New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
MS does use the DBL for the From domain. They have a unique rejection message for it that openly states it, one of the few times they're not excessively vague.
Thats interesting because im not affected by it. Maybe MS does look for more things and if DBL is the only thing where everything else passes, then its good?
I dont know, I guess its thanks to you/mxroute it still works for me. I've been thinking of moving my domain but so far i've only had issues with two users, one using email from Proton Mail and the other a swedish domain provider Loopia. Rejected due to spamhause DBL, not a single issue to MS or google emails
Not meaning to be rude but I doubt Spamhaus cares what LET users think, and I suspect most LET users already have a negative opinion of Spamhaus, so all you're really doing here is telling people not to use your domains for emailing.
On the other hand, you have a nice looking website and your offers look decent, (especially for a privacy-focused host), so I'll certainly be keeping an eye out for your Offer posts here 😎
For what it's worth, incognet.io also uses MXRoute and is not listed in the Spamhaus RBL. 🤷
Gmail, unfortunately, also uses and donates to Spamhaus.
But they do not reject like MS, just put to the Spam folder.
If the user has interacted with the Sender before, it may bypass Spam.
Even if a domain or IP address has accidentally ended up in the Spamhaus database, you will still receive the email. For example, the sender may not be a spammer but has simply misconfigured their server - just in case, to avoid losing such messages (good idea).
MS is the main contributor of Spamhaus, Gmail just uses, but does not add entries to Spamhaus database.
Hi,
something in general about spamhaus is important to understand:
Spamhaus is a paid service. Their job is to protect their customers from unwanted traffic.
The key word here is "unwanted traffic". Its not about protecting from spam, hacking, physhing, scamming, whatever'ing ... its unwanted traffic.
And according to the information you gave, they consider you and your project unwanted traffic. And thats actually where the story already ends.
You could now perfectly argue about privacy, human rights, LGBTQ, Jesus or the question: Pizza or Burger?!
But at the end, it does not matter ( for spamhaus ).
They have their markers when they think that from your service or you, or your IPs or your servers or even the provider who is hosting you, maybe unwanted traffic might potentially come.... and according to your information, you fulfill enough markers to be marked ( alias listed ).
Aaaand thats it. Thats really it.
I also had my issues with spamhaus somewhere 12 years or so ago and it took me a while to learn how this all works.
So the solution would be to make sure that your project ( and what ever you host / do there ) that really NONE of this all are fulfilling any markers for some months.
Thats includes any kind of traffic, whois and some other stuff.
Which means that as soon as you proof to spamhaus that this "might / maybe / could / potentially" unwanted traffic is just not there. And THEN you would have a good chance to have your project removed there.
Everything else ( except maybe if you can make trump sanction them because of what ever ), might not work.
Thx.
We know how Spamhaus works. The issue we have is that SH has wrong DNS lists, maybe they use cached lists. We have showed them that they have outdated domains from us - not registered with us anymore or we have just kicked them.
I would fully understand if SH would work with correct and fully functionable tools but their tools are not working. Thats the issue we have, we all have.
To hell with ShitSpamhouse!
I think you misconfigured dns though, should be:
xxx.mxrouting.net. and xxx-relay.mxrouting.net. so you have 2 seperate IPs.
love the fight against spamhaus.
lol, this is useless. nothing will help when they have 2 biggests providers as clients - MS + GM.
Look at that
https://www.spamhaus.com/resource-center/cyber_folks-protect-customers-and-network-with-spamhaus/
Interesting note from the article:
By sharing basic email connection data, (without sharing any personally identifiable information) Spamhaus can identify spammers and threats
What is useless?
You can try sue Spamhaus, publicly criticise them – nothing will help.
A rare case when public exposure does nothing.
You just have to accept it and follow their rules.
What rules? Mynymbox.io was not linked to any DNS servers for customers etc. They blocked it just because they want to block it.
Also other domains from our customers. There was no reason and we have proofed that their DBL doesn't work as expected so we can expect that nothing works there as expected, not even their search tool doesn't work.
Spamhaus is one of 70 blacklists - at least on mxtool - and they are the ONLY ones with issues.
Maybe we will do some offers. We need more servers tbh but we are on it.
whois.namesilo.com:
Domain Name: mynymbox.io
Registrant Name: Anon Nym
Name Server: ns1.privacyho.st
whois.nic.io:
Registry Registrant ID: REDACTED
Registrant Name: REDACTED
there are thousands domains with hidden whois and SH has no issues with them. So which rules?
That is just filtering and manual blocking
SH practices censorship at the highest level. That's the hard truth. No rules, just block what they don't like.
