Alastair’s Place

Software development, Cocoa, Objective-C, life. Stuff like that.

Why DNS E-mail Blacklists Are Bad

I used to think that the DNS e-mail blacklists were a good idea. After all, on the face of it, they seem like they might actually offer a way to combat spam. Certainly, they can reduce the amount of spam you receive—I don't think anyone would disagree with that.

So what don't I like about them? Well, since I started trying to run my own company, to be perfectly honest, DNS blacklists are the bane of my life. Why? Well, small companies tend not to own their own equipment on the 'Net… rather, they tend to use the services of web hosting companies. Coriolis Systems Limited (as well as this website) are using the services of 1 and 1, aka Schlund, who offer cheap and flexible hosting.

Why is this a problem? Well, here’s the rub. Whenever anyone buys anything from the Coriolis Systems website, they are sent an e-mail (actually, in most cases, two e-mails). This e-mail goes via 1&1’s mailservers before going out onto the Internet. But, because 1&1 are a hosting company, and anyone can sign-up to use their equipment, inevitably one or two of those most hateful animals—I am, of course, referring to Internet spammers—signs up with 1&1 every so often. The upshot of this is that some bright spark somewhere adds 1&1’s mailserver to one (or more often several) DNS blacklists, the result being that our customers don’t get their e-mails. What do our customers do? Well, usually, they blame us—after all, they assume that their e-mail system is reliable and that they should receive messages if we send them, not realising that their ISPs have thrown a spanner in the works by making use of DNS blacklists.

OK, you might say, most blacklists let you ask to be removed, and if 1&1 aren’t spam-friendly, then it should be easy enough to get this done, because they’ll kick the spammers off. All of this is true, except that by the time we know that there is a problem, it’s already too late… we already have an irate customer (ironically, it is usually American customers who become most annoyed—I say ironically, as it is largely their brethren that are responsible for the spam problem in the first place).

Anyway, all of this is very irritating. Is it really too much to ask for the maintainers of spam blacklists to adopt a more sensible approach towards shared infrastructure companies like 1&1? At the very least, you might reasonably expect them to use a notify-first policy for such people… that way, blacklist maintainers avoid inconveniencing large numbers of people whose perfectly legitimate e-mail goes missing because of the activities of the occasional spammer (who will be kicked off anyway, once the web hosting service is informed).

Oh, and before anyone goes hunting around and decides that the problem is anything whatsoever to do with open mail relays, you should note that 1&1 use authenticated SMTP, so you do at least know that any mail you get from their servers really came from one of their customers.