We got hit today with another 48 hours of Microsoft spam blacklisting, this time because a brand new hosting client sent out 30,000 e-mails in one day.
When I looked at the website of this new client, I did have just the slightest hesitation when I saw that he was an Internet marketer, however it never occurred to me that he could be a complete idiot.
To all those who are now inconvenienced for the next two days, with all hotmail, microsoft and MSN mail bouncing back undeliverable, I apologize, and rest assured that he is gone.
The user has been summarily dismissed from the system, his account has been suspended, there is no FTP access, no database access, no opportunity to come get any of his files, and no second chance of any sort. They are gone.
I’ve written before about the fact that you absolutely positively must use a third-party mail service to ensure not only delivery of your e-mail, but to ensure compliance with the rules and regulations governing spam.
Personally, I use iContact, and they have a free 30 day free trial:
PDXTC & Search Commander, Inc.
11124 NE Halsey St. #481 Portland, OR, 97220 USA
scott@searchcommander.com • 503-946-6881
11124 NE Halsey St. #481 Portland, OR, 97220 USA
scott@searchcommander.com • 503-946-6881
A dozen years ago or so, I had one password that I used for everything, and it wasn’t until some bad experiences that I understood the wisdom of having stronger passwords.
That said, to this day, I have some very simple passwords for literally dozens of online accounts I have in various places, because there’s really only so much need for security on certain accounts, but they’re not common words from the dictionary.
I also have some accounts that I would obviously not want to fall into the wrong hands, but I’m also not willing to give up my most secure passwords to these companies either, and for those I use a different password.
Finally, for logging into credit card company or financial institution sites require an inordinate amount of caution, and that’s why I have three personal “password levels” that I use. While they’re all completely easy for me to remember, they’re not going to be randomly guessed by some software or ‘bot.
Long before I started using Firefox, I either had to remember my passwords or buy Roboform for every computer, so I derived a system that made some sense to me, since I often found myself frustrated by forgetting my passwords.
Jumping ahead to 2009, privacy and security have never been more important, and the odds are you haven’t begun using stronger passwords, have you?
After a recent very ugly hacking of a website on our hosting, where the FTP password was set to “password”, I’d like to do recommend that you go change some of them right now.
In my opinion, you absolutely must to create a stronger password for your:
- E-mail accounts
- Web property logins & FTP access
- Web logins that have financial implications
Why use a stronger email password?
With a simple e-mail password, hackers can run scripts on mail servers trying common usernames and common passwords, and frequently they are successful gaining entrance to someone’s Web mailbox.
When someone gets access to a mail server with a username and password that validates, they can easily point their zombie spam machines to your mail server and begin to send out millions and millions of e-mails hour after hour. This does a couple of things, including bringing your mail server to its knees and getting everyone that’s hosted on that mail server banned for a least a few hours while the mess gets cleaned up.
Why use a stronger web / FTP password?
Most hackers aren’t content anymore with just defacing your site, now there’s a purpose to their hacking, i.e. some sort of financial gain.
When someone gets access to your Web logins and they can change your site, they’re also able to upload malicious scripts that can infect unsuspecting site visitors with various viruses, malware, adware and spyware.
In the old days, when spyware was relatively new, you could usually always tell when you add some crapware on your site because your system ran poorly, and this led to the rise of various spyware removal and prevention software.
Today however, the crapware designers do a much better job, and it’s highly likely that if you get spyware from a website, you may not even notice a performance hit. As the industry has become much more lucrative, talented programmers can write software to do their bidding on your PC without you even noticing.
For all you know, some well-written spyware could be using your home computer to log in at 11 at night to send a few thousand e-mails out, and be completely done by 3 a.m. only to sit dormant and not affect your regular daily use.
Why use stronger Financial Passwords?
Well, duh – For your online banking and purchasing, someone could conceivably log in as you, and trade stocks, transfer funds, and basically wipe you out financially just as surely as if you let the government do it for you.
That’s why you need secure passwords, and you need password you can remember.
How can you create a secure yet memorable password?
Secure passwords should have a combination of both upper and lower case letters, as well as numerals, to keep the hackers at bay,, and here’s my preferred way to create secure passwords that I can’t forget…
Think of an event that has some meaning for you and think of it as a written sentence. then use the first letter of each word, and the numbers for your password.
For example -
“My dog Fido died on May 10 1990” and your password would be MdFdoM101990
Or -
“My son Joe was born on May 10, 2000″ and the password becomes, MsJwboM102000 – get it?
You might choose to just use the last two digits for the year, or perhaps all four, but use a pattern that you can remember.
Use your wifes birthday, or something else that you could NEVER forget, and make sure to use at least two capital letters and at least two numbers.
