Yahoo and Spamhaus

Yahoo has updated and modified their postmaster pages. They have also put a lot of work into clarifying their response codes. The changes should help senders identify and troubleshoot problems without relying on individual help from Yahoo.
There is one major change that deserves its own discussion. Yahoo is now using the SBL, XBL and PBL to block connections from listed IP addresses. These are public blocklists run by Spamhaus. Each of them targets a different type of spam source.
The SBL is the blocklist that addresses fixed spam sources. To get listed on the SBL, a sender is sending email to people who have never requested it. Typically, this involves email sent to an address that has not opted in to the email. These addresses, known as spamtraps, are used as sentinel addresses. Any mail sent to them is, by definition, not opt-in. These addresses are never signed up to any email address lists by the person who owns the email address. Spamtraps can get onto a mailing list in a number of different ways, but none of them involve the owner of the address giving the sender permission to email them.
Additionally, the SBL will list spam gangs and spam supporters. Spam supporters include networks that provide services to spammers and do not take prompt action to remove the spammers from their services.
The XBL is a list of IP addresses which appear to be infected with trojans or spamware or can be used by hackers to send spam (open proxies or open relays). This list includes both the CBL and the NJABL open proxy list. The CBL list machines which appear to be infected with spamware or trojans. The CBL works passively, looking only at those machines which actively make connections to CBL detectors. NJABL lists machines that are open proxies and open relays.
The Policy Block List (PBL) is Spamhaus’ newest list. Spamhaus describes this list as

The Spamhaus PBL is a DNSBL database of end-user IP address ranges which should not be delivering unauthenticated SMTP email to any Internet mail server except those provided for specifically by an ISP for that customer’s use. The PBL helps networks enforce their Acceptable Use Policy for dynamic and non-MTA customer IP ranges.
PBL IP address ranges are added and maintained by each network participating in the PBL project, working in conjunction with the Spamhaus PBL team, to help apply their outbound email policies.
Additional IP address ranges are added and maintained by the Spamhaus PBL Team, particularly for networks which are not participating themselves (either because the ISP/block owner does not know about, is proving difficult to contact, or because of language difficulties), and where spam received from those ranges, rDNS and server patterns are consistent with end-user IP space…

Generally, email service providers and bulk senders only need to be concerned about the SBL. Being listed on the SBL is a sign that your subscription processes allow addresses to be subscribed by people who do not own those addresses. Removal from the SBL involves fixing subscription processes and verifying that all recipients do actually want to receive your email.
Generally ESPs and bulk senders should not be listed on either the XBL or the PBL. I am aware of a couple cases where senders were listed on the XBL, but in all these cases there was a Windows machine inside the company infected with a trojan sending spam. Once the machine was cleaned, the listing was removed promptly. Senders listed on the PBL should talk to their ISP for resolution.

Related Posts

Yahoo blocks unauthenticated PayPal and eBay Mail

Yahoo announced this morning that over the course of the next few weeks Yahoo would roll out a new feature to their email that blocks any unauthenticated email from eBay and PayPal.
In a blog post Nikki Dugan says:

Read More

Best practices and ISPs

A couple articles came out today talking about ISP requirements and how to find them.
EmailInsider talks about ISP best practices and how merely complying with CAN-SPAM is not enough to get good delivery at the ISPs.
Meanwhile, over at ClickZ, Stefan talks about what the ISPs want from you and how to find the information online.

Read More

SenderScore update

Matt has posted a bit more about the SenderScore Blacklist, following up on my post about the changes at Comcast. George Bilbrey, VP and General Manager, for Return Path followed up with him to explain a bit more about the blacklist. George says:

Read More