If you start sending emails from such domains, especially to M$ addresses, and the emails or their headers look even a bit like spam, the domain can quickly end up in the DBL (usually, first they block IP, then domain). This is normal behaviour.
Are you sure no emails were ever sent to Microsoft from this domain mynymbox.io? You do not have customer with Outlook, Live, or whatever they have? Sometimes just one email is enough to get into the DBL.
I can't be sure if any email reached M$. But our company mail server didn't send any strange emails, that's for sure. This was also the reason why we have splitted everything from customer infrastructure.
It was all fine till they started to block some customer domains and we have opened tickets. Than the whole situation has reached its ridicolous level.
And think about the stupidy of their rule set.
They block the ip from our company mail server than unblock it, so normally the issue should be solved even if there was no issue. After the ip was clean they block the domain? If there was still an issue with our mail server they wouldn't unblock the ip, right? What kind of logic is that?
If you send to M$, they perform whois checks and do not like anything private.
A counter meausure - just block outlook/live/hotmail or custom domains with their mail
- so you do not send to this garbage
But if domain has landed in DBL, it’s better to stop sending emails from it and wait until it’s removed. Then use it with low volume, and check if they block it again.
I send 5 million emails per day, so have some experience
That is might work for now. In many countries issued law which allow just block resources which is not response to court order. Therefore, if Spamhaus refuse to court order then at least in court residence country they might be blocked.
I guess we will try in our case. We don't have big issue with Spamhaus while they SBL some IP address and it is really were used to send SPAM. We just terminate user account forever and that stop SPAM.
But last case (https://check.spamhaus.org/results/?query=SBL676180) is inadequate because we have been listed as related to IP's and/or ASN which is never was under our control. Multiply request to explain what happen and why we are listed were not answered.
In case we win, and Spamhaus, as usual, refuses to comply with a court order, their website and IP addresses will be blocked in Russia, and no one in Russia will be able to continue using their services.
Of course, this is not affecting their business, because I doubt that anyone in Russia uses their paid services, but at least we will be free from their slander.
PS. By the way, I've heard that the owners of Spamhaus are retired US CIA officers, which explains why they are so contemptuous of human rights and international law.
We don't like them neither
Ha, I put that on my list
If that server hosts customers or panels with customers data , then you lost allready.
Better give up and use mxroute or namecrane.
A new domain cant change IP reputation. Change both would give fresh air. Well, redirect somewhere else is good too.
that mail server wasn't used for customers, only for company mailboxes.
Honestly, in today’s AI-driven world, it’s almost shocking that providers are still blocking entire domains or IP ranges instead of using automated email analysis to determine if a message is legitimate, spam, or phishing.
We have AI tools capable of real-time content inspection and scoring, yet the industry still applies these outdated “block the whole subnet” tactics that punish legitimate services along with the bad actors.
Is this really about fighting spam, or just an easy way to avoid improving their detection systems?
It's called Spamhaus.
FYI this just gives away that you haven't filtered spam at any reasonable scale. The cost of running an in-house LLM capable of filtering spam by content, at any reasonable scale, largely exceeds what anyone is willing to pay to anyone that isn't Google or Microsoft, and even they don't deploy LLMs for that kind of filtering because their prices are too low for it. Sending it to remote LLMs creates security and latency concerns, as well as severely inflating overhead. No open source model is capable of performing strong content filtering in the age of AI where spammers rotate through more content strategies in less time, at higher volume, than ever before.
The only reasonable solution to reducing spam at scale right now is to block spam sources. Not to mention, there are entire ASNs that ONLY send spam and there's zero reason to spend thousands of dollars per month on LLM API usage (or powering your own GPU farm) just to hopefully filter 100% of emails from an entire ASN as spam when you can already be certain of it and simply block them.
Though, just gonna casually toss this out there, I am working on a "bring your own API key" for AI spam filtering on MXroute this year for people who are interested in making the trade offs. Entirely opt in and at their own instruction, of course. Planning GPT, Gemini, Claude, and MAYBE an in-house model for privacy as a paid addon. Proof of concept is already in prod on my personal account.
I really dislike Spamhaus, its purpose is essentially to force everyone to use email services from Msoft or Google. They make it as hard as possible (sometimes impossible) to run your own email server or use a small email provider. It's not right for one entity to have such a strangle hold on email.
Fully agreed here. That's the whole point. 1 to rule them all is crazy. Self crowned
Today we have received an very interesting answer from Spamhaus.
"The fact that your company is registered on a small island in the Caribbean, tells us more than enough. No legitimate hosting service in good standing that we know of, has to register off-shore to evade law enforcement agencies.
Request denied.
Regards,
XXX"
So it seems that they are just blocking us because we have our jurisdiction in Nevis.