BLOG

Fake DNSBLs

Spamhaus recently announced a few years ago that they have discovered a company that is pirating various blocklists, relabeling them and selling access to them. Not only is the company distributing the zones, they’re also running a “pay to delist” scheme whereby senders are told if they pay money, they’ll be removed from the lists.
The fake company does remove the listing from the fake zones, but does nothing to remove the IP from the original sender. This company has been caught in the past and was blocked from downloading Spamhaus hosted zones in the past, but have apparently worked around the blocks and are continuing to pirate the zone data.
It’s not clear how many customers the blocklist has, although one ESP rep told me they were seeing bounces referencing nszones.com at some typo domains.
No legitimate DNSBL charges for delisting. While I, and other people, do consult for senders listed on the major blocklists, this is not a pay for removal. What I do is act as a mediator and translator, helping senders understand what they need to do to get delisted and communicating that back to the blocklist. I work with senders to identify good, clean addresses, bad address segments and then suggest appropriate ways to comply with the blocklist requirements.

7 comments

  1. Catherine Jefferson says

    I think that I heard of these idiots years ago, although they might have been using a slightly different domain name at the time than “nszones.com”. They’re an outright scam, to be sure. This is a “buyer beware” kind of world in so many ways. Thanks for posting this and warning people about it.

  2. Brian says

    The Spamhaus page that is linked in this article dates to December 2009.

  3. laura says

    Good catch, Brian. I was going off someone asking about bounces they were seeing from nszones and they pointed me at that blog post at Spamhaus. I didn’t even notice the dates.

  4. ram says

    But uceprotect does charge for an express delist. Does that mean they do not fall in the category of legitimate DNSBL’s

  5. Catherine Jefferson says

    Ram, your question put Steve and Laura on the spot. They’re deliverability consultants. They have to work with all blocklists that their customers care about. Some customers probably care about UCEProtect, so it behooves them not to make possibly insulting comments in public.
    I am not a deliverability consultant. I also am not prone to insulting those who run blocklists; I’m very much in favor of blocklists overall. However, in my opinion no legitimate and responsibly-run blocklist should EVER charge or accept money to remove a listing.
    This is why I feel that way: even where the blocklist might legitimately claim to be covering expenses, the very fact that money leads to delisting gives at least the appearance of corruption. Blocklists live and die by their reputations, even more than email service providers (ESPs) or deliverability consultants. A blocklist operator who does not realize the importance of his blocklist’s reputation isn’t fit to run a public blocklist. A blocklist operator that knows this fact and charges for delisting anyway is at very least (by the most charitable interpretation) letting their need for money get in the way of doing their proper job.

  6. Al Iverson says

    I probably would not characterize UCEPROTECT as illegitimate. I don’t like the pay-to-delist option, I don’t think it is right. However, listings there truly are spam/spamtrap driven based on their own criteria and data. As opposed to the NSZONES stuff, which is data stolen from a third party.

  7. Steve eMailSmith says

    I’m with Catherine here…
    The purpose of keeping a blacklist should be non-profit, or else, as soon as people would start to have to pay to be de-listed, where would be the correctness and balance here?
    Some would simply pay every time they get listed and move on with shady tactics, others(even ones who’ve been listed for an occasional fault) would stay there like sitting ducks.
    Furthermore, in this case it looks more like a scam and a fraud and a theft, overall – not even a legitimate (profit-driven) business model.
    Steve ✉ Master eMailSmith ✉ Lorenzo
    Chief Editor, eMail Tips Daily Newsletter

Comment:

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.