Special Report – Who’s your GoDaddy!?
GoDaddy is blocking your emails – not because they’re spam, but because they don’t know how to configure a webmail server properly! OK, now I know that typically us TechTalk guys should feel fortunate to be considered worthy to repeat the news, never mind report on it, but in this case I think there’s something important enough that it needed to be written up and shared. Call it news if you’re generous, or call it a rant if you want; it probably lands somewhere between the two.
Have you ever wondered if you’re missing emails from important people? Do you use GoDaddy as your hosting provider or webmail service? Does anyone you know use GoDaddy and complain that they missed emails from you? If the answer to those questions is yes, you may have experienced a mail server configuration issue that GoDaddy is not only aware of but are so far unwilling to correct.
The skinny is that GoDaddy is applying the well-known and highly regarded SpamHaus SBL/XBL/PBL databases in an inappropriate manner. This leads to false-positives on the spam block; which means your emails to and from GoDaddy clients can and will be blocked under certain fairly common circumstances. GoDaddy has been alerted to this problem, admits that it is incorrectly configured, and sources in management have said they are not going to do anything about it.
What GoDaddy is doing specifically is using all 3 databases, including the PBL (more about this in a bit), with deep parsing of not just the mail headers, but also within the body of the email itself. Parsing links within the email body and blocking based upon a match in any of the database listing is questionable at best, but matching against the PBL in particular is a pretty major and obvious mistake. More frustrating however, is the fact that in most cases, choosing not to use or to use it appropriately is pretty darn easy.
Sound crazy? Yeah, I thought so too. I’m including all documentation on my back-and-forth with GoDaddy support, as well my final (and so far unanswered) request to them to confirm or deny anything I’ve stated above. You can read it yourself and make your own assessment.
Casual readers, or anyone who isn’t involved elbow deep in mail settings, spam filtering and SMTP may be a little lost at this point. For the most accurate info, go direct to SpamHaus’ FAQ page. Simply put though, SpamHaus provides 3 different listings of IP’s – the SBL (SpamHaus Block List), theXBL (eXploits Block List), and the PBL (Policy Block List). You can, and many organizations do, configure your email server to read the headers of the emails coming in, compare them to the IP’s listed in these databases, and block or allow accordingly.
The SBL is, in SpamHaus’ words:
… a realtime database of IP addresses of verified spam sources and spam operations (including spammers, spam gangs and spam support services).
The XBL is:
… a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies (HTTP, socks, AnalogX, wingate, etc), worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
So both of these can and should be used for blacklisting and blocking emails and email servers. The PBL, on the other hand is a list of:
… both dynamic and static IPs, any IP which by policy (whether the block owner’s or -interim in its absence- Spamhaus’ policy) should not be sending email directly to the MX servers of third parties.
In essence, any block of IP’s that an ISP or other provider has generated that is refreshed on any timely basis (thus qualifying as ‘dynamic’) or that has been identified as not allowed for mail servers to operate from. Do you have an IP that is dynamic or is included in the PBL? If you get your internet access via Comcast, AT&T, Verizon, or any of a hundred other ways where you haven’t signed up for a ‘business’ account and gotten not only a static IP but also approval from the ISP to setup an email server there, then the answer is ‘yes, indeed you do’. You can check this out by going to http://www.spamhaus.org/lookup.lasso and entering your IP address or domain name, even if you’re using a service like dyndns.org. If you don’t know your IP, go to http://www.whatismyip.com and they will tell you.
So if you host your own web site, have an ftp server or blog, and/or you use a dynamic dns resolution service (the superlative dyndns.org for example), the IP of your server is in there. For that matter, the IP of your home machine is in there too. Want to send an email to a friend inviting them to check out your configuration, look at your latest blog post, link them to your iTunes network config, connect a WAN or LAN game, use VNC or P2P with your computer? Better hope they’re not using GoDaddy to host their server or get email, because your email request will be blocked – not for sending an email from an IP that’s listed, but merely for referencing an IP that’s in the list even if you sent from legitimate and approved servers!
