BarracudaCentral – another blacklist black hole

by steve on November 6, 2008

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
Loading ... Loading ...

No sooner had I posted about the abysmal 88.blacklist.zap, that I now find our mail servers at the mercy of BarracudaCentral.  Yet again, here is an organization totally unwilling to work with fellow mail administrators and unresponsive to phone calls or requests for information.  I have no idea how, when or why my domains have been blacklisted by these morons or what to do because of it.  At least the bozos at Frontbridge actually did what they said they would and we have not had any repeat interactions with them, thankfully.

My users have recently compalined that E-mail message are not being received by our customers and suppliers.  We quickly learned that it was being blocked and are getting bounce messages that state,

<counihan@bitwavesemiconductor.com>: connect to

destination.com[yy.yyy.yy.yyy]: server refused to talk to me:

554 Service unavailable; Client host [myhost.mydomain.com] blocked using    Barracuda Reputation;

http://bbl.barracudacentral.com/q.cgi?ip=xx.xx.xx.xx

We quickly checked the URL and was told that our IP reputation is listed as “poor” on the Barracuda Reputation System.  The site allows administrators to request to request removal.  We provided the information and got the following responses:

Request Received

Thank you for submitting your request. If this is your first request, your IP address will have its reputation increased to “normal” for 48 hours while we investigate. It may take up to 1 hour for the reputation increase to propagate to all Barracuda Spam Firewalls globally. We appreciate your patience and apologize for any inconvenience.

 

It took less than a few hours before we got our second, and surprising, response from this system.

 

The Barracuda Spam Firewall has rules that apply to email sent from an IP address known to Barracuda Central to send spam.  At this time the Barracuda Spam Firewall has the ability to decline email from these IPs.  This is an option that the Administrator of the Barracuda Spam Firewall may enable.  If the Administrator chooses to enable this option it may block your IP address.

 

This IP has been seen by Barracuda Central to transmit spam email in the last 30 days.

 

Unfortunately at this time we cannot unblock this IP.  This decision overrides any “grace period” this IP may have been previously granted by Barracuda Central.  This IP will be automatically rechecked several times each day and may be removed if the threat has declined.

 

So, where does that leave us?  We have just told them that this was in error and they simply ignore our requests.  This is not in the spirit of working together.  We attempted to call their technical support and service desk, but were simply told to go back to the web site for information and that there was nothing they could do.  Nothing?  We asked for examples of the SPAM that we transmitted that degraded our reputation, but they refused to provide that detail.  We told them that we subscribe to MxToolbox and that no other blacklisting service has listed our mail servers — they simply did not care.  We asked them if careless administrators could inadvertently list our mail servers due to misinterpretation of our mail flow to our customers and suppliers — again no response.  We asked about NDR’s being sent back to spammers by our mail system and we were told there was just nothing we could do.  According to Barracuda Networks, it was our fault and we were expected to fix a problem we could not identify, disprove or argue against.  Perhaps they are simply blacklisting sites in order to make their numbers look good about the amount of SPAM they are finding — even if it is not SPAM.  How can anyone tell?  They refuse to supply data to back up their claims.

 

This is insane!  How are we to work with companies that will not provide us the information we need to fix a situation we don’t know we have?  Do they really expect an enterprise to work through every message going through the mail gateways to attempt and identify if something could be misinterpreted as SPAM?  Even if we found it, we still cannot inform them of this result and ask for reclassification.

 

Another thing on their site is subscription to EmailReg.org.  This is a $20 registration fee to get your mail through these systems.  One of my employees immediately suggested that this was extortion and protection money to get mail through.  Seems like he is right.  The only way to get your mail systems moving again is to pay someone for the privilege.  Guilty until proven innocent.  There ought to be a law.

 

As I said, this company is just like ignorant and arrogant folks at Frontbridge who are all trying to run roughshod over the E-mail community without any attempt to work within that community to improve it.

 

Here is another example of a company that we all need to get together and file a class action lawsuit against for interfering with our businesses and costing us substantial financial loss.

Tagged as: Anti-SPAM, Barracuda Networks, blacklist, E-mail

  • angry web ops
    This just happened to my company but what's even more ridiculous is that all their forms are currently failing with 500 errors. I can't even submit a request to be removed. Sorry, but if most of your service is based on a couple web forms to clear everything up, the least you can do is ensure THEY WORK. definitely a scam...
  • pete
    Right on! This organization is I believe, just annother internet scam that should be illegal. They want my $20 do clear To register a domain. They say, "EmailReg.org, enter the following information. There is a USD $20.00 administrative charge per domain registered."
  • Bo
    I got this problem too. We are company oriented to dog training.
    How we can stop them on this illegal way?
    They stop my business.
    Folks, let's go hunt them down.

