Blacklists and Spamhause

A Pipe and a Keyboard Posted on by

I see Himself has been having a side swipe at my clients.

Maybe not the best of business ideas, but I doubt that they read his rants, so hopefully no damage will be done.

There have been a number of complaints from clients who have been unable to send mails from their accounts.  As they share a mail server with others who have no problems, this led to some investigations.

All these clients complained of the same symptoms – they were able to receive mail, but were unable to send any except via the web interface.  In each case, their mail client configuration was correct.  If I set myself up an account on their domains I was able to send with no problems.  So what was the cause?

I did some sleuthing and found the problem.

In each case, their local IP had ended up on a spam blacklist, Spamhause seem to be one of the major ‘offenders’ here.  The latter seem to be very enthusiastic in their efforts which is fair enough but it does lead to problems.

One client in particular consistently fails to send mails. 

His IP address is listed on Spamhause who claim his PC contains malicious software.  We checked the PC rigorously and found it to be clean.  His is the only device using that connection.

As his ISP provides dynamic addressing, I checked the other IP addresses in the block.  All were blacklisted on Spamhause, therefore reconnecting to obtain a different IP wasn’t going to work.

I contacted the ISP and explained the situation.  They claimed it was the mail server that was blocked.  I told them it was my server and assured them that not only was it clean but that it did not appear on any blacklist.  They finally conceded that it was their addresses that were at fault.  They maintained that it was up to my client to contact Spamhause.

Now, we have a bit of a conundrum here.

If my client gets his IP cleared, his connection is going to fail the next time he gets a new address. 

The ISP maintain they can’t clear the addresses, as they cannot give any guarantee that the equipment using those addresses is clean.

Presumably the cause of this mess is that one of the ISP’s clients has an infected machine and each time he is allocated a new address, Spamhause blocks it, until all the IP addresses in the range are blacklisted.

It is one of the lesser known side effects of viruses and spam and it is damned irritating.

Comments

Blacklists and Spamhause — 3 Comments

  1. Sorry Richard, I’m using you as a test case. I’ve just switched to an iMac in my living room and am having a devil of a time accessing blogger sites. Hosted or WordPress are fine. Sorry for the inconvenience but I’m trying to prove a point.

    Reply

  3. It is one of the main issues with dynamic IP allocating in any medium. Once one person flips a switch, then they will progressively flip all switches until everyone using the addresses is blocked.

    I know it’s a bad example, but it’s like everyone in DCU vandalising Wikipedia via the wireless network getting the IPs blocked from editing by unregistered users.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

HTML tags allowed in your comment: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>