If you want it truly unique for each website, and even more secure, you could try also adding the first letter of the domain you’re logging into.
# and $ signs and a few other characters are secure too, but keep in mind that some servers won’t accept them.
I’ll wait here while you go change your passwords right now, because believe me, someone really IS trying to get in your account, and maybe they’re trying right now!
*** Update March 2010***
My friends sister just found out that she was locked out of her hotmail account, and after a few minutes she realized she was locked out of her bank account too, and a couple of others. someone had apparently gained access to her mail account, so I got a panicked call.
Her password was a simple one, and with it, they changed her security questions in case she noticed, then they reset passwords elsewhere, (since they had control of her email account for verification they could do that!), and as of this writing, she’s on the phone with US Bank after about 20 minutes of digging to find this link at Microsoft which led to this Microsoft account recovery form.
Change your passwords NOW.
Peak Studios is a “search marketing firm” in Colorado that deserves special recognition for being incredibly stupid. Apparently, they’ve decided to leave fake negative reviews on my local business profile in Google, and they’ve done the same thing to several other members of the SEMpdx board of directors.
The owner, Quince Wyss, has now moved from a simple ignorance about marketing tactics into complete and total idiocy, and I’m sharing the story here because he’s crossed the line with these personal attacks.
The Story:
Back in October, someone posted twice in a row at the SEMpdx forums with two poorly written self promotional articles that were not only poorly written, but also had embarrassingly bad formatting, grammar, and punctuation.
As a forum moderator, I was just going to delete them when I noticed something comical – The “service” being hawked in these two pieces of junk were for an SEO / SEM company in Colorado named Peak Studios.
The person that posted even left their name, company name, and their email address, website and phone number, on both of these ridiculous “contruibutions”.
First I laughed, and then I Twittered this – “If you were an SEO company, would you forumspam us at SEMpdx? Duh. So, I’m calling [unlinked here] Peakstudios.com and I’ll report back”.
I realized it might just be someone trying to make Peak Studios look bad, so I decided to phone the company and alert them to what had been done.
How Did Peak Studios React?
You can imagine my surprise when the owner, Quince Wyss, told me that they DID have an employee with that name, and Quince said he wanted to see what the employee had written.
I forwarded the “articles” to him by email, expecting to get a message back that he was embarrassed and sorry, and that the employee would undergo some training about what is and isn’t appropriate. Certainly he’d train him more about how they want to portray themselves in the public eye, right?
I hung up thinking I had done a good deed, but an hour later I got an email back from him actually defending this crap, and he also “demanded” that I retract what I had said on Twitter!
Well, never one to miss an opportunity, I wrote an article called “Forum Spam is in the Eye of the Beholder” and posted on the SEMpdx blog, calling out Peak Studios by name as defending the practice of spamming forums.
Todd Mintz submitted it to Sphinn, where agreement was nearly 100% that this guy was in the wrong. Well known and respected internet marketers like Jill Whalen, John Andrews, Daria Goetsch, Nick Wilsdon, Kim (Krause) Berg and many others all seemed to agree that yeah, it was totally inappropriate.
But after seeing the internet community lined up against him, did Quince Wyss see the error of his ways and do the right thing and apologize?
No – of course not. Peak Studios continued to argue the point as the only defender on the thread, Opiumden. The debate got so ridiculous that commenting was turned off by adnimistrators.
Was that the end of it?
Oh no, not by a long shot. This genius then actually phoned both Kent Lewis, the past president at SEMpdx, and Ben Lloyd, the current president, and “demanded” that my article be removed, threatening lawsuits, retaliation, and blah blah blah.
Quince claimed both that I had edited his “articles to make him look bad” (LOL – why would anyone do that?), and he said that there was “nothing wrong with what he’d done”.
At that point it became even more ridiculous, as several emails went around among the SEMpdx board before we all decided unanimously that the article should stay up.
I mean, here’s a “search marketing firm” engaging in the same exact kind of forum spam that you see for Viagra, but it was for their own industry, their own business, and they were actually DEFENDING it! We all found it incredible.
So, Ben basically told the guy to take a hike and to go ahead and call his lawyer, because we all agreed he was clearly off his tree.
Was that the end? Oh no, just wait, it gets better…
Earlier this week, someone supposedly named “Jesse Vandalino” posted a silly but negative comment about SEMpdx on a very old outdated blog post at Matt McGee’s Small Business Marketing blog.
Matt emailed Todd Mintz and asked him if the name “Jesse Vandalino” rang any bells, which it didn’t, and we all suspected that it might be this guy from Peak Studios trying to engage in some reputation damagement.
