Email Error .. my ip public blocked
-
@Carnival-Boy said:
I've never heard of competitors being able to block your IP address by simply reporting it. That sounds a bit dodgy.
Blacklists are not big companies, are all individual and can do whatever they want. Some of them accept reports, or used to, as to spam. If you think about it, how does anyone determine that something is a spam relay? The blacklists have to get that information from somewhere.
-
@Carnival-Boy said:
@scottalanmiller said:
- Lack of knowledge of email systems (or else they would be hosted) leading to more issues below
Wait, are you saying that anyone who runs on-premise e-mail is an idiot?
That's not what I said. If you read the lead in to the list, I pointed out that these things were things that typically or generally happened with on premises systems. So "anyone" doesn't apply here. And not being an email specialist is in no way the same thing as an idiot, so the idiot bit does not apply.
What I was pointing out is that because by and large the vast majority of email systems should be hosted but many are not there is a very high incidence of people lacking deep email experience that, partially due to that very lack of knowledge and experience, decide to run email in house and/or lack the wherewithal to convince the powers that be that hosted email is needed. This creates a situation where there is a higher chance that on premises email systems are being run by people who don't have a lot of email experience or knowledge - it's self fulfilling in that way. People with the most email experience and knowledge are the most likely to be pushing for email to be hosted (talking averages here, not specific cases) and will also have the most clout to convince management to do so.
-
@scottalanmiller said:
If you think about it, how does anyone determine that something is a spam relay? The blacklists have to get that information from somewhere.
Most of them have email addresses setup to get spam and if they receive on the address, it is added to the database and blacklisted once some threshhold is met.
-
@JaredBusch said:
Most of them have email addresses setup to get spam and if they receive on the address, it is added to the database and blacklisted once some threshhold is met.
Many do, sure. But at least in the 2000s, it was very common for blacklists to accept reports on IP addresses and block based on that.
-
A quick search and SpamCop accepts end user submissions. I found some sites listing tons of services for submissions (dozen or so, if that is tons) suggesting that they all accepted end user submission. Only takes a few of the common ones to be an issue for someone if someone starts submitting them.
-
@scottalanmiller said:
A quick search and SpamCop accepts end user submissions. I found some sites listing tons of services for submissions (dozen or so, if that is tons) suggesting that they all accepted end user submission. Only takes a few of the common ones to be an issue for someone if someone starts submitting them.
submissions of what?
"Hey block this IP because I say it is bad?" or "hey here is a copy of a spam email to add to your algorithm."Significantly different.
-
@JaredBusch said:
submissions of what?
"Hey block this IP because I say it is bad?" or "hey here is a copy of a spam email to add to your algorithm."Significantly different.
Why is it different? Since you can craft the email to submit or modify it however you want, you are literally submitting an IP address manually.
While the submission process is complex and you need an example, none of it is even remotely difficult to use as a pure IP address submission. Use any SPAM email or craft one, put in the IP source that you want blocked and submit.
-
@scottalanmiller said:
Why is it different? Since you can craft the email to submit or modify it however you want, you are literally submitting an IP address manually.
Because the first is you simply taking my word for it and blocking an IP. The second is adding a (possibly faked email) to an existing database of emails that does not just block for a single thing. it uses an algorithm to set the scores.
-
@JaredBusch said:
Because the first is you simply taking my word for it and blocking an IP. The second is adding a (possibly faked email) to an existing database of emails that does not just block for a single thing. it uses an algorithm to set the scores.
But not for the IP address right? Presumably we all have an endless supply of spam. yes that is an assumption but I'm confident that this is reasonably true. Given that we have an endless supply of example spam to work with, the IP address portion is and always has been "taking their word for it" in cases of submissions. Am I missing some component here where I don't just choose the IP address to submit (if I want to?)
-
I totally get that one takes a little more work and isn't as easy as a "block this ip please" form. But given the boilerplate component there is still just an IP field to modify as desired.
Although I do believe that there used to be pure IP address fields to fill out long ago. Good that that has changed (from what I can tell) but it doesn't appear that the effort to block someone arbitrarily is any harder than it used to be, only submitting at all is a tiny big harder.
-
Now what does improve this situation some is that it appears that most blacklists require paid membership in order to be able to submit. At least the ones that I have investigated. So regularly doing this to people seems like it might cause issues with your account, at the very least. Or so one would hope.
-
I assume that submissions work like '1000 people submit spam example = this is spam' but '1 person submits spam example = this is not spam'. So assuming you don't have 1000 competitors all colluding to screw you you should be ok.
-
@Carnival-Boy said:
I assume that submissions work like '1000 people submit spam example = this is spam' but '1 person submits spam example = this is not spam'. So assuming you don't have 1000 competitors all colluding to screw you you should be ok.
Today I believe that that is likely true, but leaves open the potential (no idea how they protect against this) of someone sending out spam as if they were you to generate the 1K examples.
Long ago I'm pretty sure it did not work that way. Getting blocked from time to time used to be pretty common. This is pre-2003, I would say.
-
@scottalanmiller said:
@Carnival-Boy said:
I assume that submissions work like '1000 people submit spam example = this is spam' but '1 person submits spam example = this is not spam'. So assuming you don't have 1000 competitors all colluding to screw you you should be ok.
Today I believe that that is likely true, but leaves open the potential (no idea how they protect against this) of someone sending out spam as if they were you to generate the 1K examples.
Long ago I'm pretty sure it did not work that way. Getting blocked from time to time used to be pretty common. This is pre-2003, I would say.
I agree, back then it was more common - hell it happened at the fortune 500 company I worked for... so sure, it happened a lot more.. clearly they've changed the way it works, it's really not a problem these days unless you really are a spammer or your network is infected and being used as one.
-
It's been a long time since I had to deal with it, but a lot of other things have changed too since them (SPF, PTR, etc.)
-
@scottalanmiller said:
@Carnival-Boy said:
@scottalanmiller said:
- Lack of knowledge of email systems (or else they would be hosted) leading to more issues below
Wait, are you saying that anyone who runs on-premise e-mail is an idiot?
That's not what I said. If you read the lead in to the list, I pointed out that these things were things that typically or generally happened with on premises systems. So "anyone" doesn't apply here. And not being an email specialist is in no way the same thing as an idiot, so the idiot bit does not apply.
OK, let me re-phrase, are you saying that anyone who has decent knowledge of e-mail systems but is running on-premise is an idiot?
@scottalanmiller said:
Those that want the "feel" of self hosting email do so by running Exchange in house but having a mailbagger running in the hosted space as the real email server (MXLogic, Postini and similar services.) They are the actual email servers and so the email is hosted, the mailboxes are the only part that are local (which are post-email services, excuse the pun.)
I don't believe on-premise Exchange is "hosted e-mail" just because you use Postini or another filtering service on the front-end. Apart from anything, I suspect that for most companies internal e-mail far outweighs external e-mail, so the majority of e-mail won't even hit Postini.
-
@Carnival-Boy said:
I don't believe on-premise Exchange is "hosted e-mail" just because you use Postini or another filtering service on the front-end. Apart from anything, I suspect that for most companies internal e-mail far outweighs external e-mail, so the majority of e-mail won't even hit Postini.
In a major way (and all technical ways) it actually is. Email is defined by the use of the SMTP protocol. When you use Postini or similar, all of the SMTP handling in some cases or at least all of the public SMTP handling actually is hosted. The email portion becomes completely hosted. The part that remains on site is the mailboxes, POP3, IMPA4 and similar protocol handling and storage. Technically, at that point, it's not email anymore but a fileserver portion.
In the old days we didn't have these components. There was still storage, obviously, but there were no protocols for it and such. With Postini, there is all the traditional storage that is hosted and all of the SMTP email handling (assuming you have both inbound and outbound configured.) The only thing that is happening with the local system is the file serving and interface handling for the local users. And in some cases, not even all of that (around retention systems, typically.)
-
Technically, when you send an "email" from one person to another on the same system it's not exactly email. We all call it that because we are all sharing one interface. But we aren't using SMTP, we are actually using a local specialized file server. At no point does the email get "sent" anywhere, which is what makes it email. The whole SMTP layer is skipped.
It's two separate systems. The old email SMTP system remains, but the mailbox to mailbox stuff does utilize that system, isn't required to exist for email to work and is a completely new system added on behind email systems.
-
A similar example that is equally confusing is VoIP telephony. Are we making a "phone call" when we don't use the phone system? We don't normally consider talking on Skype, Whats App, Google Talk, XBOX 360 games, Google Hangouts and similar to be phone calls. At least most people do not - because they don't use a phone number or go to the phone system and can't reach "phones." Cell phones are different because they always (AFAIK) use a phone number and can call the phone system, PSTN. Most people define phone calls as those that traverse the PSTN and can call.. phones. A little bit of a grey area here.
In the case of a VoIP PBX then, are you making a phone call when calling extension to extension? Legally, no. Technically you are doing audio communications but not via what is accepted as the telephone. It is no different than Skype or Google Hangouts. You don't hit the PSTN or use the telephone protocols. Wikipedia doesn't define telephone in this way, but their definition covers things like cans with string attached, so probably isn't a good example. They rely on a longer description that seems to agree with the above.
The point being that in the case of email or phones, the "email or phone" portion is normally hosted and then additional "local" functionality may be hosted (Office 365 or RingCentral) or may be local (on premises Exchange or a ShoreTel PBX.) But the additional portion is behind the email or phone components and relies on the actual email handling or the actual telephony handling to be hosted.
-
@Carnival-Boy said:
Apart from anything, I suspect that for most companies internal e-mail far outweighs external e-mail, so the majority of e-mail won't even hit Postini.
I've often used this as a "typical" use case differentiation between small and large companies. Small companies typically send the majority of their "email" to external entities. Large companies typically send the majority of their email internally. Once you hit a few hundred users, email becomes heavily internal in nearly all cases, that's definitely true.
But legal restrictions on email, for example, don't normally apply when email is not made public or communicating via SMTP. For example, HIPAA regulations on email don't apply if SMTP connectors aren't enabled. It is only once SMTP handling is added that Exchange turns from a mailbox server into an email server. Using it without SMTP would classify it only as a unique fileserver rather than an email server. Once SMTP is on, it is both. But the features that make Exchange popular compared to Postfix or Sendmail, are all in the "fileserver" and interface portions, not in the email portions.
So it becomes complex. Email definitions are definitely not hard and fast. By the definition that all electronic communications is email (which means text messaging and instant messaging are email, which isn't a very useful definition) then definitely local mailbox handling is email. If you use the definition for network email (also from Wikipedia) that states that email is transferred via FTP prior to 1982 and SMTP port 1982, then we have something more solid for describing email in general and mailbox to mailbox handling of systems like Exchange and Cyrus becomes non-email.
