ManFromOz
Level 5: Eagle Eye

Blocked outgoing emails, Spamhaus, etc.

Having suddenly had all my outgoing emails blocked unnecessarily, at a very bad time, caused me to investigate further, including reading some of the CrowdSupport threads re Spamhaus (where I found a number of uninformed and erroneous responses from high-credential members and Telstra responders alike).

 

What follows contains "educated assumptions". Happy to hear from anyone who can tell me that they are mis-assumptions.

 

To start, and to avoid some of the responses in other threads, the blocking I suffered on 2/1/2015 was of any and all outgoing emails, irrespective of addressee, domain, ISP, etc. And as stated in the error messages, the blocking was not by Spamhaus itself, but by Telstra servers after finding my IP address on the Spamhaus list: ... BigPond Outbound, Connection refused, [current IP address] is listed on the (Spamhaus) Exploits Block List (XBL) ...

 

It seems that Spamhaus updates the XBL with IP addresses found to be spamming or exhibiting signs of malware-induced misbehaviour in their outgoing emails. And Telstra SMTP servers (as well as those of other ISPs) block mail from IP addresses found to be on the XBL.

 

So far so good, and I have no objection to my ISP employing anti-spam/malware procedures such as the above. Except for a couple of things...

 

Some users have fixed (constant) IP addresses. I, and many others, do not. As happens with many people, when I turn my T-Gateway on it obtains an IP address from Telstra's current available pool. But what if it assigns me an IP address that happens to be on the XBL (owing to past activity by some other user)? My Internet will still work, as will my incoming emails. But any attempt to send email will be blocked, through no fault of my own or my PC.

 

Yes, there is a simple workaround if this happens. You turn your router/modem off, turn it on again, in my case wait the forever that a T-Gateway takes to reinitialise, then hope that this time Telstra will assign you an IP address that is not blacklisted.

 

The problem there is that many users do not know what's happening behind the scenes, or don't understand the assignment of IP addresses, etc. So that's a workaround for the experienced.

 

We could try to further educate the masses, so more users will understand how these false blockings can happen and what to try to rectify it. But I wonder if there isn't a much simpler alternative that would be kinder to all ...

 

If Telstra has implemented technology so that every time a user tries to send an email, it checks the XBL before allowing it, then why can't Telstra also use similar look-up technology, only once per user session, to check the same XBL before assigning a blacklisted IPL address to an innocent user?

 

Was this helpful?

  • Yes it was, thank you
  • No, I still need help
2 REPLIES 2
Brodie_Telstra
Telstra (Retired)
Telstra (Retired)

Re: Blocked outgoing emails, Spamhaus, etc.

Hey ManFromOz,

 

Unfortunately blocking is done via 3rd parties and we have no control over the blacklisting/whitelisting of the IPs. I will forward on the feedback about pre-checking, but likely this would drain the network and wouldn't be possible. 

 

Brodie

Need help? Check out our Community Wiki or Support Portal || Looking for a new mobile? Order online today || Get help with any Tech at Home with Telstra Platinum || Don't forget to tag answers as Accepted Solutions and give a Like to the member(s) who helped you out.

All moderation actions are supported by the CrowdSupport Community Guidelines

ManFromOz
Level 5: Eagle Eye

Re: Blocked outgoing emails, Spamhaus, etc.

Thank you, Brodie.
 
Please let me know if any assumptions that follow are wrong.
 
- I don't mean to split hairs or be pedantic, but while the compiling of blacklisted IP addresses is done by 3rd parties (and I agree is out Telstra's control), isn't the blocking itself done by Telstra servers after cross-checking with the blacklists? Spamhaus does not block mail. If the blocking itself is done via 3rd parties that Telstra employs to run its mail servers, then the "we have no control over it" argument doesn't wash.
 
- More importantly, say that I turn on my equipment, connect to the Internet, and send 10 emails during a "session" before disconnecting or turning off. That would appear to be ten times that your mail servers are checking my IP address against the Spamhaus lists. Under my earlier suggestion (checking at IP assignment time), at worst it would be eleven checks instead of ten. Are you saying that that one extra check would "drain the network", though the other ten won't?
 
- But in fact could it not be one check instead of the current ten since your mail servers could now assume that the just-assigned IP address is "clean"? Wouldn't that in fact "undrain" the network?
 
Perhaps I'm missing something here, but otherwise it seems that Telstra is saying to its customers without permanent IP addresses:

To protect the network we are going to check the IP address that we've assigned to you against a third party blacklist whenever you try to send an email, and will block your emails if your IP address is on that blacklist. However it is possible that we will assign you an IP address that is blacklisted through previous activity of some other user, because we don't check the list at the time of assigning you an IP address. If this happens to you through no fault of your own, too bad.
 
If that is what's happening, IMHO it verges on the scandalous that Telstra won't check that an IP address is "clean" before forcing it upon the customer. My original occurrence may not happen too frequently, but it suggests that some proportion of the pool of IP addresses that Telstra uses is made up of pre-blacklisted addresses. I knew how to release the offending address, but didn't that just make it available to be assigned to the next innocent user? And the fact that Spamhaus can keep past offenders blacklisted for up to 6 months just makes this worse.
 
Telstra doesn't have to use Spamhaus blacklists. The fact that it does would be commendable if the facility was used properly, but not in a manner that can punish innocent users.
 
That's my 2-cents worth. No-one else prepared to weigh in on this one?

 

Set it & forget it

With direct debit there’s no need to give paying your bill another thought.

Avoid queuing up and never worry about late fees again.

Setup direct debit