Then Friday, someone at the office of Anvil Media noticed a negative review on their Google Maps profile, and Tom Hale, another SEMpdx forum admin and advisory board member ALSO had a negative review added to his Google profile.
I heard about this all on Saturday, and a quick look at my own Google profile turned up the one and only negative review ever written about my company. Sure enough, it too could be tracked back to this bozo at Peak Studios. Here’s a copy, in case I can get it removed…
Why am I writing this now?
Because after seeing this fake review, I was so mad that I picked up the phone and called Peak, leaving a profane voicemail that he should have some balls and call me. What did he do? Did he “man up” and phone me? No.
After editing out his own name, his company name, and the dirty deeds I was accusing him of, he then posted the voicemail on youtube in another public smear attempt. (I guess it serves me right, but I was genuinely pissed!)
That wasn’t enough tough, and he began contacting others, like the East Portland Chamber of Commerce, and linking to the Youtube edited voicemail with more comment spam.
THEN he went back into my Google profile and added another fake review, this one with reference to the voicemail!
If this guy will spam our forum, then go to all the trouble to attack us personally when he’s so clearly wrong in the first place, what might he do for his clients?
I took a look at just the first client listed in their “web portfolio” and here’s a short video of how they “market”, including:
- Making up fake user profiles
- Leaving fake favorable reviews for clients
- Slandering client competitors by leaving fake negative reviews
Here is my proof that they are leaving fake reviews!
What’s the most disturbing is NOT that he’s too stupid to realize that they spammed in the first place.
It’s not even that he’s so dumb that he used the same user accounts making this so easy to uncover.
No, what’s most disturbing is that there are businesses in Colorado that are falling prey to the supposed “internet marketing services” of Quince Wyss at Peak Studios, and they are risking their business reputation .
Don’t take my word for it; check them out for yourself! Here are a few fake user reviews I found for ChemDry carpet cleaning, a Peak Studios client – One, two, three, four
Here’s one where they also did a fake negative review of a competitor, and here’s another fake negative competitor review. Here’s one competitor hit with 5 negative reviews
It’s one thing to engage in some negative smear campaign against me or SEMpdx – we’re big boys & girls and can take care of ourselves.
What they’re doing is posting fake reviews of their own clients, and they’re posting fake negative reviews about their clients competitors! That is SO far over the top that I I think they should be sued.
Only the most despicable company would engage in a negative campaign of actual lies about the competitors of their clients, right?
Do you think their clients have agreed to let them play that way?
Update – 14 months later, Peak Studios is at it again so i’m closing comments here – please go to the new thread…
If you’re one of our 900 hosting customers having sporadic trouble with email for the past 36 hours, here’s the deal, and we’re pretty sure it’s totally unrelated to my public criticism of Linux Magic.
At approximately 7:45AM Pacific, one of the PDXTC shared mail servers (mail2.pdxtc.com) was determined to be in a critical state by our server monitoring system.
The PDXTC Tech Support Manager arrived at the Portland Pittock Data Center at approximately 8:45am to troubleshoot the problem.
It was determined that this problem is due to an overwhelming amount of SPAM being sent into the server from outside services.
PDXTC currently subscribes to a service by SPF that eliminates approximately 95% of all SPAM. That service from the third party went offline and let that 95% of SPAM through to the server.
That overwhelming amount of SPAM equates to approximately 1.2 million messages. The servers load when trying to deliver these messages to user inboxes was compromised and will continue to remain in a critical state until SPF can be brought online.
We have already contacted the third party vendors in regards to the SPAM problem and they are aware of the issue and are still working on a resolution. In the meantime we are currently implementing two of our own internal SPAM filter servers to take load off of the server.
The servers have been built and have been installed in our data center. We are now currently waiting on the SPAM filtering software licenses to be issued for this matter to be resolved.
The mail server has remained online through this interim and users should be able to successfully receive email. There is frequent problems with trying to send email from this server due to the high load balance of the server and the SMTP protocol timing out when user’s attempt to send email.
Another symptom user’s may also experience due to this outage is receiving duplicate email messages in their email inbox. This is caused by the load balance of the server as well.
Anytime an email is received from an outside provider the server sends a confirmation that the email has been received to the outside provider. Once the confirmation is received the outside provider stops sending the message, unfortunately with the load balance of the server confirmation notifications to outside providers are delayed causing messages to be delivered multiple times.
Please be aware the PDXTC staff is working as quickly as possible to resolve the problem and minimize any downtime by getting the server back online as soon as possible.
PDXTC understands the importance of this matter and sincerely apologizes for any inconvenience this outage may have caused. Thank you for your continued support of PDXTC.
Does your business send e-mail to your customers? How about emailing invoices or monthly statements?
Do you ever communicate with them to let them know about issues with their orders, or changes to their account?
Do you ever send them a newsletter, even one that they may have double-verified with an “opt in” on your end?
If you do, then you should be aware that there is a movement afoot to stop delivery of ANY commercial e-mail, unless the end user specifically says that they want to receive it by “whitelisting” you in THEIR control panel.
The company is Linux Magic, operated by Wizard Tower Technoservices, and a few ISP’s have made the the unfortunate decision to use them in their efforts to prevent spam from arriving in user mailboxes.
In theory this may be fine, but I believe that most end-users just are not yet savvy enough to understand how to do this, and your e-mail to them, from newsletters, to invoices, and even replies to email they sent or CC’d you in the first place will go undelivered, if this company has their way.
They operate several other anti-spam technology sites, including mipspace.com, magicmail.linuxmagic.com, magicspam.com, cityemail.ca, spamrats.com and there are likely others as well, since they’re growing.
There aren’t that many complaints about them out there, in my opinion, because they’re not all that big yet. But there are a growing number of ticked off people, and I predict that number will continue to grow as long as they retain their current definition of what mail should be blocked.
I dislike unsolicited e-mail as much as the next guy, and I’m happy that drastic steps are being taken all over the web to prevent people from becoming buried in unwanted e-mail.
However, this blocking of users mail threatens the very nature of e-mail communication, without the knowledge of the end user – i.e. the customers of the ISP’s that hire these email fascists.
Oh sure, the “knowledge” is buried in some online document or user agreement, but remember, we’re dealing with end users here. Can they really be expected to whitelist everyone they send mail to manually?
A brief education
Most Internet service providers and Web hosts subscribe to what are called “blacklists“, and when spam gets identified or reported, various IP addresses of the offending mail servers get added to these lists.
When that happens, end users of the subscribing ISP’s will not able to receive mail from any business or contact that may be using one of those blacklisted mail servers.
This “blacklisting” generally results in a bounced email message being sent back to the sender, with a message explaining why the mail was not delivered, and with links to follow to the blacklist removal process, in the event their IT department can fix something on their end.
Once that takes place, and a mail server IP has been added to a spam blacklist, there is always a remedy for removing them from the list in a timely fashion, assuming that you’re not really a spammer.
Apparently using “known spammer blacklists” don’t seem to be enough for some ISPs, and they are turning to other companies to help minimize their users unwanted e-mail, like Wizard Tower TechnoServices Ltd., and they have their own set of rules, that ISPs should be very wary of.
Specific History
This story begins with a bounced e-mail message that I sent to a client, where I CC’d about 4 people, including his newly hired design firm. The message to the design firm bounced back to me with this error:
<HYPERLINK “mailto:name@removed.com”name@removed.com>:
12.345.678.9 does not like recipient.
Remote host said: 550-Your message was rejected by this user and was not delivered.
550-Reason: This system uses BMS to check your IP address reputation, and
was rejected by the user 550-Protection provided by: MagicMail version
1.1.1 (http://magicmail.linuxmagic.com) 550
For more information, please visit the URL:
550- http://www.linuxmagic.com/power_of_ip_reputation.html 550 or contact your ISP or mail server operator. Giving up on 12.345.678.9
Having never heard of “BMS” and knowing that our IP addresses are totally clean and not on any spam blacklists, I attempted to visit the URL they provided, and got a 404 error page not found. Frustrated, I looked up the company contact info at their site and sent them an e-mail -
Dear Linux Magic,
I presume you were hired by the web host or domain owner of REMOVEDDOMAIN.com, and I’m unable to communicate with my client’s key web developer on a joint project -
My sending IP at office is 76.115.19.29 and my outgoing mail server is mail2.pdxtc.com (208.70.160.20)
Visiting your link “for more information” is bad, and my mail server IP is clean here – http://www.mxtoolbox.com/blacklists.aspx
Whatever the problem is, we need to resolve please.
Scott Hendison
Three full days later, this is the reply I get -
Hello,
Could you please forward this information off to the network administrators at the location where the email is being sent? They should be able to assist
you with any issues you are having sending to their mail server.
Thank you.
– Spam Auditor –
That was it!
- There was no mention of why we might be blocked
- No mention of the fact that their link “for more information” is bad
- No explanation whatsoever as to who they are
- No information about how to fill out a removal request, where they might be located, or what it is that they even do.
At this point I simply forwarded their e-mail reply to my client, asked him to forward it to his developer, and thought no more of it, because I knew that we were clean on the spam blacklists, and the fact was, this was really their problem, not mine. leFor some reason his Internet service provider would not allow him to get my e-mail.
