Wednesday, August 5, 2009

Things I learned by calling

I use to host my web sites. They also receive e-mail for everyone at the domains I manage, all of which is forwarded out to the appropriate actual destination. Eventually.

Back in April, decided to add greylisting to all forwarded e-mail. Greylisting delays all incoming e-mail when it comes from an unknown source by pretending that the receiving computer is temporarily unavailable. If the sending computer tries again in a few minutes or a few hours or a few days, then the e-mail is accepted.

If you use for forwarding e-mail, you might think that you have greylisting turned off. After all,’s website says that you can control whether or not junk mail filtering is applied to your account, and that you can control whether greylisting is part of that junk mail filtering. Sadly, this is not true. Even if you have greylisting turned off for your account and you have all junk mail filtering turned off for your account and you have all junk mail filtering turned off for the specific forwarded e-mail address, will still greylist your forwarded e-mail.

Password resets from Delayed 30 minutes. E-mail from an anxious editor traveling in Africa? Delayed a couple of days. That was last week; who knows what this week holds in store.

First impressions matter, and first impressions are precisely what greylisting damages. Who might try to reach you by e-mail from an IP address that hasn’t sent you mail before? Your new manager at work? An unhappy customer fuming about how slow companies are to respond to problems?

What important e-mail would you be unhappy about receiving late? A professor telling you that class is cancelled because she’s in the emergency room? A stranger telling you that a loved one has died? A friend of a friend contacting you about a job opportunity? An adoption agency trying to reach you about a possible match?

My opinion: (1)’s customers should have a choice about how their e-mail is handled, (2)’s account management tools should not tell you that greylisting is turned off if it’s actually turned on, (3)’s support pages should not tell you that you have control over whether greylisting is applied when you don’t, and (4) if decides to unilaterally apply greylisting to all forwarded e-mail, this should be communicated to customers who might give a damn about how their e-mail is handled.

For anyone who does use to forward e-mail, here’s the notification they buried in their system notices page stating that filtering technology will be permanently deployed and turned on for all forwards. It may not be perfectly clear, and it may not have been sent out to affected customers, and their web site may be contradicting the notice in numerous ways, but rest assured that cares about your e-mail.

[Apr 3, 2009, 6:13 PM] E-Mail Filtering Upgrade

Beginning Monday, and extending throughout the week, we will be deploying e-mail and virus filtering technology for all e-mail forwarded through our e-mail system as well as for all e-mail sent to an e-mail address.

We are taking these steps to reduce the amount of junk e-mail that passes through our e-mail servers. When forwarded e-mail is left unfiltered, the receiving e-mail server can decide to block our e-mail server, assuming it to be the sender of the e-mail, even though that is not the case.

While there is a low likelihood that these technologies will falsely reject a legitimate e-mail, it may happen from time to time. Contact us if you experience any issues forwarding or receiving e-mail.

The technologies being deployed are:

The Invaluement DNSBL lists will additionally be used alongside Spamhaus for any customer who has enabled DNSBL Rejection in the Advanced Junk E-Mail Filtering section of the ACC. is also aware that some outgoing e-mails from their webmail system never actually get sent, even though they are marked as sent. But it doesn’t happen a lot, so it’s not worth fixing.


David said...

That is completely insane! Can't you find another host that won't do this to you?

Michael said...

I hope so. E-mail's unreliable enough without hosts maliciously screwing with it.