
Gmail blacklisted by Spamhaus - fseek
http://blog.sucuri.net/2010/08/gmail-blacklisted-by-spamhaus.html
======
jmathai
I work at Yahoo! and we've been blacklisted as well by Spamhaus. I wouldn't
say it's entirely inappropriate because of the sheer volume of email that can
pass through our (or in this case Gmail's) system.

Personally, I've tried to reach out to Google regarding security issues on
blogspot which were affecting our property. There was an XSS vulnerability and
we were getting thousands of posts on our blog linking to blogspot which would
in turn redirect the user to some pharma site.

It's been months and they haven't really made any progress other than put me
in contact with various people who don't respond to email.

If that's how they deal with an open XSS I can only imagine how fast they move
to deal with spam like this.

Disclaimer: This isn't a post bashing Google and praising Yahoo - just the
only experiences I've had to contribute to this post :).

~~~
tptacek
If you blacklist the mechanism by which tens of percentage points worth of
Internet users send mail, you are not part of the solution to spam.

~~~
dingdingding
I know the google fanboys will hate this, but the problem is letting _just
anyone_ or just any _machine_ create an account and use your service. It's
google's responsibility to can the spam coming from their domain. Google
doesn't care though. If they make it harder to get a gmail account, then they
make it harder to spam their "legitimate" users with advertisements and why
would they want to do that?

If you are a company that provides spamming capabilities to anyone and
everyone, then it is _exactly_ valid to add them to a spam list.

You could say, "Plenty of legitimate users use gmail." Fine, maybe so, but if
you are someone who uses gmail, you are surrounded by a cadre of spammers and
should understand your credibility is instantly devalued.

Birds of a feather flock together. The solution is to stop using gmail.com.

A VERY VERY high percentage of spam in my inbox comes from gmail accounts. If
tens of percentages points of spam is sent from a domain, then it's valid to
add them to the list of spamming domains.

~~~
bmm6o
> Fine, maybe so, but if you are someone who uses gmail, you are surrounded by
> a cadre of spammers and should understand your credibility is instantly
> devalued.

"My credibility"? When I send my mom an email, I expect her to get it. When
she sends me one, I expect to get it.

>Birds of a feather flock together.

Yes, because I am a spammer.</sarcasm>

If gmail has a lot of spammers using their service, they should address this.
But the suggestion that those caught in the crossfire should know better is
one of the more frustrating things about black-listers.

------
furyg3
Spamhaus is the most rabid group of extreme anti-spammer teenagers out there
(or at least they act like teenagers).

I've had various SMTP servers (for various companies) blocked by them, usually
for very questionable reasons. You used to have to argue with them on their
forum (and take a beating from all of the kids on that site) before they'd
remove you.

The result is that SMTP admins get it from both sides: Spammers make your life
hard, rabid blackhole lists combatting spammers make your life even harder.

~~~
auxbuss
Google are no better.

I can't send email to gmail addresses -- well sometimes I can and sometimes I
can't -- because Google (sometimes) says of my server:

    
    
      Our system has detected an unusual rate of
        550-5.7.1 unsolicited mail originating from your IP address. To protect our
        550-5.7.1 users from spam, mail sent from your IP address has been blocked.
    

This is complete bullshit. We have SPFs in DNS. We don't relay, and have had
this independently tested.

We send tiny amounts (3 or 4 a week) of mainly personal email to gmail
addresses.

Who do I contact to sort this? Who knows? Google has no point of contact.

So I'm happy for Google to have a taste of their own medicine. And my opinion
of them is a rabid group of extreme anti-spammer teenagers.

~~~
jlees
Did you contact using the delivery form at
[http://mail.google.com/support/bin/request.py?contact_type=m...](http://mail.google.com/support/bin/request.py?contact_type=msgdelivery)
and still get no response?

------
tptacek
... but wholesale DNS-based blacklisting could never blow up in our faces.
Noooooo sir.

~~~
ryanjmo
What do you mean by 'wholesale DNS-based blacklisting'?

~~~
tptacek
Paul Vixie has proposed an extension to the DNS that would have relay cache
servers (the servers you ask for generic name lookups) store blacklists of
evil domains. Anything blacklisted would, in effect, disappear from the
Internet (for normal users).

~~~
koenigdavidmj
Out of curiosity, what would a `smart person' have to do to get all the
domains back if this ever took root?

~~~
someone_here
An clean version of the DNS lookup table, of some sort.

An IP will do.

------
Kadin
Seems like it might be biting off a bit more than they can chew.

Given the choice between the service Spamhaus' list provides, and being able
to receive mail from what's undoubtedly one of the largest webmail providers
in the world ( _the_ biggest?), a lot of people are going to can Spamhaus.

I'd hope that Google will react by doing something about the spam, but they
could much more easily do nothing, put out some recommendation that people
stop using Spamhaus, and a lot of people will be forced to do just that (or
Spamhaus will blink and un-blacklist Google). They're the 800-pound gorilla in
this particular match; Spamhaus isn't a lightweight but I wouldn't put any
money on them in that fight.

~~~
thenduks
Google isn't even close to the biggest email provider (by some sources both
Yahoo and Microsoft are more than twice their size)... but your point stands
:)

------
mustpax
Oh Spamhaus, everybody who's ever had the joy of operating an SMTP agent loves
them.

~~~
jacquesm
Just a little anecdote about how good spamhaus really is. I used to co-locate
in Toronto, right next door to a bunch of heavy duty spammers. It so happened
that there was a class C split in to three subsections, two of them belonged
to the spammer and a tiny 16 host range in the middle that belonged to us.

Spamhaus figured this all out by themselves and took great care not to cause
any collateral damage while going after the spammers. Pretty impressive,
especially since that would have been very hard to figure out from the
outside.

------
metachris
The report website at Spamhaus:
<http://www.spamhaus.org/sbl/sbl.lasso?query=SBL95011>

Some more (older): <http://www.spamhaus.org/sbl/listings.lasso?isp=google.com>

------
akadruid
Does anyone know if this affects Postini?

We've switched once already this month - our new office was assigned an IP by
C&W business that is in the same block as thousands of Virgin home cable-
modems, so we got blacklisted by Spamhaus and others. Management got quite
twitchy so I moved all the outgoing email to go via our Postini account which
was previously only filtering incoming. Don't fancy having to find a third
option now.

~~~
mike-cardwell
Sounds like you got listed on the PBL. SpamHaus lets anyone delist their IP
from the PBL...

------
jrockway
Yeah, this is why I don't use Spamhaus blacklists.

~~~
mike-cardwell
Because of the existence of false positives? Please let me know of a spam
filtering system which doesn't have them. Really. I'd like to add it to my
filtering setup...

~~~
jrockway
My Bayesian filters have much less of an agenda than Spamhaus.

~~~
mike-cardwell
That doesn't really answer my question. Bayes causes false positives too...
Yet is more difficult to maintain...

------
mike-cardwell
SpamHaus has listed various gmail servers loads of times for short periods of
time.

It's a good idea to maintain a local whitelist, or use DNSWL.org or
<http://wiki.junkemailfilter.com/index.php/Spam_DNS_Lists>

------
svag
Such solutions as this is like you have a headache, and in order to cure the
pain you cut your head...

------
quellhorst
If I'm using Google Apps for my domain, does this mean I'll have worse
deliverability on my email?

~~~
fanf2
No.

------
fanf2
Spamhaus have listed the web servers for docs.google.com NOT gmail's outbound
SMTP servers. Mail from gmail is not affected.

