2011: The Year in Spam

"Spam is Lame" of the "I Kill Spammers" blog has posted a pretty comprehensive and delightful recap of legal action taken against spammers in 2011. I'm glad I stumbled across this as I hadn't known about the arrest of Alan Ralsky's stock broker back in February.

Ask Al: Help, I'm blocked at AT&T!

Jay writes: Al, I am getting the following message on several email related to AT&T: flph260 DNSBL:ATTRBL 521< xxx.xxx.xxx.xxx>_is_blocked.__For_information_see_http://att.net/blocks After going the ATT site, using Spamhaus to check the IP as well as using AT&T's submittal removal site, I am at a dead end as to how to get this resolved. Spamhaus came up showing no problem. Any help would be appreciated.

Jay, there are a few different reasons somebody can get blocked at AT&T, from what I can tell.
  1. A significant spike in sending volume or spam complaints.
  2. A significant spike in sending volume or spam complaints in the same network neighborhood as you (meaning other sending IP addresses in a /24 may have caused the blocking).
  3. Some really bad stuff is going on, sending some sort of affiliate spam or really, really unwanted stuff that they're able to identify and/or fingerprint through various means that they don't disclose.
Maybe there are other reasons or circumstances under which AT&T will block mail from an IP address, but those are the three that I'm most familiar with.

Assuming the issue is #1 or #2, the way to resolve it is to submit that unblock request via AT&T's website. Alternately, if you've had no response after many days, you could try sending mail to postmaster at att.net. However, if there's a reason they're not responding, because they're busy, behind, or not able to assist, pinging them again via another method isn't likely to get you a response.

It's the holiday season right now, which means lots of people are on vacation and away from work. Maybe there's a backlog of unblocking requests awaiting review and approval at AT&T. Also keep in mind that ISPs don't view their postmaster teams as the treasured and necessary resource that they once did; lots of ISPs used to have whole teams of people managing these things, and in most cases, that has been reduced to a web form and some tiny part of some single person's job. Responding to blocking requests is just not a priority for most ISPs.

And if the issue is #3, then forget about it. They'll probably just go radio silent on you, and not respond at all. Most ISPs simply don't respond to inquiries about really bad stuff. I could only theorize as to why, but if it were me, I'd figure there's no point in helping the bad guy understand how we caught him. I know that could feel unfair, because what if you're not a bad guy, and you're given no opportunity to make your case. That's just the way the world works, sometimes.

I don't see any evidence to suggest that Spamhaus is used by AT&T, nor would I make any sort of assumption that your mail would or would not be delivered to AT&T subscribers based on a Spamhaus lookup.

AT&T also publishes a postmaster site at http://www.att.com/esupport/postmaster/. I strongly recommend reading all the recommendations they provide there as far as best practices and how to ensure your mail is delivered successfully.

Netprospex Blacklisted By Spamhaus

I've written about Netprospex before. For example, talking about how I think their "opt-out" guidance on email marketing is misguided (and how so many others feel the same way). And then there was Peter Seebach's post questioning their touted "verified!" business lists for sale. And most recently, there was that commenter who asked me what I thought of using Netprospex as part of an email acquisition strategy. (My response: "It's like buying a lottery ticket as part of your retirement savings strategy.)

I feel like it's all been said before, so I won't bother going in to any depth on my opinion of companies such as Netprospex. Instead, I'll just link you to their latest Spamhaus blacklisting. The entry is light on details, so I could but speculate as to what happened. But clearly, the blacklisted IP addresses 38.101.213.238 and 174.122.201.114 are now having significant issues attempting to deliver mail to Yahoo, Hotmail, Gmail, Comcast and many other ISPs. Ouch.

(Update: Two SBL entries, from the looks of it. Click on the IP addresses above to link to each.)

The Passing of J.D. Falk

I'm very sad to pass along the news that J.D. Falk has passed away after a year-long battle with cancer.

I feel like I've known J.D. forever, and I most definitely had come to greatly respect and admire him. Occasionally someone would ask me if I'm trying to sound like Seth Godin, when I loudly attempt to espouse a consumer-centric point of view, I reply that no, I'm channeling J.D. Falk. Helping to stop spam and improve the email ecosystem have been his day job for so many years, across Yahoo, Hotmail, the Mail Abuse Prevention System, and most recently, Return Path. That job occasionally involved hitting marketers with a stick, reminding them that the email universe does not revolve around them.

The world is a slightly less better place today without J.D. Falk in it.

What does Spamhaus think of email append?

Today I stumbled across SBL listing SBL120550, which says the following:

"Several IPs in this /28 are sending spam to spamtraps advertising the services of ADT Home Security. The IPs belong to InfoCanada, a division of InfoUSA, via their Yesmail ESP.

InfoUSA also sells purchased and e-pended lists. We do not know whether the purchased list that the customer is using is using came from InfoUSA, but we consider the sales of purchased and e-pended lists to be spam support by definition. Use of such lists is a reliable path to an SBL listing."
(Emphasis added.)


There you have it, straight from Spamhaus themselves, explaining exactly what they think of purchased and e-pended (email append) lists.

Laura Atkins of Word to the Wise has compiled some very helpful ISP Summary Information, showing that, for starters, the SBL is used as a spam filter at AT&T, Comcast, Cox, RoadRunner, and Yahoo. Meaning, use of email append can lead to a blacklisting by Spamhaus, which leads to blocking at those ISPs. And they're not the only ones who use Spamhaus; I think Hotmail and Gmail do, too. Not to mention, many other smaller ISPs and corporate sites.