Your email account with us may be affected by our improved anti-spam systems. If it is, you need to know what to do about it to minimize the inconvenience.
The number of spammers making use of snowshoe spamming has recently increased dramatically. The practice is called that because the load of getting out for example a million spam emails is spread out over thousands of compromised computers. It is easier to evade detection because each individual machine is sending a relatively small number of emails. They stay under the radar so that the machine owner remains unaware.
Our first line of defense is blocking IP addresses of compromised machines. If you get a message when you try to send an email which begins “Blacklist Reject”, it means the IP address your computer is using is on a list. Your machine may have been compromised or your local service provider may have recently assigned to you an address of another machine which was. What you need to do is check for a compromise or change your IP address. A phone call to your service provider may be necessary. Other than providing advice, we can’t help with this.
The second line of defense is based on tracking the bounce rate of every email account. We track bounces as a percentage of all sent emails and if it is too high, there is about a 99% probability (not an exaggeration) that there is some sort of compromise. The most reliable indicator of spamming is higher than normal bounce rates. Normal bounce rates are under 1%, if people are paying attention. The block threshold we use is 3%.
You need to receive and read your bounce messages to avoid getting innocently blocked. If your email client (Outlook, Windows Mail, Thunderbird) sets the “Return-to” address to an address you do not check or you discard emails from “Mailer-Daemon”, you won’t have a clue when there is a problem. If your account gets blocked, the bounce message will include a link to the mail server where you can remove the block.
A recent security study found that 37% of computers with Internet connections are being operated by remote users. That is, they are under the control of criminals. Often, user logins with passwords are sold by these people. With the new system, we have so far identified more than 5,000 computers which were logging in to our servers with valid passwords and sending spam.
Please understand that it is essential to protect the integrity and reputation of our mail servers, even if it means occasionally causing inconvenience. The purpose of the unblock webpage is to mitigate the inconvenience. In a sense, you should be glad if you get inconvenienced in this way. It is an early warning that you have a serious problem. A compromise could turn into problems such as identity theft and worse.
The good news is that we actively pay attention to keeping your email safe and secure.