Mail Protection Measures at the Department of Computer Science
Why was I referred to this website?
You are probably here because you e-mailed a user at the University of Helsinki, Department of Computer Science but our e-mail system bounced your mail with a "Mail from ... blocked by DNS blacklist ..." error message.
This happened because we believe your e-mail server, or one or more servers trusted by your e-mail server, is hazardously misconfigured or is a known source of spam e-mail. Therefore we have deliberately chosen not to exchange traffic with your mail server. Another possibility is that you have a dynamically assigned network address and tried to send e-mail directly rather than using the outgoing mail server of your Internet service provider.
What should I do?
Please forward this information to your local e-mail administrator (usually e-mail postmaster@your.domain.name) and ask him/her to handle the issue. Please include the error message that you got. Meanwhile, you can contact us by fax or by phone [Click here for contact information].
If you have a dynamically assigned network address, which is usual on DSL, modem and cable lines, please make sure you don't send your e-mail directly but through the outgoing mail server of your Internet service provider. If you don't know how to do this, please contact your Internet service provider.
If you are an e-mail administrator, please read on. As an e-mail administrator you can contact our e-mail administrator even from a blacklisted site by e-mailing postmaster@cs.helsinki.fi but only if the real user sending the mail is "postmaster" (an e-mail address that every site is required to have anyway).
What is spam and how is it distributed?
Spam (also known as UCE, or Unsolicited Commercial E-mail) is a great nuisance and a threat to communications on the Internet. Spam is often very annoying and it wastes both system and human resources.
The Department of Computer Science has contacts throughout the world and so our e-mail addresses are known world-wide; as a consequence we have received massive amounts of spam.
This has forced us to take necessary measures to both block spam and try as much as possible to prevent it from reaching us, in addition to preventing our own mail hosts from being used to pass spam on to others.
Spam is distributed in several ways. Misconfigured server hosts, such as open e-mail relays and open proxies, have a major role. Open relays and open proxies are hosts that permit unauthorized users to forward (relay) e-mail messages or network connections. Spammers search out these hosts on the Internet and use them maliciously to send out their spam. What this means is that these open relays and open proxies are carriers of a lot of spam: if e-mail arrives from them, there is a good chance that it is spam.
A lot of spam is distributed through residential DSL, modem and cable connections. They are known to contain a countless amount of misconfigured mail and proxy servers and insecure workstation computers compromised by spammers. Hosts on these networks typically have dynamically assigned network addresses. E-mail should not be sent out directly from such networks but the outgoing mail server of the Internet service provider should be used. Each Internet service provider should have documentation for their customers on how to set up the outgoing mail server address.
Blocking spam
In order to identify these spam-carrying hosts and networks, numerous publicly available registries have been created. These registries are blacklists of DNS addresses of individual hosts or entire networks that have been found vulnerable to spammers or are already being abused by them (see above: "What is spam and how it is distributed").
We use the following DNS blacklists at the moment:
- The ORDB database includes misconfigured mail servers which operate as open relays.
- The DSBL (Distributed Server Boycott List) includes misconfigured proxy servers which allow any connections without authentication, webservers using a non-secure formmail, and misconfigured mail servers which operate as open relays.
- The NJABL.ORG dnsbl (Not Just Another Bogus List) includes network addresses that are assigned dynamically, open relays, misconfigured proxy servers, and systems that directly send out spam.
If your e-mail server, or one or more servers trusted by your e-mail server, is listed in one or more of these blacklists, your e-mail messages to us are bounced back with a reference to this web page.
How to get off a blacklist?
The downside of being blacklisted is that bona fide e-mailers from blocked sites cannot reach us. The solution is: please tell your system administrators or service provider that your site is a source of spam or open to third-party (spam) relaying, and the configuration should be fixed immediately. If you are an e-mail administrator, please see the above links to find out the reason for the blocking. After fixing your configuration or stopping spamming, please see the removal instructions by following the links above. Once done, you will be delisted and e-mail connectivity will be restored.
If you have a dynamically assigned network address, which is usual on DSL, modem and cable lines, you are correctly listed in one blacklist. In this case please make sure you don't send your e-mail directly but through the outgoing mail server of your Internet service provider. If you don't know how to do this, please contact your Internet service provider.
Fixing one's configuration and getting removed from blacklists is not a single-handed action: many mail hosts have adopted DNS blacklists as a defense against spam, and because of the success of the system many more are adopting them.
Such blacklists are used by major network access and transit providers responsible for Internet connectivity, resulting in the complete network(s) that the open relay host is on being unreachable from large parts of the Internet.
There is also a legal consequence: sites that don't close their mail hosts for third-party relaying can be accused of culpable negligence and can therefore be held liable for the (financial) consequences.
In conclusion
We hope you appreciate the need for anti-spam measures. In exchange for (we hope) a brief inconvenience such as you now have, we regain a lot of lost resources and suffer a lot less inconvenience from spam.
With kind regards,
e-mail administrators
Department of Computer Science
University of Helsinki
postmaster@cs.helsinki.fi
[Please click here for more contact
information]