What does SpamHaus say about this type of usage of their service? They’re pretty clear in their FAQ (note that emphasis is SpamHaus’, not mine):
The first thing to know is: THE PBL IS NOT A BLACKLIST … A listing in the PBL does not mean there is anything ‘wrong’ with the IP address or end user. A PBL listing does not mean an address is an open proxy or run by a spammer. All it means is that the IP address has been designated as ‘not allowed to make direct-to-MX SMTP connections’. The majority of legitimate connections to webservers come from IPs listed in PBL. Please do not block innocent users.
They go on to give specific and somewhat strident instruction about deep parsing:
WARNING! Some post-delivery filters use “full Received line traversal” or “deep parsing”, where the filter reads all the IPs in the Received lines. Legitimate users, correctly sending good mail out through their ISP’s smarthost, will have PBL-listed IPs show up in the first (lowest) Received header where their ISP picks it up. Such mail should not be blocked! So, you should tell your filters to stop comparing IPs against PBL at the IP which hands off to your mail server! That last hand-off IP is the one which PBL is designed to check. If you cannot configure your filters that way, then do not use PBL to filter your mail.
I can’t say it any more clearly than SpamHaus already has – GoDaddy, stop using the PBL database compared against email body content as a blacklist.
In addition to the emails and responses below, I have sent GoDaddy a request that they respond to these problems in a public forum – preferably on-air, but really however they wish to. That invitation stands, and if I’m incorrect in anything I’ve said here or if GoDaddy has a response I’ll gladly post it or air it. I wouldn’t suggest you wait underwater, but stranger things have happened – heck, Yahoo!’s back up to nearly $17 today, so a positive response from GoDaddy management doesn’t seem quite so unachievable already!
I would honestly love to hear from GoDaddy directly on this matter – there’s an open invitation to anyone in management to come on the show to discuss the matter. They can try me at email@example.com but they better make sure not to put any IP or URL references to dynamic hosts in the body.
Message chain 1, how it all began – from July 2. Note that responses are listed first, my initial email second:
Message chain 2, from July 10. For consistency sake I’m keeping these in response first order, though I’m going to take my emails from the gmail sent folder so that the formatting is kept:
Message chain 3 – later in the day July 10 and July 11. I’m getting a little frustrated by this point, but I keep trying to show them that I’m not being your typical whiny end user who doesn’t know what’s up, but that they have a serious and fixable problem on their email spam block configuration. Again, i’m starting with their response – the last i have heard from them.
|Print article||This entry was posted by TechTalk on July 17, 2009 at 2:32 PM, and is filed under Article, rant. Follow any responses to this post through RSS 2.0. You can leave a response or trackback from your own site.|
about 1 year ago - No comments
TOPIC: After a little phone tag and some discussion of how GoDaddy sites were hacked, Dave and Mike get a chance to grill ZocDoc’s CEO Cyrus Massoumi about a very cool way to find and schedule your next doctor! New to Chicago, ZocDoc has been helping California and NY residents rate their experiences and schedule…
about 2 years ago - No comments
TOPIC: Surprise guest Dave “Spooky” Saganaki joins us this week, and helps out with what’s sure to be a classic Halloween TechTalk! Mike and Dave talk some tech, answer a listener question from Hans in Germany, and go on an anti-Favre rant before we bring on the inimitable Jay Garmon, who – after answering his…
about 3 years ago - 4 comments
TOPIC: After geeking out with Jay Garmon on comic book to movie conversion (among other things), Chad Gniffke gets on the line with us to discuss the uber-cool IT Toolkit from Kaseya. Whether you’ve got 2 computers at home you want to manage, or running a couple hundred in offices across the country Kaseya’s got…
about 3 years ago - 5 comments
I have some important follow-up to my last post about the GoDaddy issue. Back on Friday, July 17, I posted to the blog here the lack of responsiveness that we got regarding what seemed to be pretty clearly a configuration issue on GoDaddy’s mail servers. I’m including my written email to their support below, as…
about 3 years ago - 2 comments
TOPIC: Another fantastic (if a bit rushed) interview with our good friend Mike Miller! This time around he’s sharing with us the in-depth info on how to buy, sell, and market yourself online after the ‘demise’ of eBay (come on and admit it, eBay just isn’t that much FUN anymore!). His new book, Selling Online…
Additional comments powered by BackType