[unisog] FYI - problem with Barracuda blacklisting
advax at triumf.ca
Wed Oct 24 23:44:58 GMT 2007
Precis: Barracuda anti-spam blacklist blocks mail for
2 days, with no explanation.
We don't have a Barracuda system, but some of our associates do
(SFU, Western Kentucky University, University of North Dakota, Saint
Mary's University...). From what I see in the media, people seem to like
Recently, for apparently no reason, our main mailserver got on their
blacklist and any of our users sending to a Barracuda filtered site
got a rejection message (better than just dropping mail, I admit).
The Barracuda systems were giving us a "554 Service unavailable"
response up front, before EHLO, before any chance to authenticate or send
to a "spam-friend" (in sendmail parlance).
The rejection message points to a website allowing automated
delisting (good), but it may take "up to 2 business days", and unlike
e.g. SpamCop, there is no indication of why a site is listed.
My IT colleagues and myself thought this unacceptable (possibly one could
have an unexplained multi-day outage over a long weekend, and we run
During a slightly acrimonious conversation with Barracuda's blacklisting
support department, I was told that as we weren't a customer we weren't
entitled to support, and that their blacklisting methodology was
proprietary so they weren't going to tell me why we were on the list.
Seems like the Guantanamo Bay approach to customer relations - "your
offence is a state secret, so we can't tell you what you did wrong, but
we're holding you anyway".
We asked one partner to whitelist us, and the block is now gone. But who
knows, it might come back again. We lost some 300 emails, some possibly
time-critical announcements to established partners. IMO this kind of
total block would be only justified if we'd sent tens of thousands of
spams, and there's no evidence we can see - not one personal complaint to
"abuse", no spamcop reports, no ballooned server logs.
(we use blacklists ourselves, but if you get one of our rejection
messages, you can immediately delist and/or whitelist yourself within
seconds, depending on DNS cache)
Andrew Daviel, TRIUMF, Canada
Tel. +1 (604) 222-7376 (Pacific Time)
Network Security Manager
More information about the unisog