Hostasaurus Web Hosting with Dino Power
   Find a Domain Name | Support | FAQs About Us | Terms of Service | Privacy Policy   
Hostasaurus, Inc
 Shared Hosting 
 Dedicated Hosting 
  MIVA Merchant
  SSL Certificates
  PayQuake Payments
  Payflow Gateway
  ScanAlert HACKER SAFE
 Domain Names 
 Email Hosting 
 DNS Services 
 Co-Location 
 Spam Policies 
 Contact Us 
sales@hostasaurus.com
Phone: 877-DINO-POWER
(877-346-6769 US&CAN /
813-217-4570 INTL)
Fax: 813-217-4574

Miva Merchant 5 Miva Partner Logo Verisign Payflow Partner Logo
PayQuake Authorize.Net Merchant Account Geotrust Partner Logo
OUI Premier Partner Logo
Thawte Partner Logo

What Is "Spamcop" Really Policing?
Last updated: February 07, 2006

Among other things, the Spamcop web page notes "The SpamCop Blocking List (SCBL) lists IP addresses which have transmitted reported email to SpamCop users." and "The SCBL aims to stop most spam while not blocking wanted email." Unfortunately there is quite a bit of evidence contrary to those statements. Spamcop is owned by a commercial anti-spam software/hardware vendor named IronPort who has a financial interest in selling their own anti-spam hardware appliances and by having Spamcop take actions that make other email and anti-spam solutions not work well, they effectively drive business to themselves. As far as their stated "aim" of stopping spam while not blocking wanted email, we will explain below how they fall quite short of that goal as well.

  • First and foremost, Spamcop's very name implies that they just focus on blocking spam; this is far from true. They also will block servers that are configured in ways that are contrary to the methods they consider correct which includes configurations such as ours that do not tolerate the sending of junk email, do not allow non-customers to send email through and that are 100% standards compliant. Their configuration recommendations go so far as to encourage the violation of established email standards. For an example, do you ever go on vacation and want to use a vacation message to let people know you are gone? Spamcop says that is not acceptable and that the message is spam; their web page at http://www.spamcop.net/fom-serve/cache/329.html advises that what you should do is email everyone you know when you're leaving and then have someone else check your email for you while you're gone in case something important comes in.

  • Spamcop blacklists servers that send bounce messages back to the sender, they call this a "misdirected bounce" because there is a small potential that the person receiving the bounce message didn't send the original message. This causes mail server software from numerous vendors to become blacklisted by Spamcop because of how they handle bounces. In the case of Hostasaurus, we use mail software named qmail which works as follows:
    1. A mail server connects to deliver a message and asks if the address it wants to email actually exists.
    2. We don't want to give that information out so as long as the domain of the address exists, our mail server tells the remote host to just try sending the message and it will try to deliver it.
    3. The message is then transmitted and our mail server attempts to deliver it to the domain in question that we host.
    4. If the address mailed does not exist, the message is bounced back to the sender.
    The very design of this system is in accordance with email standards and is designed intentionally to not give junk emailers a way of determining what addresses are valid on your domain without sending messages from their own valid address which would reveal their identity and make it easy to block them. Spamcop will blacklist servers that behave this way. Their alternative 'requirement' is that your server refuse the message above at step number 2 if the address the server is trying to deliver to doesn't exist. Their logic behind this is that if the message can't be sent, it can't be bounced to the wrong person. In reality, what their requirement results in is giving junk emailers a gift of being able to immediately determine what addresses on your domain are valid; this will allow them to concentrate their time on sending junk email to verified addresses and also gives them the opportunity to sell lists of verified valid addresses to other junk emailers.

  • Spamcop will block servers that send undeliverable notification messages after the fact. What this means is if your email address is perfectly valid, and we accept the message for deliver and then some error occurs after the message has been accepted for delivery, we will bounce it which is not acceptable to Spamcop. An excellent example of this is if you forward your email elsewhere and your destination server is down at the time, the bounce message will result in our server being blocked by Spamcop for reasons not even in our control.

  • Spamcop recommends only sending bounce messages in cases where a rarely used and non-standard protocol named SPF shows that it's okay to send the bounce. In all other cases, they feel you should just discard the bounce message effectively allowing legitimate email to disappear without the sender knowing such an event occurred.

    • How You Can Help

    Please educate anyone you can on the side-effects of using SpamCop for blocking email; we've found that the vast majority of them have no idea that SpamCop blocks far more than just simple junk mailers.


    Copyright 2000-2008 Hostasaurus, Inc.
    Your IP is: 38.103.63.61