SBLs

13 December 2017

On the fifth day of Listmas, my data showed to me five SBLs…

Coming up on Spamhaus’ radar is usually bad news. Unlike some stories that you might read on the Internet, Spamhaus won’t reach out in order to give you a Target gift card.

While we won’t go deeply into what SBL listings are or how to resolve them, I think it would be useful to talk for a moment about the easiest way to get one: Hit Spamhaus spamtraps.

Read moreThe Spock Trap

The rule of thumb here is pretty simple: Spamhaus won’t list what Spamhaus can’t see. And while people sometimes surmise that Spamhaus has access to other data streams, we know for certain (and have known for years) that Spamhaus volunteers run a whole bunch of spam traps. If you’re hitting those spam traps, then you’re likely to get listed at some point.

Why is that? Because we know that there is (usually) a volume component to these listings. In other words, Spamhaus also won’t generally list something on the SBL on the basis of a single spam trap hit. This means that, over time, lists that are not regularly purged of non-responders are likely to slowly accumulate new spam traps.

It’s pretty common for me to get asked: “Well, we’ve been doing the same things for the last 50 years (ha!), why are they only listing us now?” And while it’s often true that the people who run DNSBLs are resource constrained, so maybe it’s that they only just now got around to that sender, it’s also often true that the sender has finally tripped a volume threshold that they’ve been building toward for weeks, months, or even years.

Read moreBad Advice

So, how do you avoid that? Take care of your list. Outside of permission issues, the fastest way to get listed by a DNSBL (like Spamhaus) is to think that once you got an address on your list that it’s useful forever. People change jobs, switch service providers, and even stop checking freemail accounts (like those at Gmail and Yahoo). Companies go out of business or are bought, and domains are closed and consolidated. Some domain owners just simply fail to renew their domains. So, there are a lot of ways that addresses can go bad — even when the recipient never hits that magical unsubscribe button or clicks on “This Is Spam.”

Smart senders will spend some time considering how long they want to keep old, non-responsive addresses on their lists. This is especially true where addresses bounce for a period of time and then resume accepting messages. This is a process called “conditioning” and should be considered a warning sign that an address on the list is being repurposed from a legitimate user into a spamtrap. (The M3AAWG Best Current Practices For Building and Operating a Spamtrap document suggests that conditioning a repurposed address for 12 contiguous months is appropriate (page 3).)

If you take care of your list, your list will take care of you. And taking care of business like that is also how you avoid 5 SBLs,

Four authentication failures,
sending 3 times daily,
2 purchased lists,
and that’s why they’re having slow delivery.

Bibliography

  1. Michigan police hand out Target gift cards for Christmas instead of tickets, Bob D'Angelo (2017, December 8). Retrieved December 13, 2017 from Cox Media Group: http://www.ajc.com/news/national/michigan-police-hand-out-target-gift-cards-instead-tickets/6DgfHWMMMxevxK33MkOcWK/.
  2. Messaging. Malware and Mobile Anti-Abuse Working Group (2016, August), M3AAWG Best Current Practices For Building and Operating a Spamtrap. Retrieved December 13, 2017 from https://www.m3aawg.org/sites/default/files/m3aawg-spamtrap-operations-bcp-2016-08.pdf.