A few days later one of our web hosting customers started getting identical bounce messages from one of his vendors and he submitted a support ticket to us.
Now, since it was no longer affecting just me, our server administrator attempted to pursue the problem again. He was more patient than I was, and actually dug in their website to the point of finding a form to submit in an attempt to get our mail servers off their “bad list”.
Two days later, when he finally did receive their response declining his request for removal, he had to phone them, and he claims he was told the following information over the phone:
“We will not remove your IP , because you are allowing commercial marketing e-mails to be sent. We define a ‘commercial marketing company’ as any company who sends out bulk emails whether solicited or unsolicited. This would include companies sending out a monthly newsletter or even a billing statement notification to existing clients.”
My admin then answered our hosting clients support ticket, saying there is nothing we can do to get this IP removed from their database and they have declined the removal.
At this point I decided to phone them because we are not spammers, we don’t allow unsolicited email, and we are not on any of the “real” spam company blacklists.
I phoned Wizard Tower Technoservices the first thing in the morning, and was told by someone named Sean that I would get a phone call as soon as manager arrived.
Four and a half hours later I phoned back, speaking to Ryan this time, who attempted to help me, but ultimately said I would have to talk to Michael, and he would have him call me right away as soon as he was back.
A couple of hours later, just before 5pm, I phoned back and was lucky enough to have Michael answer the phone, where I attempted to pitch my case.
Michael held the company line that “We do not discuss this over the phone please fill out our form”, while he attempted to educate me on the fact that they were not really a “spam blocking service”, and that being on their list was not necessarily saying we were spammers, just that we had frequently allowed commercial marketing to take place. He claimed that “people have a right to not accept commercial email” and we were “allowing it”.
I tried to challenge this supposed fact by pointing out that no, we do not allow our users to send unsolicited e-mail, and that any user that did so was immediately removed from our hosting platform. In other words, we have a zero tolerance for spammers, and we do not allow it.
At that point our conversation grew heated, with him insisting that we were “commercial marketers”, yet offering no proof or citing any complaints, and then he went back to his standard line of “fill out the form” on our site and they’ll take a look.
I filled out the form -
This is a second removal request, being made after speaking with Sean this morning, with Ryan mid-day, and finally with Michael Peddemors, after phoning just now.
“LinuxMagic DOES NOT IN ANY WAY choose which addresses should be blacklisted or not” so I’m asking you again, why we’re on this list? I’m submitting again because Michael said that this was the only way to investigate.
My server admin tells me that the first removal request was declined. These IP addresses – 208.70.160.19, 208,70.160.20 and 208.70.160.40 (and likely others in our range) are on your blocking list.
My admin claims that you told him that we were “allowing e-mail marketing” from our servers, and not necessarily that we were spammers. He says you told him “email marketing’ technically could include activities such as regular monthly billing and opt in newsletters or subscriptions.
We are a web hosting company with hundreds of customers. We do not allow bulk e-mail to be sent, and any hosting customers that does partake in such activities are in violation of our terms of service, and quickly become ex-customers.
Yes I understand that you’re “not a spam blacklist”, and that you are only maintaining a list of IP addresses that allow e-mail marketing but I need clarification please.
Is it really true that monthly billing statements qualify as e-mail marketing?
If that’s the case, then I guess we might be “guilty” as charged, but I would like to know exactly on what grounds we were added to your poor IP reputation list.
Thank you for a prompt response,
Scott Hendison
Still, nothing happened, and I got no response from them.
Over a week went by before I got another bounce, so I filled out the form again. – Now keep in mind this is the third time we filled out the form, and we’ve had multiple phone calls with them trying to convince them that we’re not spammers.
If you’re going to block a company, I believe you owe it to them to tell them why, and respond to requests like this in a timely manner.
I’m writing yet AGAIN, requesting information on WHY our IP addresses [123.456.789.0 ] and likely others in our range are on your blocking list.
I’m also looking for verification of what my admin claims that you told him.
1. We were “allowing e-mail marketing” from our servers, and not necessarily that we were spammers.
2. He says you told him “email marketing’ technically could include activities such as regular monthly billing and opt in newsletters or subscriptions.
I’ve phoned three separate times, finally speaking to Michael Peddemors nearly two weeks ago, who told me to submit the form, which I’ve done.
Your information claims that “LinuxMagic DOES NOT IN ANY WAY choose which addresses should be blacklisted or not” so I’m asking you again, why we’re on this list? What legitimate blacklist has provided our IP addresses?
The world’s largest reference list here shows none -
http://www.mxtoolbox.com/blacklists.aspx
Please give me the professional courtesy of a response this time.