    Is there any way?
  • Pauline
    I am now having the same problem. But, I am an individual that does not send a lot of e-mails. However, I switched to PCSecurity Shield for my virus software. It has been a disasterous two weeks. When it scans my outgoing mail, i.e. sending pictures to my daughter, it takes so long that the Outlook times out for connecting with my local provider. So, I disabled scanning the outgoing e-mails. Immediately I was blocked from sending any e-mails. The only e-mail that was going out was a response to a member of my dog club. So, I have to wonder if PCSecurity Shield is owned by the same nincompoops.
  • Pauline,
    I sympathize with your situation, but PCSecurity Shield is not associated with Barracuda in any way. I will tell you that that software is pure junk and you should uninstall it immediately. I have read and heard about far too many complaints to justify having it on your system another day. There are plenty of good, reputable security products on the market for your needs like ZoneAlarm Extreme Security (http://www.zonealarm.com/security/en-us/compare...).

    Perhaps I will write about more consumer prodcts in the future. Thanks for the idea.

    Good luck.
  • John
    Have the same exact problem. Total BS!!!! Only listed on their RBL. Having to pay emailreg.org to be whitelisted even though your server is NOT spamming? What the hell is this? I don't know if this can be exactly classified as extortion, but this has to be illegal!!!
  • Norm
    This is no surprise just google Barracuda Networks Sucks I'm sure there's many issues that never are resolved.

    We owned a Barracuda and with it we couldn't reach most of our own clients yet we were blacklisted as well. Now we know why 95% of spam is blocked; they created the list themselves. We are a group of 6 graphic designers not spammers.

    We just pulled the plug on the Barracuda painted the chassis black and filed off the Barracuda logo, installed Endian Firewall, have my own blacklist and manage my own spam filter with a legit black/whitelist.

    And yes where are the States Attorneys General and the Federal Government in this matter? What about GPL? Anything going on with that case they have?
  • Susie
    My bellsouth.net account is blocked from emailing customers at two different businesses as of today.

    It seems to me that BarracudaCentral is hindering interstate commerce. Where are the States Attorneys General and the Federal Government in this matter?
  • Jasper O Waale
    Well We have been hit by this http://www.barracudacentral.org and itr looks like I will have my legal guys hunt them done,

    I WILL NEVER PAY 20 USD for this, I will Conatgt Users that use the services and have them Stop using it!
  • Just had the exact same thing happen to us.

    Blogged about it here - http://www.computersolutions.cn/blog/2009/04/sp...

    Extremely unethical of Barracuda in my opinion.
    Conflict of interest not withstanding.
  • I just had this happen here also. What REALLY sucks is that they blocked the IP address, not of our mail server, but of our public-facing Gateway. The mail came from an SMTP server NOT on their list, but they also block based upon the IP of the connecting client!!!

    I put in a request for unblocking, and they seem to have honored it. But I also asked them to please explain to me how our Gateway's IP got added, what the criteria is, and noted that we do not appear on any RBL's I checked (including the draconian SpamCop). No response.

    I am going to put in filtering in our mail server to strip out the IP of the client machine, but this should not be necessary.

    Total BS.
  • Hi iztok,
    Sorry to hear that you have been caught up in this mess. We decided that Emailreg.org was not the right way to go -- never pay extorionists.

    We have complete control of our DNS and mail systems. Our mail systems are behind a Cisco PIX firewall and we took matters in to our own hands.

    1. We took another 5 IP addresses from our class C block and dedicated them to mail use.
    2. Changed our reverse DNS records for all mail addresses to point to the same DNS name
    3. Our SPF record already uses the forward DNS by name
    4. Our MX record does not change since that is for incoming only and translated by the PIX.
    5. Now, all we have to do is point our new IP address at the mail server and we have moved our mail to a new address that is unknown to BarracudaCentral.

    This successfully bypassed them.

    At the same time, we had our corporate legal council contact Barracuda Networks and I got hold of the VP of Engineering and exchanged a few mails. They apologized for the inconvenience, got us whitelisted and said they would look in to the problems I encountered. I have never heard back from them.

    Overall, it was a terrible experience and I hope this help you in your current situation. Good luck and keep us posted.
  • great, helpful post!
    unfortunately i have same problem with our secondary mail server :(
    one question: did domain became whitelisted instantly after registration on EmailReg.org?

    thanx!
blog comments powered by Disqus

Previous post:

Next post: