Monday, November 23, 2009

Backscatterer Blacklist

If you may work in an environment providing e-mail services or operating one or more spam gateways, then you may know the problems which can result from your sending hosts being blacklisted temporary on some black-lists from so called "reputable" organizations.

Personally i think the real reputable organizations are doing a good and important job and it is important
to have lists containing names and IPs from hosts with suspicious and malicious behavior, where ISPs and other service provider can refer to.But what happens and what can be done when you get blacklisted without malicious behavior and just because you operate your system just as the law regulates it ? And you get blacklisted by an organization where other organizations refer to.That means there will be a lot of hosts which do not accept mails from your sending hosts, and this means you will get a lot of impatient requests from your clients.Organizations like just blacklists ,caused for example by the scenario below, and offers you to get removed by paying 50 Euros to get blacklisted the next day again.


You may have clients who send out to their customers newsletters on a regularly base with news and offers.These clients are all trustworthy and reputable companies and their customers opted in for their newsletters because they want to receive them.Sometimes it can happen that mail addresses just have been canceled without opting out to not receive the newsletter anymore.This means for a little while the address-list of the newsletter is not up to date anymore and sent mails to an address which does not exist anymore will produce an undelivery mail to the sender.

Cause :

As the sender resides on your platform or is routed through your spamgateways and will sometimes receive a lot of non-delivery mails it will look like a try to figure out new mail-addresses for possible spam blasts and you get blocked.Operating spam gateways you are regulated by the law to deliver every email.Non-delivery mails included.(spam mails will be filtered and tagged or sent to a quarantine box).This is what can be called a false-positiv.Ok.But it seems not a trustworthy and professional tactic to charge 50 Euros for delisting, whereby the listing takes only place first on and is founded in a false positive just welcome to backscatterer to declare it as suspicious behaviour.I saw other statements also claiming not to take backscatterer as reference for blocking.As it has not much credibility.(But 50 Euros are always welcome).See Statements from back to 2007 till 2009 here.

Solution :

It can't be in nobody's interest not to be able to send mails to certain hosts.Explaining the situation to the customer and proposing to send the newsletters splitted into smaller groups of recipients will provide a good chance to get delistet after a period up to 4 weeks without supporting with 50 Euros. Another good workaround is to route through a new send-connector or use another gateway.

Most companies today relay on the communication via e-mail.Orders come via e-mail, appointments are arranged via e-mail etc. etc.When there is now an organization like and it knows it has the power to supplement that hosts falsely can be blocked (otherwise they wouldn't offer 50 Euros for delisting.But who knows, with this mentality maybe a proper spammer can buy himself up to 24 hours to blast out spam e-mails).It is sad that the worldwide e-mail flow can be restricted by such companies.And it has very well the taste of business, overlapping the advantage of their list.

Have similar experiences ? Feel free to point out your opinion with a comment.

If you provide a link in the comment block, you will get a PR 2 dofollow link to your site from your comment : ).Please do not abuse your comment for comment-spam.It will be rejected anyway.

Credit: The Turd in the picture was found on
Bookmark and Share


Mark said...

Just thought I'd post a link to a spam blacklist tool I use to check the lists in real-time...

Sam Regist said...

Thanks Mark, it provides a fast and transparent overview.

I usually use

It is not that transparent, but provides a lot of detailed informations.(it is IP based, so lookups should be done based on IP address)



Post a Comment