Scott Hendison
Within 12 hours, here’s the response I got back -
Scott, as previously commented on. MIPSPACE is an IP reputation service that can be used by email administrators and end users to control email delivery.
It can be used to block, score, filter or otherwise affect mail delivery based by various technologies, including some LinuxMagic technologies.
Email marketing reputation is based on historical patterns of email marketing.
It does not make any distinction on the type of email marketing, except that occasionally double opt-in lists may receive exemptions.
MipSpace does occasionally review it’s rating based on end users reports. We do not normally change our reputation rating based on senders complaints.
Our ratings are no different than movie ratings, and not everyone may agree with our assessments, however that does not preclude us from making the assessment.
Those that choose to use MipSpace reputation lists are aware of this, and we have had very few complaints from those using the service.
Although we do realize this may affect your ability to send email to certain individuals if they use this rating system, the rights of the owners of the mailboxes takes precedence.
So yes, this has nothing to do with traditional forms of ‘spamming’. It is for people who prefer not to get any email marketing, no matter in what form.
Those that use this service usually have the ability to ‘whitelist’ any specific emails they wish to get, so if there is something they really want, they know they can do that.
And yes, we do not have the ability to verify the opt-in policies of companies, (just as you may have difficulties verifying the opt-in policies of your customers sending through your services), so occasionally opt-in email marketing companies will also get included, especially when those companies email marketing is objected to by the individuals who end up receiving the emails.
Often, the philosophy of opt-in may differ from the email marketer and the recipient; so called opt-in has reached such levels that more and more people are choosing methods such as blocking companies with a reputation of historically sending email marketing, and then whitelisting any addresses from those locations that they specifically want to receive email from.
Until such a time as these people complain that it is stopping a company that never sends email marketing, or it requires an excessive amount of exemptions, we have no motivation to change our rating.
If you have a case of a single IP in your range belonging to different customers with different policies on email marketing, you can consider IP address delegation via whois, and then we can base our reputation on those person’s activities separately, as operators of their own IP address space.
And as to your other references regarding LinuxMagic, the quote is correct.
ISP’s and end users choose the behavior of how the MIPSPACE rankings are used. LinuxMagic does make the list available in the product free of charge for those people to use.
This will be our final correspondence on this issue. As mentioned, herein, and on the website. We do NOT respond to removal requests from email senders, and there is no evidence to indicate this rating was accidental.
And this response goes far above and beyond our responsibilities in this matter, especially given the history of several abusive phone calls to our offices and staff.
However, if you decide at some future point to only permit email marketing from certain IP ranges, and other ranges are designated differently we may consider rating each IP address range separately, but again this will usually be instigated by customers who are the receivers, and not the senders.
– MipSpace Review Officer –
*****
Oh I see, so now I’m abusive because I was told someone would call me back immediately, and they blew me off? I’m abusive because I had to call back two more times before I could talk to someone (Michael) who was a pompous jackass on the phone and refused to help me unless I filled out the form yet again?
Does their final response above site any actual complaints? No.
Does it tell me how we got on that list in the first place? No.
It simply says that we are on the list, they’re not going to remove us, and they verified that yes, even e-mail billing invoices and double opt in newsletter subscriptions count against us, and we are on their “bad list”.
Their “service” is not a spam blacklist, it’s just a list of domains that in their determination, for which they do not share the methodology, are “known to allow commercial e-mail solicitation”, and that does include sending out company invoices or newsletters that their customers have subscribed to.
Their amazing technology isn’t even smart enough to automatically whitelist addresses to whom their clients send or CC email directly! If the white list were updated when the end user sends or CC’s mail to a domain, then there might be SOME hope here, but there’s not.
I’m strongly urging any Internet service provider to consider carefully the ramifications of using Linux Magic, or any Wizard Tower Technoservices company to filter their users mail.
I’m also strongly urging anyone with expected email mysteriously not arriving to ask their ISP if they use this company, and if they do… then dump ‘em.
Perhaps their technology is excellent, I’m not really sure, and I don’t really care. The point is, that they are uncooperative jerks, and the fact that they offer no remedy at all for businesses who feel unfairly blocked, nor do they tell them why we’re blocked in the first place, is completely unacceptable.
Since they seem to be completely unregulated by any state, federal or other agency, they are free to wreak all the havoc they wish by indiscriminately blocking mail however they want, and I suspect that some of the ISP’s that are actually using them don’t even realize it.
In short, any ISP using them may have a lot of angry users on their hands…
Be warned.
