Brand X is under continuous attack from spammers. We really hate spammers a lot. From time to time we install software or rules that are designed to block spam. Once in a while, and we hope it is very rare, someone will complain that real mail is being blocked. The purpose of this page is to help you understand what spam we block, and what to do if you think your legitimate mail is being blocked. 1. WHAT DO WE BLOCK? The spam rules include: If a mail comes from an unidentified IP address not attached to a domain name, just a number only, then we don't accept the mail. All legitimate ISP mail servers have domain names attached. If we block a mail for this reason there will be an error message in the return mail that will explain this. If a mail comes from a mail server which is listed in one of the RBL's (realtime blackhole list) then we block it with an error message that indicates this. The error will say something like "We do not accept mail from spam friendly ISP's such as China Telecom" or "We can not accept your mail as your mail server is in the published list of open relays." We need to see the return mail to see if this is the case. If it is, there are two solutions. Solution #1 is for the mail source to get themselves off the blackhole spammer list. That is the preferred solution. It's usually pretty easy and usually involves upgrading their mail server to a version that is secure against outside spammers. Solution #2 is that we can "whitehole" the server but then we need to affirm that this is the problem, we need to affirm the IP address of the mail server, and we must be in the unfortunate position that solution #1 is not available. There must be some good reason that we should accept mail from this spam-friendly mail server. If a mail comes from a mail server which is a consistent source of "rumplestiltskin" attacks, which is to say, thousands of emails to nonexistent users, a form a denial of service attack - then we will firewall the attacker. This prevents the masses of mail from swamping our server. There will be no error messages - the returned mail will simply say that the recipient server was not found (not found because the sender is blocked in the firewall). Again, we need to see if this is the case by looking at the return mail to verify the mail server IP address. Once we have that IP address we can compare it against the block list. Generally we recycle the block list every couple of days so this problem usually fixes itself. We assume that spammers move around every few days so there is no reason for us to keep a block list longer than that. Again, we need the ip address of the mail server to check. 2. HOW TO DETERMINE IF MAIL IS BLACKHOLED First, have a look at the mail and see why it is blocked. Often there will be a message. More often than not, when people think their mail is being blocked, in fact, there is some other problem. For example, sometimes the recipient address will be misspelled. Sometimes people will send mail to brandx.com instead of brandx.net, or some similar error. Please check carefully. If the email is returned because of one of the blackhole lists - then read and see why this is. Most of the time it means that the specified mail server is either a known spam source (china telecom) or a known open relay (often these are individuals on cable modems or dsl lines that have old mail software and aren't technically sophisticated, and their mail servers have been hijacked by spammers). Many of the blackhole lists have sites that you can look at to see why a certain mail server has been banned. A good explanatino of this is found at http://mail-abuse.org/rbl/. There are instructions on how to deal with the issue at http://mail-abuse.org/rbl/enduser.html. By going through these pages you should be able to determine whether or not your mail server is blackholed. In general, you can learn an awful lot by looking at the return message to see what it says. 3. WHAT TO DO IF YOU SEE THAT A MAIL SERVER YOU LOVE AND TRUST, IS ON THE BLACKHOLE LISTS First, please keep in mind that it is the mail server that is the problem, not us. They have an obligation to keep their mail servers spam free, and by allowing spam, they are negligent and they are creating work for everyone. We hate dealing with spammers and we hate working for free to solve problems they create. Just because someone is on a blackhole list doesn't mean they are bad people. They could just be technically incompetent. A legitimate, honest operation will be very apologetic about finding that their mail server has been compromised, and they will quickly move to solve the problem. On the other hand, if an internet service is a consistent spam source, and they can't, or won't do anything about it, consider dumping them. By supporting a spam-friendly ISP, you potentially could be making things a lot worse for a lot of people. Honest ISPs, even big ones like Earthlink and AOL, don't tolerate spam. Lay the blame where it belongs. 4. HOW TO GET A SERVER WHITEHOLED If you believe that a server has been unjustly blackholed, for example, if it appears that somehow or other one of the blackhole lists has trashed all of AOL, we can over-ride the blackhole list by putting this same server in our whitehole list. In certain cases, we have "whiteholed" servers, which means to allow them mail access, even though we know they are spam friends. We really hate doing this. If you think a mail server should be whiteholed, please send the following to support@brandx.net a) an example of a bounced mail, showing the complete error message and the ip address of the mail server (not just the return address of the sender) b) a test showing why the spam was bounced (this may be in the return mail, or you may need to go to the site that relates to the blackhole list) c) an explanation of why this server should be whiteholed (for example "it appears that the blackhole lists have banned AOL - please put them in the whitehole list - tons of people use them for real mail" would be a good reason.) Don't assume that we know what is going on - you have to tell us and make it very clear what is going on and what you want us to do. Don't just send us an email saying "My friend Ricky says brandx won't accept his email" because we won't be able to do anything about it. Remember, we are here to help! We try to do our best, within the reasonable limits of reality, to block lots of spam but block zero real mail. We're on your side here, and we're doing our best to provide excellent service. Every system designed by humans can potentially have errors - but if we see an error we will do our best!Report SPAM to abuse@brandx.net
Click here to determine who owns an IP address or domain name in order to notify the ISP that someone is sending email viruses. http://www.geektools.com/cgi-bin/proxy.cgi
If you're interested in getting into reporting the spam you receive, see http://smapcop.net
See http://spamcop.net/fom-serve/cache/19.html for info on how to get the full headers of an email.