Troubleshooting a Postini block

Mail from one of my clients is being filtered at Postini and they asked me to look into this. Not that there is anything that can be done, of course. Even before they were bought out by Google, they were the poster child for a spam filtering company that believed they could do no wrong. It was difficult, if not impossible to get a straight answer from Postini about filtering, and the only statement they would ever make in regards to blocking problems was ‘have the recipient whitelist your mail.’
It is not just that Postini will not talk with people who are blocked, they will not talk to their own customers, either. Many years ago, I was dealing with another Postini issue for a customer. This customer was a Postini customer and was sending mail to themselves to test their new ESP. Postini was blocking the mail and the customer wanted me to find out why. After a couple days of digging I did actually find a really-o truly-o human at Postini. [1] He explained to me that a single line of text, followed by an unsubscribe link was spam, always spam and nothing but spam. He also explained that the only way for that mail to be let through, was for my customer to turn off his Postini filters.
Fast forward 4 years and I once again have a customer blocked by Postini.  Usually, I tell customers there is nothing to be done for Postini blocks and that no one can find any information about them, but this customer is insistent. This particular customer has extremely clean mailing practices, sends highly relevant and wanted mail and consistently gets 95+% inbox delivery. They are not spammers, not even a little bit. Because I know this customer is so clean, I poked around a little to find some information about them. They do use the ReturnPath Mailbox Monitor so I have a copy of the headers Postini is adding. I also discovered that Postini is now providing a decoder service for their headers at https://www.postini.com/support/header_analyzer.php
The response you get back from pasting in a header is not that useful if you have found any of the numerous explanations of Postini headers, but it does show some willing. Note, there is no way to ask a question or provide feedback to Postini on the listing.
There is not much that can be done to deal with Postini filtering your email. The best you can do is have your recipients whitelist you.
[1] I believe I am the only person on the delivery end that has ever been able to actually talk to a live human at Postini, and I think that is only because I called them from the same area code they are in and some engineer decided to return the message I left on their corporate voicemail.

Related Posts

Do you know where your addresses go?

Being a deliverability consultant, I end up signing up for a lot of lists and providing email addresses to a lot of different websites I may not normally trust with my email address. The only way to manage the resulting volume of email is using a disposable address system. There are a number of commercial versions, but we built our own system.
Any time I need to sign up with a client, I create a new email address. Part of the address creation process involves making notes about where and when the address was used. When mail is received at any of the email addresses I have used, that email is appended with the data I provided at the time I signed up and forwarded to a mailbox on my main system. If an address ends up compromised or sold and getting too much mail, I can just turn it off. This system allows me to freely hand out addresses, without a large amount of mail ending up in my primary mail box.
Disposable addresses great way to monitor what my clients are doing with my email address. I have found, in at least 2 cases, that my clients are doing nothing wrong, but there are leaks in their process that lets email addresses get out to spammers. My reports of data leaking were the first they knew about any problems with their vendors or customers.
I strongly recommend any marketer who shares any data, include in that data test or seed accounts. Sign up for your own lists, using unique addresses, so that you can see what kind of mail your subscribers are receiving once they sign up at your site. If you are providing data to customers or vendors, include unique test data in each list. If you start getting unexpected mail to those addresses, you can track back to the specific vendor with the data problem.
Your email address list is one of the biggest assets your company has. Protect that asset by monitoring what others are doing with it.

Read More

Yahoo delays, part 3: Yahoo speaks

Yahoo is aware of the recent problems and have been working feverishly to fix them. A Yahoo employee posted to a mailing list earlier today, explaining some of the recent issues. The summary is:
1) The Yahoo delays are a result of a tighter spam filtering policy. The delays are the result of the system erroneously recognizing email as spam and deferring delivery. They do believe that retrying long enough will result in all mail being delivered to Yahoo recipients.
2) They have been continually making fixes to the system over the last few days and senders should see queues start to empty over the next few hours.
3) They believe the adjustments made will resolve the deferral problems. If you continue to see problems, you can contact them through the form at http://postmaster.yahoo.com/.
4) They are working to provide more self-serve information at http://postmaster.yahoo.com/ as well as timely service updates.
Loose ends from my previous Yahoo posts:

Read More

Forgery and spamware

Recently there has been a massive uptick in forgeries. I have been seeing hundreds of bounce back messages, peaking at more than 1000 in an hour. I have been talking about this with people who monitor large spamtrap feeds, large MTAs and spamfilters and it seems this is not an isolated experience. The consensus seems to be that there is new spamware out there which is using email addresses on the spam list as a From: address
The volume itself is annoying. Thousands of messages a day from “mailer-daemon” telling me that the mail I sent with the subject line “Get a longer tool” cannot be delivered to some random address some where. These are coming to at least 3 separate email addresses. One of them was given to Intuit back in 2001/2002 when I registered a copy of Quicken, and ended up leaked to loan spammers and is all over spam lists. The other two are addresses scraped from websites. Same spammer has them, same spammer is using them as part of his spam run.
Even more annoying than the volume, though, is the challenge/response emails. “Your email to jobobjimbo@example.com cannot be delivered until you click this link.” I have been adding every domain I can find that is using c/r to my filters, and just discarding the c/r emails so I do not have to deal with them. That is not my ideal solution, it does mean that if someone using c/r ever tries to contact me I will not see the challenge and our communications cannot happen.
Some people have recommended that the right way to deal with challenges from forged spam are actually to answer the challenges. As the reasoning goes, if someone using c/r is going to outsource their spam filtering to a victim of spam forgery, then they should expect that the “spam filter” may have a different opinion than they do. While I always sympathized with this viewpoint, I was not sure I would ever confirm spam forgeries. The sheer volume of c/r stuff I have received in the last few weeks has almost convinced me that people who use c/r deserve every bit of spam they get. If a c/r filter lets in spam, then perhaps they will reconsider their choice to spew challenges out to forged email addresses.
The amount of c/r spam I am getting as part of the forgery runs is decreasing, I think I have finally managed to block the primary sources. It does mean I will not be able to communicate with people who use c/r in the future, but I find this a small price to pay for not having to be an outsourced spam filter. I get enough of my own spam, I really do not want to have to deal with yours.

Read More