P.S. – I’m sorry that I seem to have this much free time to write stuff like this. I don’t really, but this “email fascism” is BEYOND ridiculous and that’s why I was angry enough to write this… manifesto.
P.P.S. – I seldom specifically ask in posts for Diggs, Stumbles, or any social networking sharing, but I’m asking now…
Today I got notified by a hosting customer that his website had their content and design copied and reposted under another domain name hosted elsewhere.
The copied domain is here – www.nim-company.com while the ORIGINAL design and content are here – www.webpositionexpert.com.
The original site is a friend with a business in Antigua, while the content and design thief is apparently named Robert Soloway, and is in my back yard, up in Washington State.
I googled his name, and this guy has apparently ticked off a lot of people. There’s a lot of information about him on the web, and someone even registered the domain name Solowaysucks.net with links to his other misdeeds.
In an attempt to help him remove the duplicate content from the Google index (yes, it’s in there) I sent him here, to report an offender to Google. They’re usually pretty quick to react to stuff like this in my experience.
He also had another question of legality, and while we were IM’ing each other, I ran across this excellent explanation of his options. If someone ever steals your content, this is a great reference page to review. Nice Job, Lori, (and I see you’re in our backyard too, up in Spokane, Wa.)
Spam is at an all time high, and there’s simply no stopping it. Oh yeah? Check this out…
I’m an affiliate for SpamArrest, and to this day, have never found a solution that I like better for up to 5 email addresses. The price is right, and it REALLY does work.
SpamArrest can actually block 100% of the email that you don’t want to see, and there’s practically no danger that something “legitimate” won’t reach your in-box (assuming the sender can read).
If, like me, you get hundreds of spam emails a day, then you owe it to yourself to check this out for your your new year resolution…
Happy 2007!
To say “spam is out of control” is not really accurate, so let me give you some figures that will put it in perspective.
For my own domain pdxtc.com, August 2006 brought me these numbers…
- 19,306 total incoming emails (and we only have 9 addresses!)
- 16,209 were identified and blocked as spam before a human ever saw them
- 102 of those blocked contained viruses
- 71 of those that were blocked contained “phishing” attacks
- Only 15.15%, (2,924) of the emails were deemed “legitimate”
- Of the “legitimate” emails that made it through, I can only guess at the number I’d have been better off without seeing!
In the past, I have recommended SpamArrest (and I still do) for users that have only 5 email addresses or less, and it’s still one of the best in my opinion, since you can block 100% of all the cr*p with a simple one time auto response, asking “are you human?” to the sender .
That’s not practical for a business that wants to protect it’s whole domain. The “user verification” option is fine for persinal mail, isn’t really acceptable in a corporate environment, and you need something more robust.
I have payed a monthly fee for years to protect my whole domain with Securence, and I’ve been very happy with it, practically never getting any “false positives” blocking mail that I want. however, in the past month I’ve had to go into my “quarantine” folder on their server four times looking for email that I was expecting, which turned out to be blocked.
Perhaps I’m a bit premature considering changing, but I thought I’d throw it out here…What mail management methods do you use to maintain your sanity?
Several web hosting customers have reported that their email to AOL members has been occasionally undeliverable. After a bit of research, and I’ve discovered why…
Some people have their own domain names hosted with PDXTC, yet continue to have their email forwarded through our system to their AOL addresses because it’s easier for them.
When those same people get spam in their AOL box, they report to AOL using the methods from inside their AOL software. Then AOL looks to see WHERE those spam messages are coming from, and keeps track.
As far as AOL can tell, the IP addresses that those spam messages come from are the PDXTC servers, and after too many in a day, they bounce our mail.
So, if you have webhosting with PDXTC, and you forward your email to an AOL address, please stop reporting messages as spam to AOL, because AOL seeks to block the last sender, (us) and not the originator of the spam, and that effects everyone on our servers.
As I said, we are whitelisted now, but we will continue to have to answer to AOL when this happens, and reapply to the white list if we get kicked off.
This is a note to my web hosting customers in Portland and elsewhere, but since it applies universally, I’m posting the info here…
OS Commerce and PHPbb are free, or “open source” software programs available with all PDXTC web hosting packages. Upon installation from your web hosting control panel, you have access to the latest version, and any known security vulnerabilities are patched upon installation.
However, after you install it, it is your responsibility to keep it updated, to prevent hijacking. Just like all Microsoft software, hackers are working hard at getting in “back doors”, and the software must be updated by the end user (you or your webmaster) on a regular basis, but unlike Windows, there is no way to automatically update it yourself.
I know this happens, because I just got hijacked last week! A couple of years ago, I installed an OS Commerce test store on an extra domain I own. after playing with it for a while, I forgot it was even there, and got back to work.
Jumping ahead to last week, I got a phone call and three emails telling me I was running a Paypal scam on my domain name, cyber49.com. Realizing what had happenned, I quickly fixed it, but it was still embarrassing. But I’m willing to share my embarrassment here, if it will help protect you…
In addition to OS Commerce, there are many other free programs offerred, and it’s the end user’s responsiblity to keep that software patched. You also agree to do so by accepting the license agreement when you install it.
To keep all open source applications up to date, you must go to the community website, and subscribe to their “updates” mailing list.
Here are direct links to the two most popular (and most exploited) programs offerred free with every PDXTC web hosting account. They are both easy and free to use, and I highly recommend them, but like anything on the internet, you have to learn as you go.
OS Commerce is one of the most powerful and customizable shopping carts available on the internet today. It’s versatility in layout and design are fantastic, and you’ve undoubtedly shopped online in an OS Commerce store.
OS Commerce OS Commerce mailing list
PHPbb is a bulletin board package. Right from your PDXTC hosting control panel, you can install it and easily get it going, creating an online forum / bulletin board about any subject you like.
You might have heard on the news that AOL and MSN are considering charging businesses for each email they send. Well that’s simply not true, and Here’s the full details of what’s going to be happenning…
Basically it says that they may soon be charging senders for DELIVERY to their addresses. sort of like an e-stamp, to insure the mail gets past their spam filters.
That’s fine – however, there’s quite an uproar over the misconception that we’ll be charged to send email, and the reaction seems to be very negative, which surprises me. Personally, I would LOVE to see a pay to send model, perhaps even as a tax. (Yes, I said that)
What would be the ramifications to you if your ISP started charging you “per email sent” ? Would you go broke?
For my own business purposes, I’d say I send about 40 emails a day. Multiply that by 30 days (yes, I work 7 days a week) and that’s about 1200 emails a month.
The figure I’ve heard bantered about is everywhare from 1 cent to 1/100th of a cent per email, which would barely affect me. Even at a full penny per email, it would only be $12 a month.
Sure there’s whining that legitimate email marketers will be impacted, but still only minimally. They’ve been gettign a free ride long enough.
If the cost of a direct mail piece is 39 cents now, but an email cost a penny, there’s still a huge advantage to using email. To mail 2000 emails would only be $20. To mail 20,000 pieces would cost $200.
Think of the effect this would have on spammers, who send tens of millions of emails a day or more. They send all the mail they want, because it’s completely free. If a tiny mandatory charge were placed on email sent, this could effectively put spammers out of business.
If this was enforcable, I think it would be the perfect way to decrease spam, and increase revenue for much needed wireless broadband internet infrastructure in the United States. The reality though, is that spammers would continue to use offshore unregulated servers, and other computers and servers here that they hijack to send their garbage.
I’m not sure what the final answer is, but I do know that since November 2005, the amount of spam on the internet has tripled, and there are no signs of it slowing down. There’s got to be a way to stop it without putting the burden on us, the innocent emailbox owners.
Until then though, there’s always SpamArrest.
I got a text message saying Spamcop got a report that our mail server IP address was sending spam. After checking my mail 1/2 hour later, I determined that it was a flook, and surely Spamcop wouldn’t blacklist me.
so I sat down and banged out about 4 email replies and a couple of new ones and hit “send and receive”…
Here’s what I got back for nearly every one (I added the x’s)
209.237.x.x does not like recipient.
Remote host said: 554 Service unavailable; Client host [209.237.x.x] blocked using bl.spamcop.net; Blocked – see http://www.spamcop.net/bl.shtml?209.237.x.x
Giving up on 209.237.x.x
That means that one of the nations largest Spam services got one single complaint, and blacklisted my entire domain’s ability to send mail. What gives them that authority on an unsubstantiated claim? We did, with the CAN-Spam act and other public outcry over SPAM.
Fortunately, it took all of 60 seconds for us to swap around some IP addesses, but what would you do if this happenned to your company domain name? In a best case scenario, there are no other complaints and your mail comes back the next day, a full 8 hours later. In a worst case scenario there’s more than one complaint, and you would continue to be unable to send mail to over 1/3 of the world?
How can you protect yourself? By using email marketing programs like Cooler Email for small companies, or Clickz for large ones. Also, complying with the CAN- Spam Act of 2003 is something everyone should do. Here’s a great primer I found on spam compliance.
***update 2/8/2006
I woke up this morning and AOL has blocked our mail server again. Someone that hosts their website with PDXTC is sending bulk email from our mail server.
I’ve repaired the problem again by changing IP Addresses. I really don’t want to take the time to track down the offender, so please just stop it.
