Gandi’s email service impacted by “UCEPROTECT” blacklisting

Mar 9, 2021  - written by  in Security

Several customers have recently informed us of problems sending emails to certain of their contacts.

Here’s what we found following an investigation into the issue by our Customer Care team.

The cause: a change in UCE’s blacklisting policy

RBL (Realtime Blackhold List) or DNSBL (Black List DNS) complie and make available lists of providers or IPs known to help, host, produce, and retransmit spam, or that offer a service that may be used to support sending spam.

The organization “UCEPROTECT Network Project,” who are among the providers that manage RBLs, updated their blacklisting policy at the end of January 2021.

This update resulted in them blocking the IP ranges of several Internet hosting providers, including Gandi. This has blocked email sent to users of this RBL.

In other words, if the receivers of your email use UCE for their RBL, it’s now impossible to send them email.

An article on wordtothewise.com highlighted these practices in 2018.

How did Gandi end up on this list?

Gandi is not naive about abusive practices online. We’ve identified abusive behavior on the part of certain Gandi IaaS users sending spam. Our response to this activity is:

  • mitigate the problem for GandiMail customers
  • work on a preventative, non-defensive solution. UCE has presumably also identified this behavior and as such, blacklisted the entire AS

The remedy: how do we get removed from the UCE blacklist?

UCE automatically unblocks IPs they’ve listed after 7 days if they haven’t detected any activity that seems malicious during that probationary period.

UCE’s unblocking policy requires a payment in order to get “Express Delisting.” And that without any guarantee to not be blacklisted again soon after.

We’ve long endeavoured to distance ourselves from these types of practices on ethical grounds, and this case, in fact, is quite reminiscent of a similar episode with SORBS in 2010.

As such, we’ve decided not to pay until such time that UCE returns to more acceptable practices.

Along with other players on the internet, we’re joining the movement to denounce these practices and strongly encourage website owners to ignore RBLs that require payment to take action.

We can only advise you to do the same with those with whom you’re corresponding who are also using this RBL provider.

For more information, please see this blog post from sucuri.net.

The fight against the scourge of SPAM is central to Gandi’s business

Several million emails are sent daily through our “pipes,” and we know how truly useful RBLs are for the email ecosystem to help everyone involved in the fight against SPAM to limit its spread and improve everyday.

As such, Gandi partners with SpamHaus, a non-profit organization founded in 1998 with the goal of tracking spammers and related activities. We’re also members of M3AAWG (Messaging, Malware, and Mobile Anti-Abuse Working Group), an international working group dedicated to the fight against abuse, including but certainly not limited to Spam, in all forms of electronic communication.

For many years now, Gandi’s Abuse department has a dedicated, public web form for reporting spam.

They’re ready to take action on any usage of our email services that may result in unsollicited email, and respond to reports sent via the online form, through FBLs (Feedback Loops, a way for reporting and responding to spam) and even via our partners, like for example Signal Spam.