BarracudaCentral – another blacklist black hole

by steve on November 6, 2008 · 42 comments

1 Star2 Stars3 Stars4 Stars5 Stars (12 votes, average: 4.00 out of 5)
Loading ... Loading ...

No sooner had I posted about the abysmal 88.blacklist.zap, that I now find our mail servers at the mercy of BarracudaCentral.  Yet again, here is an organization totally unwilling to work with fellow mail administrators and unresponsive to phone calls or requests for information.  I have no idea how, when or why my domains have been blacklisted by these morons or what to do because of it.  At least the bozos at Frontbridge actually did what they said they would and we have not had any repeat interactions with them, thankfully.

My users have recently compalined that E-mail message are not being received by our customers and suppliers.  We quickly learned that it was being blocked and are getting bounce messages that state,

<counihan@bitwavesemiconductor.com>: connect to

destination.com[yy.yyy.yy.yyy]: server refused to talk to me:

554 Service unavailable; Client host [myhost.mydomain.com] blocked using    Barracuda Reputation;

http://bbl.barracudacentral.com/q.cgi?ip=xx.xx.xx.xx

We quickly checked the URL and was told that our IP reputation is listed as “poor” on the Barracuda Reputation System.  The site allows administrators to request to request removal.  We provided the information and got the following responses:

Request Received

Thank you for submitting your request. If this is your first request, your IP address will have its reputation increased to “normal” for 48 hours while we investigate. It may take up to 1 hour for the reputation increase to propagate to all Barracuda Spam Firewalls globally. We appreciate your patience and apologize for any inconvenience.

 

It took less than a few hours before we got our second, and surprising, response from this system.

 

The Barracuda Spam Firewall has rules that apply to email sent from an IP address known to Barracuda Central to send spam.  At this time the Barracuda Spam Firewall has the ability to decline email from these IPs.  This is an option that the Administrator of the Barracuda Spam Firewall may enable.  If the Administrator chooses to enable this option it may block your IP address.

 

This IP has been seen by Barracuda Central to transmit spam email in the last 30 days.

 

Unfortunately at this time we cannot unblock this IP.  This decision overrides any “grace period” this IP may have been previously granted by Barracuda Central.  This IP will be automatically rechecked several times each day and may be removed if the threat has declined.

 

So, where does that leave us?  We have just told them that this was in error and they simply ignore our requests.  This is not in the spirit of working together.  We attempted to call their technical support and service desk, but were simply told to go back to the web site for information and that there was nothing they could do.  Nothing?  We asked for examples of the SPAM that we transmitted that degraded our reputation, but they refused to provide that detail.  We told them that we subscribe to MxToolbox and that no other blacklisting service has listed our mail servers — they simply did not care.  We asked them if careless administrators could inadvertently list our mail servers due to misinterpretation of our mail flow to our customers and suppliers — again no response.  We asked about NDR’s being sent back to spammers by our mail system and we were told there was just nothing we could do.  According to Barracuda Networks, it was our fault and we were expected to fix a problem we could not identify, disprove or argue against.  Perhaps they are simply blacklisting sites in order to make their numbers look good about the amount of SPAM they are finding — even if it is not SPAM.  How can anyone tell?  They refuse to supply data to back up their claims.

 

This is insane!  How are we to work with companies that will not provide us the information we need to fix a situation we don’t know we have?  Do they really expect an enterprise to work through every message going through the mail gateways to attempt and identify if something could be misinterpreted as SPAM?  Even if we found it, we still cannot inform them of this result and ask for reclassification.

 

Another thing on their site is subscription to EmailReg.org.  This is a $20 registration fee to get your mail through these systems.  One of my employees immediately suggested that this was extortion and protection money to get mail through.  Seems like he is right.  The only way to get your mail systems moving again is to pay someone for the privilege.  Guilty until proven innocent.  There ought to be a law.

 

As I said, this company is just like ignorant and arrogant folks at Frontbridge who are all trying to run roughshod over the E-mail community without any attempt to work within that community to improve it.

 

Here is another example of a company that we all need to get together and file a class action lawsuit against for interfering with our businesses and costing us substantial financial loss.

One Pingback/Trackback

  • http://www.virtua.si iztok

    great, helpful post!
    unfortunately i have same problem with our secondary mail server :(
    one question: did domain became whitelisted instantly after registration on EmailReg.org?

    thanx!

    • http://steve.heyvan.com/ steve

       I know of no one willing to pay EmailReg.org and find out.  No way I would do it!

      • http://www.facebook.com/christopher.paris1 Chris Paris

        The EmailReg.org site has a disclaimer on it that says ”
        There appears to be some confusion that EMAILREG.ORG is a way to get off of some of the Barracuda IP Block lists (BRBL). This is not the case. Emailreg.org is primarily a whitelist of IP’s with domains. It does not have any impact on Barracuda Networks block lists such as the BRBL. If you want to be delisted from a Barracuda Block List please contact Barracuda Networks at their technical site: http://www.barracudacentral.org

        But if you go to Barracuda, it directs you back to EmailReg.org.

        Weird, but I guess they put up the notice to cover their a$$es.

        • Konstandin

          Same old story goes on!

          Ip Blocked by Barracuda for 2nd time. Owned server, (Checked no spam sent).

          Just decided to blacklist us.

          Is there any organization to report them? They are destroying companies just because they have nothing else to do.

  • steve

    Hi iztok,
    Sorry to hear that you have been caught up in this mess. We decided that Emailreg.org was not the right way to go — never pay extorionists.

    We have complete control of our DNS and mail systems. Our mail systems are behind a Cisco PIX firewall and we took matters in to our own hands.

    1. We took another 5 IP addresses from our class C block and dedicated them to mail use.
    2. Changed our reverse DNS records for all mail addresses to point to the same DNS name
    3. Our SPF record already uses the forward DNS by name
    4. Our MX record does not change since that is for incoming only and translated by the PIX.
    5. Now, all we have to do is point our new IP address at the mail server and we have moved our mail to a new address that is unknown to BarracudaCentral.

    This successfully bypassed them.

    At the same time, we had our corporate legal council contact Barracuda Networks and I got hold of the VP of Engineering and exchanged a few mails. They apologized for the inconvenience, got us whitelisted and said they would look in to the problems I encountered. I have never heard back from them.

    Overall, it was a terrible experience and I hope this help you in your current situation. Good luck and keep us posted.

    • JFarrance

      Hi Steve,

      4 years later and my client is encountering the same issue.  We cannot do what you explain here as we do not have a class C IP address, we only have one dedicated IP address.  How should I proceed?

      • Steve

         Sorry to hear that you are caught in this mess and that it is still a persistent problem.  I would urge you to contact Barracuda Central and request/demand that you be unlisted.  If they refuse, push for evidence and ask to speak with their management or legal departments.  Unfortunately, their errors are your problem and you have to take matters in your own hands.  Good luck and please report on your experience here for the community.

  • http://trojanbadger.com Martin Diers

    I just had this happen here also. What REALLY sucks is that they blocked the IP address, not of our mail server, but of our public-facing Gateway. The mail came from an SMTP server NOT on their list, but they also block based upon the IP of the connecting client!!!

    I put in a request for unblocking, and they seem to have honored it. But I also asked them to please explain to me how our Gateway’s IP got added, what the criteria is, and noted that we do not appear on any RBL’s I checked (including the draconian SpamCop). No response.

    I am going to put in filtering in our mail server to strip out the IP of the client machine, but this should not be necessary.

    Total BS.

  • http://www.computersolutions.cn/ Lawrence

    Just had the exact same thing happen to us.

    Blogged about it here – http://www.computersolutions.cn/blog/2009/04/spam-barracuda-and-ethics-lack-thereof/

    Extremely unethical of Barracuda in my opinion.
    Conflict of interest not withstanding.

  • Jasper O Waale

    Well We have been hit by this http://www.barracudacentral.org and itr looks like I will have my legal guys hunt them done,

    I WILL NEVER PAY 20 USD for this, I will Conatgt Users that use the services and have them Stop using it!

  • Susie

    My bellsouth.net account is blocked from emailing customers at two different businesses as of today.

    It seems to me that BarracudaCentral is hindering interstate commerce. Where are the States Attorneys General and the Federal Government in this matter?

  • Norm

    This is no surprise just google Barracuda Networks Sucks I’m sure there’s many issues that never are resolved.

    We owned a Barracuda and with it we couldn’t reach most of our own clients yet we were blacklisted as well. Now we know why 95% of spam is blocked; they created the list themselves. We are a group of 6 graphic designers not spammers.

    We just pulled the plug on the Barracuda painted the chassis black and filed off the Barracuda logo, installed Endian Firewall, have my own blacklist and manage my own spam filter with a legit black/whitelist.

    And yes where are the States Attorneys General and the Federal Government in this matter? What about GPL? Anything going on with that case they have?

  • John

    Have the same exact problem. Total BS!!!! Only listed on their RBL. Having to pay emailreg.org to be whitelisted even though your server is NOT spamming? What the hell is this? I don’t know if this can be exactly classified as extortion, but this has to be illegal!!!

  • Pauline

    I am now having the same problem. But, I am an individual that does not send a lot of e-mails. However, I switched to PCSecurity Shield for my virus software. It has been a disasterous two weeks. When it scans my outgoing mail, i.e. sending pictures to my daughter, it takes so long that the Outlook times out for connecting with my local provider. So, I disabled scanning the outgoing e-mails. Immediately I was blocked from sending any e-mails. The only e-mail that was going out was a response to a member of my dog club. So, I have to wonder if PCSecurity Shield is owned by the same nincompoops.

    • steve

      Pauline,
      I sympathize with your situation, but PCSecurity Shield is not associated with Barracuda in any way. I will tell you that that software is pure junk and you should uninstall it immediately. I have read and heard about far too many complaints to justify having it on your system another day. There are plenty of good, reputable security products on the market for your needs like ZoneAlarm Extreme Security (http://www.zonealarm.com/security/en-us/compare-anti-virus-spyware-software.htm).

      Perhaps I will write about more consumer prodcts in the future. Thanks for the idea.

      Good luck.

  • Bo

    I got this problem too. We are company oriented to dog training.
    How we can stop them on this illegal way?
    They stop my business.
    Folks, let’s go hunt them down.

    Is there any way?

  • pete

    Right on! This organization is I believe, just annother internet scam that should be illegal. They want my $20 do clear To register a domain. They say, “EmailReg.org, enter the following information. There is a USD $20.00 administrative charge per domain registered.”

  • angry web ops

    This just happened to my company but what's even more ridiculous is that all their forms are currently failing with 500 errors. I can't even submit a request to be removed. Sorry, but if most of your service is based on a couple web forms to clear everything up, the least you can do is ensure THEY WORK. definitely a scam…

  • honest__abe

    The Barracuda/EmailReg.org Racket
    Barracuda is apparently using the PBL ranges (those addresses listed as belonging to the major ISPs such as Verizon, SWB, etc. see: http://www.spamhaus.org/pbl/index.lasso regarding PBLs) which causes small business owners who send mail from their home PCs but use their hosted domains (username@mysmallbusiness.com) to get bounced by mail servers that reference zen.spamhaus.org, pbl.spamhaus.org, b.barracuda.org or any organizations that use barracuda appliances. This is a totally innappropriate use of PBLs. For a hosting provider to get ‘de-listed’, the fee of $20 for listing with EmailReg.org is per domain per year! If you check the IP address of EmailReg.org (64.235.146.64) you’ll find that it is none other than Barracuda Networks themselves:
    OrgName: Barracuda Networks, Inc.
    OrgID: BARRA-7
    Address: 3175 S. Winchester Blvd
    City: Campbell
    StateProv: CA
    PostalCode: 95008
    Country: US
    NetRange: 64.235.144.0 – 64.235.159.255
    CIDR: 64.235.144.0/20
    OriginAS: AS15324
    NetName: BARRAUCDA
    NetHandle: NET-64-235-144-0-1
    Parent: NET-64-0-0-0-0

    This is a total racket being put in place in order to extract annual fees from LEGITIMATE hosting providers. All I can say at this point is to pass the word that PBLs are NOT spam blocklists but rather ISP lists of user allocated IPs and PBLs (and default Barracuda appliance rules) should NEVER be used to control spam. Barracuda is trying to pull a fast one here with blocking legitimate senders then trying to charge a fee to let mail pass and it should not be tolerated.

  • V3

    Actually, barracuda's aren't that bad. If the person you are sending to adds your ip to their reputation by pass, then you wont be blocked, takes 5 seconds. Option B complain to your ISP for hosting spammers. If they keep hosting them, you will keep getting blocked and rightfully so.

    • http://steve.heyvan.com/ steve

      V3,
      I think we all agree with your comments about spammers, but as you can see in the article and comments, this is about legal business E-mail communications coming from dedicated IP adresses that are not spammers, and getting blocked for no apparant reason and no justification being communicated by Barracuda Central. This is also not about the administration of the appliance by a dedicated IT staff for a single entity.

      Large third-party E-mail providers are not going to whitelist an IP address if Barracuda Central says that they are spammers. Why should they? They think they bought the appliance and service for that very reason. They will believe Barracuda before beliving the sender or the recipient since they could be spammers trying to penetrate the network. No, this all comes down to Barracuda Central and their racket with Emailreg.org. This process is seriously broken and needs to be fixed or thrown out.

    • http://steve.heyvan.com/ steve

       We are not complaining about the appliance, but the service Barracuda Central which sends block lists to subscribers.  It is set arbitrarily and we cannot get information from then as to why or get records to support their position.  It is not acceptable.

  • Ehrwade2

    A good rant – I liked it (!) and found it helpful. I came here in July 2010 after having messages blocked (despite previous success to the same recipient). Seems like the scam goes on.

  • Tony

    I wish I would have read this before I started the Barracuda Central removal process. I would have never gave them our info. I did google emailreg.org when they wanted twenty bucks, to unlist us.

  • http://www.americanfinishers.com Ted

    I have experinced the exact same problem jus today…what to do now? I am a small business owner not some larg corp. that has an IT Dept. to handel this.

  • Sctill

    I am not even a business. My personal e-mail sent from my bellsouth.net account is being blocked by Barracuda.

  • Jmmoggy

    John (oz) – Who the hell are barracuda central? I never paid for this stupid program BUT they’ve locked on to my e-mail and blacklisted me. I try to send to 1 of my clients and it bounces back.I’ve tried to unistall it but i can’t find the bloody program and to really piss me off was i contacted them to get them to remove it and they’ve treated me as an idiot and ignored me. If anyone knows how to get rid of these clowns ,please write in on this forum.

    • http://steve.heyvan.com/ steve

      John,nBarracuda Central is part of Barracuda Networks. They sell a SPAM appliance that one of your clients is evidently using. Since they have blacklisted your address/ISP, it is impossible for you to get the mail to your client. It is next to impossible to do anything unless you pay the extortion money to EmailReg.org (not recommended — see Honest Abe’s comments above) or try to get your client to pressure Baracuda Networks into whitelisting you. All I can say, is “good luck”. This is hurting a lot of innocent victims.

  • Guest

    Same with a health care institution .nI threatened themu00a0 with the state attourney on the phone from the other side of the atlantic, made them speed up.nWe were sending spam by being infected by a worm/datavirus, but that cannot make anybody resist receiving our ordinary mail. The administrator usingu00a0Barracuda didn’t make any whitelist themselves, they were completely trusting Barracuda until discovering that health care institutions were not able to send e-mail to each other.nMafia is the word that comes to the tip of my tongue.nTom, Europen

  • Sangminhdoan

    Thanks,
    Good luck and keep us posted

  • Tiger_top

    I love barracuda. Why hate? Just pay your barracuda bills they will work with you. Jeez

    • Steve

      Tiger_top,
      Your comment seems to indicate that you have not read the article or understood the issue at hand.  We are not Barracuda customers, but victims of their products and policies.  Please take the time to understand the issues before you comment.  Thanks.

  • Dexter

    Well said. I think what they do is probably illegal. I have just fallen victim to their scam. Luckily, the company I am trying to contact is not important to my business.

  • ITGUY

    I know that this post is several years old, but no less relevant.  I consistently have problems with our networks being blacklisted by Barracuda and ONLY Barracuda.  I have been a registered member with MX Toolbox for years as well and I find it more than suspicious that Barracuda is the only one of these RBL providers that I have consistent issues with blacklisting.  It may be that there is a spam bot somewhere on our network, but sure would be nice if they at least provided SOME evidence to go on.

  • Navion

    Generally, Barracuda makes a great product, and their product support, from my end has been great. (I’m a reseller) However I agree that as a company to have to try to deal with when things go wrong, the SUCK SOOO HARD! They couldn’t organize a sack race, so I’m not surprised you’re having problems. 

  • Jay

    My business IP just got blocked for the 3rd time this year by Barracuda Central. The last time, I caved in and forked over the money to “EmailReg.org”. $20 for the dedicated IP address we have and another $20 for the server URL as the server belongs to me, too.

    Same story this time, if I go to EmailReg.org and PAY AGAIN, they will whitelist the IP. These people are not morons, they are criminals!!!! This is extortion.

    As to the client to whom I was trying to provide with a record of their transaction which BC blocked, I just called them and asked them to provide an alternative e-mail address. And I told them why.

    I also wrote BC demanding THEY document this action as, by paying them last time, I am now their customer, too. Not holding my breath, though.

  • mbm

    Hello,

    We setup a new servers rack, and all new IPs are blacklisted at barracudacentral.

    Barracudacentral does not answer any email.

    Barracudacentral 48H whitlist term dont work after your first post.

    Barracudacentral website graphs shows the fastest “Response Time to New Threats” from them, but it’s not true, barracudacentra does not know what is tread and what is not. 

    Barracudacentral blacklist anyone with no criteria.

    Barracudacentral dont provide a working contact to solve any issue.

    Barracudacentral really acting “like ignorant and arrogant” people.

    We are having looses because of Barracudacentral malfunction.

  • Pingback: smtp blocked by b.barracudacentral.org barracudanetworks.com for no reason | blunix.org

  • Ron

    I have a feeling you were spamming. I am the IT Director for a large company and when we made a blacklist (not Barracudas) we switched from a software filtering solution to a hardware solution and found we were indeed sending out 50-100 emails aday as spam amongst the legitimate traffic. None of the software solutions I have found can filter inbound out so we never saw it until the hardware appliance was installed.

    • http://steve.heyvan.com/ steve

      Ron,
      You are incorrect.  We take security seriously and we record every SMTP transaction in/out of our network regardless of source/destination.  We intercept it at 5 different layers of hardware and software before transmitting on the Internet.  Analysis of the data showed we had not transmitted any SPAM and Barracuda Central could not identify any transactions that caused us to be listed or dispute or information.

      I have been around this industry a very long time and I am convinced that they had blocks for all of the UUnet IP blocks as they were known to be a source of security problems way back when, and we have one of those blocks (now Verizon).

  • casemaker

    I too encountered the pirates of barracuda a few years ago. As a small business I had to have reliable email and my ISP used a server in Texas that was being blocked by Barracuda. They would get me off the list and a few days later, blocked again.
    That was when I discovered google and gmail so I setup my mx to point there.
    Haven’t had a bounced email since.

  • http://www.bloketoys.co.uk/ BlokeToys.co.uk

    We’re now experiencing this too, and it IS extortion. There should be no facility to pay a blackmail fee to release us from the clutches of a private company. This is OUR COMMUNICATION, and this bunch of criminals are being permitted to hold people and their business to ransom. There needs to be laws against this, and we need those laws yesterday.

Previous post:

Next post: