We have had lots of questions from our users related to our newer spam blocking practices we implemented in February, 2014. We have had lots of accolades – “Yea!, virtually no spam!”, and some criticism as well, “You keep blocking my customers and business partners.”
I would like to provide you some background on our existing policies and why they came into being. Our servers process lots of mail, on March 20th, 2014 our combined servers received 155,287 connections from other mail servers sending us mail. While there are lots of valid e-mails in that number there are far more spam and unwanted messages. Our challenge, as your hosting provider has been to setup a system that figures out what is valid vs what is an invalid or spam message.
In the past we concentrated on identifying individual spam senders and blocking just those internet or IP addresses. While successful on some measure we were only able to mark as spam what we could examine and spam processing generally took from 2-4 hours per day to complete, that is a lot of dedicated staff time. There were a few big problems with this. First, only spam we were able to see was marked as spam, that meant that lots of our customers were being under served. Additionally, there was really not good easy way for our customers to get sample spam messages to us that would allow us to do a better job. Second, we were constantly reacting to spam, we could only mark something as spam after we had received, processed and passed it along to a customer. Finally, we were at times blocking very reputable mail senders that lots of people wanted to see and only a few people considered spam.
In February of this year we implemented a best practices blocking of spam. By this I mean that we are now only allowing the receipt of e-mails from properly configured mail servers. No longer do we accept connections from dynamically issued internet (IP) addresses. No longer do we accept connections from default named hosts on the internet. No longer do we accept messages from incompletely configured servers. No longer do we accept messages from bulk mail senders who refuse or are unable to clean up their mailing lists.
For the large part this change has been successful and eliminated lots of spam. Remember March 20? Of that 155,287 connections received, we blocked 142,983 messages before they were even processed by the server. That means that our follow-on spam systems that examine the messages after receipt can do a better job and it means much less load on our systems. We think this means a better service for our customers.
Additionally, we added features in our spam blocking to whitelist both senders and recipients through the first level of spam filtering. Prior to this time we also had in place whitelisting through our secondary spam filters. So if you have some e-mail address that absolutely must receive every e-mail, please use the following form to notify us. Whitelisting requests for both senders and recipients can be made through this form:
In all cases, all messages are scanned for virus’s. Nothing is full proof, we recommend that any computer receiving mail be equipped with virus and malware scanners. In no case do we guarantee virus proof e-mail.
The Challenges & The Rant
For any of you wondering, yes, these are in priority order. The rant stems from the fact that we as tech support folks waste 100’s if not 1000’s of hours on dealing with the following in typical year and it is completely unwarranted. Our apologies in advance if you take offense.
Using the Low Cost Alternative
By far the biggest challenge that we face is that of improperly or incompletely setup or unmonitored servers on the internet. This is really a nice way of saying “We block the people who are cheap.”. You see it is really easy to get started in the hosting business, you can probably get a hosting resellers package from somebody for around $30 a month or even cheaper. With that you get some massive server space, hosting software and you can too hang a shingle on the Internet and start signing up clients and giving them great deals on bargain hosting, selling hosting accounts for $1 a month in some cases. The problem is that the owner of this business knows nothing about hosting and invests zero time into securing the systems. The owner also likely offers services to customers hosting “buyviagranow.com” or similar trash sites that are only setup to send e-mail. This leads to a proliferation of junky, weird sounding domain names sending tons of spam type messages.
Some Webmasters & IT are Lazy
There it is, we have gone and said it. There are lots of lazy or uneducated webmasters and IT support folks out there. They improperly setup servers and let them loose on the Internet. We have got to admit that we were in at least the uneducated bucket ourselves at one point in our careers, but that did not excuse us from learning to properly configure our technical environments. There are standards for setting up mailservers and best practices as well. Webmasters and IT staff who fail to follow these end up just using the “defaults” provided by their suppliers and can cause lots of problems. At a bare minimum, webmasters and IT folks should be changing their reverse DNS entries to something that indicates what server is sending the email and not the default reverse DNS entry provided by their Internet Service Provider. Likewise, IT support staff who blindly attach a Microsoft or other mailserver to the internet without some serious firewall and gateway hardware in place are either too busy, lazy or just plain dumb. IT support, if you find yourself in the uneducated bucket and you are having trouble, give us a call, we can probably help you out and we won’t charge you a thing.
Internet Service Providers Reaping Larger Profits
You know that the next quarters profit is dependent on your outsourcing email functionality to a sweatshop. Please read the previous section and don’t do that – CenturyTel.
Bulk Mail and Sneaky People
These folks go hand in hand down the spam spewing path and just don’t get that they are a big part of the spam problem. If you are a reputable bulk mail service we would love to allow you through our servers, just start removing the bad e-mail addresses from your lists, it stops them from being thrown into our unresolved bucket (IT Solutions Journal – are you listening?). Having the same bulk-mail senders show up in this bucket day after day is likely to get them banned completely from the server.
Likewise, Sneaky People! Yes you, the guy who gives out phoney email addresses at the trade shows and to venders who call. Stop doing that, someone has to eventually deal with your inability to say “no” to people. We get tons or blocked or unresolved emails to John Doe, My Buddy, etc at XYZ company that end up getting put in our unresolved buckets, eventually the reputable vendor sending the message to you gets blocked from our servers. We may not know exactly who you are, but we do know where you work.
That’s it our rant about e-mail, definitely not the first, but it is our official policy on e-mail at this point forward. We would be more than happy to white list your business associates and customers who are cheap, lazy and sneaky if you need us to.