sandy," it said.

Me: "Sandy, some black hole lists are blocking my IP address. I can email and ask to have it removed, but they want to send confirmation emails to administrator@Herizon.com, not to me, to confirm that the IP isn't an open relay. Can you make sure those emails are answered?"

Sandy: "I'm afraid we can't do that."

Me: "Well, what do you suggest?"

Sandy: "You could unplug your DSL modem for 30 or 35 minutes, then plug it back in. You might get a new IP address that way."

Me: "Can't you just assign me one?"

Sandy: "Not really... not from here... it's an automated process. All I can tell you to do is what I just told you."

Me: "But that doesn't solve the problem of the blocked IP. It just shoves it off on someone else. And how do I know the new IP I get isn't blocked by at least one list, too?"

Sandy: "It sounds like you should have a static IP, but you need to get business DSL for that. I can transfer you."

Me: (in desperation) "Sure."

(90 seconds on hold)

A new voice says, "This is Ellen for Herizon business services. Can I help you?"

Me: "I'm told the only way I can get a static IP address is to get business DSL service."

Ellen: "Yes, sir. It will cost $79 per month..."

Me: "My residential DSL is only $35..."

Ellen: "...we can have your old service cut off within 24 hours, and your new service started in less than a week, usually."

Me: "You mean, to get a static IP will cost me more than twice as much as I'm paying now, plus my service will be out for a week?"

Ellen: "Well, we can install the new service on a second phone line, then cut off the old service..."

Anyway, what it came down to is that I'd need a second phone to get DSL switched from residential to business service without an interruption, and that would be the only way I could get an IP address I could make sure wasn't on any of the black hole lists -- and be able to keep long enough to make the effort worthwhile.

I'll think about it.

Meanwhile, if I send you an email and you don't get it, it's probably because your ISP or corporate netadmins are subscribing to a black hole service that has blacklisted some of the Herizon dynamic IP addresses I might get assigned. You may have friends or customers whose email is also getting blocked, or your email may be getting blocked on its way to some recipients without your knowledge.

Herizon and other broadband providers could police their networks better to make sure the dynamic IP addresses they control are clean. But Herizon's management people obviously don't care enough about their customers to do that.

But then, why should Herizon management care? If a customer get truly disgusted with spotty email service because of blocked dynamic IP addresses, he or she can always spend twice as much for business service with a static IP address to take care of the problem, which puts more money in Herizon's corporate pockets -- a fine solution to this problem from Herizon's point of view.

But if you're that disgusted customer, it's easy to get the feeling that someone at Herizon is cackling like a bad movie villain over the way they set things up so they can charge you extra to solve their problem.

And then Herizon's executives wonder why people don't trust telecommunications companies -- and act puzzled whenever anyone calls for stricter regulation of their business.


Click Here!