88.blacklist.zap – can it get any worse?

August 13, 2008 · 81 comments

1 Star2 Stars3 Stars4 Stars5 Stars (15 votes, average: 4.40 out of 5)
Loading...

Well, I just had my first interaction with 88.blacklist.zap informing me that one of my E-mail messages had been blocked because mail from my mail server IP address was banned.  News to me!  Well, first things first.  I already subscribe to one of the best monitoring and management systems around called MxToolbox.  They informed me that they checked 125 known blacklists and that none of my servers or IP addresses are listed.  it seems 88.blacklist.zap stands alone in its efforts, yet provides administrators absolutely no information as to why they are being blacklisted or how to find out when they got listed.  You just have to wait around until you get screwed, like I did.  Then, when business communications come to a halt and things go wrong, all you can do is just sit there hoping that they will work with you to clean it up.  Who knows if they will do it in a few hours, days, weeks or never?  Their response says that if you hear nothing for 24-hours you should assume everything is fine.  Are you kidding?  First you blocked my messages with no advanced warning or administrative notification and then lack of a response is a sign that you are approved to send new messages?  That is beyond ridiculous!  Further reading on the Internet shows that I am not alone in this predicament or my sentiments.

Turns out that this is a Microsoft Exchange Hosted Service and they built this bullshit system internally.  The person taking responsibility for this entire fiasco is Terry Zink.  If you read this blog, you get a sense that this team has strong technical knowledge and understanding of these systems, but their approach to the IT administration community is astonishing.  When asked simple questions, they make it seem like we are asking for far too much.  Things like, “why did I get listed?”, “when did I get listed”, “when will I be delisted?”, “why do I have to keep asking to be delisted?” or “show me a sample of messages that caused your actions”.  They respond that their systems are too busy blocking mail (legitimate mail IMHO) to be able to handle this.  Huh?  They say that they have software reading activity logs and can block an IP address, but it cannot be coded to also send an E-mail to the registered technical administrator for the domain?  A lot of other blacklist sites like SpamCop  have been doing this for years.  This is not news; it’s an expected way of doing business with your peers and the administration community.  They also say that they cannot keep a sample or at least a header of the messages that caused the IP address to be banned.  It’s hard to keep from just screaming, “Liar!” at the top of my lungs.  I believe that they cannot provide the messages because they simply don’t exist.  I am suspicious that they have started by blocking large IP address blocks (like in the old days of blocking anything from UUnet as an example) and will only unblock them upon request.  They will undoubtedly contest this argument, but they are so secretive and unwilling to be open about their system, that they have lost any credibility.  If I am correct, this assumes that everyone is guilty unless proven innocent.  That may work in Canada, but it’s just unacceptable in today’s high-tech world.

And it does not end there.  Take a look at the non-delivery report (NDR) that they send out!  It is not even written in proper English.  What gives with that nonsense?  I’ve seen phishing E-mail scams that have better grammar than that.  It almost looks like SPAM itself for crying out loud.

Here is the NDR that I just received [slightly edited to remove personal information].  I underlined the error — anyone heard of a period?

How did this get by anyone in QA?  I’m sure that anyone who got these messages thought they were a forgery like I did.  That is, until I checked it out.

Reporting-MTA: dns;host.domain.com
Final-Recipient: rfc822;recipient@domain.com
Action: failed
Status: 5.5.0
Diagnostic-Code: smtp;550 Service unavailable; Client host [xxx.xxx.xxx.xxx] blocked using 88.blacklist.zap; Mail From IP Banned To request removal from this list please forward this message to delist@frontbridge.com

OK.  Not bad enough, you say?  Then take a look at their response when this is forwarded to delist@frontbridge.com.  Again, I have underlined the offensive text.

Hello Steve,

Thank you for your delisting request (080813-000544). Your information has been forwarded to our Abuse Team, who will investigate and remove your IP address from our blocklist. If for any reason we are not able to remove your IP address from our blocklist, one of agents will get respond to you. If you do not hear anything from us within 24 hours, you should be able to send email through our network.

Thank you,

Technical Support

There is a growing sentiment that a class action lawsuit needs to be brought up against these morons before the screw up the entire Internet with their junk.  I for one have already stated that I am “all in” on that idea.

This is bad technology and bad business.  Microsoft should dump this technology faster than you can say, “Microsoft Bob”.

Article by Steve Van Domelen

Steve has written 47 awesome articles.

2 Pingbacks/Trackbacks

Previous post:

Next post: