Marketing’s Weekly Dose of the Truth

Ken Magill

About Us

An Educational Kerfuffle in Anti-Spam Land

03/01/11

By Ken Magill

Anti-spammers have been skirmishing over the final touches of a best-practices document that has been in the works since 2004.

How important was the kerfuffle to marketers? Not very. But it was somewhat entertaining and it offers the opportunity to gain some insight into a group of people marketers love to hate: operators of anti-spam blacklists.

A project of the Anti-Spam Research Group, the document in question’s aim is to lay out best practices for blacklist operators.

“The idea was there really should be some guidelines out there that say: ‘If you’re going to run a blocklist [anti-spammers’ preferred term for blacklists], these are the things you need to think about and these are the things that people who have been running blocklists for five, seven, 10 years have worked out is an effective way to run a blocklist [and] a good way to manage interactions with people who get listed,” said Laura Atkins, principal at deliverability consultancy Word to the Wise, in an interview with The Magill Report. “The BCP [best common practices] is the collective wisdom of people who have been running blocklists for a long time.”

Anti-spam blacklists, or blocklists, are lists of IP addresses of emailers the lists’ operators have deemed to be spammers. Email inbox providers and administrators can set up their mail-sorting systems to reference any combination of these lists to help them determine if incoming email is spam or not.

A marketer who ends up on a widely used blacklist—Spamhaus, for example—can experience severe email delivery troubles.

Anyone can set up an anti-spam blacklist. It is estimated that there are about 150 of them in operation. Some are more responsible than others.

“Any idiot can run a blocklist and a lot of idiots do,” said John Levine, author of Internet for Dummies and chair of the Anti-Spam Research Group.

However, only a few anti-spam blacklists matter, according to Atkins: SpamCop, Spamhaus, CBL, SURBL and URIBL.

“All the others, everyone kind of looks at and says, ‘yeah, whatever,’” said Atkins.

As a result, a marketer can get listed on any of about 147 different blacklists and it won’t matter.

“It’s important for marketers to understand that there are a lot of blocklists out there and that not all of them are worth paying attention to,” said Atkins.

She said sometimes marketers will find out they’re listed on some Podunk blacklist while at the same time see that their email is being blocked by an ISP and wrongly assume the blacklist is responsible for blocking their email.

“Just because you find out that an IP address is on a blocklist does not mean that that blocklist is responsible for your mail bouncing at various ISPs,” she said. “There may be correlations. If you’re doing something that gets you listed on a blocklist, it’s very likely that some ISP may take exception to that and block you mail or temp fail you or whatever, but that does not mean the ISP is using that blocklist. ISPs are very selective about the blocklists they use.”

Which brings us to the recent conflict over the Anti-Spam Research Group’s efforts at crafting a best-practices document for blacklist operators.

Among the document’s recommendations is that blacklist operators should not charge blacklisted emailers to get delisted.

“Charging emailers for delisting incentivizes all the wrong things,” said Neil Schwartzman, anti-spam expert and executive director of the Coalition Against Unsolicited Commercial Email.

Added Levine: “It makes it hard not to turn it into a shakedown.”

However, one participant in the discussion, Claus von Wolfhausen, technical director of little-known German blacklist UCE Protect, took issue with the no-charge-for-delisting clause.

Why? Because UCE Protect charges for expedited delisting.

The folks at UCE Protect were so incensed by the group’s consensus that blacklisters shouldn’t charge for delisting that they staged a short strike during which they refused to delist anyone.

Then, von Wolfhausen became so incensed, he quit the group:

“[Y]our BCP 07 [best practices document] is at best a joke and nothing that a professional person will ever take serious,” he wrote in his final message to the group.
 
“All people that have voted for it have clearly given proof that they are really blind or incompetent and their only reasoning to vote for this BCP was to harass the UCEPROTECT-Network,” he continued. “That means the UCEPROTECT-Network will gladfully ignore this group and it's decisions or votings from now.” [quotes are exact]

But here’s the entertaining part: During the discussion, von Wolfhausen claimed his network protects 1.5 million email boxes.

“That number is so small, it rules out all the major ISPs,” said Levine. “Even Claus admitted he’s trivial.”


In other words, whatever von Wolfhausen decides to do means little to nothing to emailers.

A key lesson is that widely used blacklists are not vendetta lists, said Levine.

“Claus thinks [by charging for delisting] he’s punishing the bad guys, which is ridiculous,” he said. “The sole goal of people who operate widely used blocklists is to protect the inboxes of their users from email they don’t want.”

In any case, for those who choose to slog through it, BCP 07 offers insight into the way the major blacklist operators think. Access it here.

Comments

Show: Newest | Oldest

Post a Comment
Your Name:
Subject:
Comments:
Verification:
Please type the letters in the image above

Terms: Feel free to be as big a jerk as you want, but don't attack anyone other than me personally. And don't criticize people or companies other than me anonymously. Got something crappy to say? Say it under your real name. Anonymous potshots and personal attacks aimed at me, however, are fine.

Posted by: Urs Wendler
Date: 2011-03-10 14:53:05
Subject: Wolfhausen and UCEProtect

Wolfhausen claimed that 2.5 million systems are using their lists. Since a system can have either 1 but also 1 million email boxes, I would not consider them a minor blacklist. At least in Europe they are very popular, and there are areas where UCEProtect is even more popular than Spamhaus.
Posted by: Kelly Chien
Date: 2011-03-09 06:28:26
Subject: Blocking ESPs

I was quite amused at Peter's list. All four of those ESPs have been a constant source of countless spams for many years. All of them have been blocked and often firewalled here at my networks for a very long time. Peter chose some particulary poor examples as they all appear to be unrepentant spammers for hire.
Posted by: Peter Zeal
Date: 2011-03-09 04:41:53
Subject: Barracuda + Return Path

Neglected to mention the Barracuda list which is widely deployed and run better than Spamhaus. That is, real people you can contact - not some ex roadie living on an imaginary boat on the Thames.

Also, many BOFH INVERT lists like those offered by Return Path and BLOCK with them. Some ESP's (Cheetah, Mailchimp, dotmailer and Constant Contact) even end up firewalled off completely.
Posted by: Kelly Molloy
Date: 2011-03-01 18:57:53
Subject: Thanks!

On behalf of my Spamcop crew, thanks for the edit. We work hard to get it right.
Posted by: Neil Schwartzman
Date: 2011-03-01 18:24:13
Subject: I forgot to make a point ...

It seems to me that if a spammer is willing to pay for the services of bulletproof hosting, and a spam -cannon outbound, they would also be willing, were it to matter, to paybClaus his piddling amount to delist an IP long enough to get their campaign through.
Posted by: Ken Magill
Date: 2011-03-01 17:54:46
Subject: DNSbls that matter

This is fixed.

In Laura's defense, she has a very bad cold. Forgive her, please.
Posted by: David Romerstein
Date: 2011-03-01 17:44:42
Subject: DNSbls that matter

Laura appears to have lumped a couple of well-used, well-thought-of DNSbls into the "yeah, whatever" category. SpamCop, in particular, is widely used, respected in the community, and well run.
Posted by: Laura Atkins
Date: 2011-03-01 17:37:35
Subject:

I forgot one of the other major blocklists: Spamcop.

Apologies to all the hard workers over at Ironport/Cisco who make it work.