IP Address Blacklisting Still an Issue
November 21, 2009
As we reported earlier, a number of spam-fighting organizations decided to block part or all of Amazon's EC2 service. This caused significant disruption to the mailing lists that we operate on Packetizer's mailing list server, including which provides list services for those working on ITU-T related work.
This past month, Spamhaus decided to block all of Amazon, in spite of the fact that we had previously submitted our IP address for removal at Spamhaus. That resulted in about 30 people getting kicked off of various mailing lists. So, if anybody reading this is wondering why you have not received email in a while related to H.323, H.325 or other protocols, Spamhaus might be the reason.
Fortunately, Spamhaus and Amazon quickly reached an agreement on how better coordinate in order to ensure that all of Amazon's EC2 IP addresses are not blocked again. To that end, Amazon now requests all mail servers to be registered with Amazon, which of course we did immediately. Amazon reviewed our request and granted authorization to use the server in order to transmit email.
On or about the same time, unfortunately, Amazon was also listed in MAPS and SORBS, two other spam-fighting organizations. We visited the MAPS web site, provided our IP address, and were almost immediately removed from their list.
SORBS, on the other hand, has been a real problem. The organization absolutely refuses to unblock Amazon EC2 or our individual address. We contacted SORBS and, while they were responsive, their reply was less than satisfactory. One of the more polite statements was:
You are not required to make a donation for delisting as the entry was not generated because of your actions, however the listing will not be removed until your service provider terminates the spammers or makes the required donation.
That is perhaps the closest thing we have ever seen to extortion. Sadly, while we continued to have a friendly dialog, after 20 days our mail server is still blocked by SORBS. It would appear they have absolutely no intention of removing Amazon EC2 and we do not believe that Amazon has any intent to work with them either. We can only suggest that if your company is using SORBS, you consider using an alternative blacklisting service.