Skip to content
 

Frontbridge’s 88.blacklist.zap

One of my clients complained to me that some of their email wasn’t being delivered. I investigated and discovered that email to them through my server was being bounced. The error message in the maillog was:

Feb 25 10:44:59 server1 postfix/smtp[607]: 852EA400001: to=, relay=mail.global.bigfish.com[216.32.180.22], delay=2, status=bounced (host mail.global.bigfish.com[216.32.180.22] said: 550 Service unavailable; Client host [64.34.170.90] blocked using 88.blacklist.zap; Mail From IP Banned To request removal from this list please forward this message to delist@frontbridge.com (in reply to RCPT TO command))

Visiting Frontbridge.com takes you to a page at Microsoft.com. Frontbridge is apparently Microsoft’s hosted Exchange servers. So I emailed that message to the address given in the bounce message, and got an auto-acknowledgment that they would look into removing my server from the block. This morning I got an email that my IP has been safelisted. But:

As long as this IP address does not continue to send a majority of spam, messages will continue to be allowed to route through our network. If this IP address gets relisted after a period of time, further assessment of this IP would be required and the removal process would be more difficult.

So I emailed and asked what spam they think my server had been sending. The response:

The 88.blacklist.zap is an internal list generated with logs from our spam filtering engines. IP addresses may end up on this list if a certain percentage of the mail received by our network from that IP address is marked as spam by our filters for a given period of time. For example 90 percent of the mail is spam for 15 days. The thresholds are variable and may change as needed to ensure the safety of our network.

When the IP address is listed in the blacklist, all emails coming into our network from that IP address are blocked without going further into our filters.

We do not keep a copy of spam messages in our server. After the IP address has been safelisted, we cannot provide you traces or logs of spams prior to being delisted.

So if I have no idea what messages are triggering their alarms, I can’t fight the problem. I can’t even protest, since I don’t think I’m sending spam. Which probably means I’ll be losing a client if I get blacklisted again by Frontbridge.

Through watching the logs, I think I’ve figured it out. I use Mailman to manage mailing lists. For that client, the list is set to reject any message sent to the list from a non-subscriber. That message though is forwarded to the list-owner. So the 100 spam messages that are sent to that list everyday were being forwarded to my client. Frontbridge saw those messages and concluded they were spam. I’ve turned that option off, so now my client won’t get those refused messages. Hopefully no one on the list will accidentally use the wrong address to post, because no one will get a warning they tried to do that.

68 Comments

  1. Cynthia Kondratieff says:

    One more thing… In spite of fixing the problem, it’s been 3 days, and we are not de-listed. They are thanking me for my patience in their escalation process [big whoop] – but they DID give me a phone number that I thought might be useful to others:

    “If you have any questions or concerns, you may reach us 24×7 at 1-866-291-SPAM (7726).”

  2. Jim Scott says:

    This is a most interesting blog.
    I was requested by an employee to investigate why an email bounced. The IP address that was referenced in the email was a SMTP server of our ISP that was used primarily for dial up access. An incident was logged with Frontbridge who suggested the XBL at SPAMHAUS be checked and that search proved negative.
    I am wondering why our email goes anywhere near Frontbridge and suggest that I too have and SBS 2003 environment that uses intelligent message filtering with regular MS updates. Could this be where the link with FB arises? Either way what authority have they to intercept and remove legitimate internet traffic. To whom are they accountable? This is wide open for abuse and possibly huge conflicts of interest. Is it time to be scared?

  3. Tom says:

    1) If you want to get off the blacklist just contact the email address and you will be removed. You should also check your mail logs to see the mail you have sent to them in the last month (Check for back scatter, and email from domains that you don’t own being sent etc)
    2) Terry had nothing to do with creating the blacklist.
    3) Don’t take the attitude that any blacklist operator wants to block legit email, they want false listings removed as well, but they have to balance that with not letting compromised email servers send them mail.

  4. So even though comment #52 from “Tom” is not from a real person and it should have been deleted (no full name, fake email address, IP address is a cable modem in the Washington state region) it raises some good points.

    How does “Tom” know Terry had nothing to do with the silly 88.Blacklist? This feeds right into the transparency issue that many of us are complaining about in the 88 blacklist system.

  5. r smith says:

    I got a response from TRUSTe and they claim that this Microsoft service is somehow not covered by the Microsoft privacy policy. They won’t explain why people are directed to the Truste-endorsed Privacy Policy when they type in http://www.frontbridge.com.

    I have been in contact with the FTC as well. However, many FTC employees go on to work for TRUSTe and they are all a group of friends. So if they want post-FTC employment they can’t rock the boat with something like TRUSTe unless the issue goes public in a big way.

    This is very serious privacy breech. Who knows what other information Microsoft is compiling (and reporting to third parties). Certainly litigation is being considered.

  6. Eigil Bjørgum says:

    Never ending story, my case below:

    Mr. Kirk Goodman

    This answer to my request for delisting is worse than nothing. It tells me absolutely nothing about the status of the request.

    The link provided below is to no help either, as it reqires a login password, which I do not have. An I am of course not interested to subscribe to this service just to get a password.

    I have a properly configured low volume mail server with static IP which do not operate as an open relay. In my local network I have a few computers. None of them are Windows computers and part of a zoombie botnet.

    Sending a new message to the same recipient reveals that my mail server is still blacklisted. Se below.

    I am sending a copy of this message to the same recipient via another mail server to inform about the current status and tell them that they are at risk losing customers by usig this service if my mail server doesn’t get unlisted fairly soon.

    Thank you,


    Eigil Bjørgum

    —– The following addresses had permanent fatal errors —–

    (reason: 550 Service unavailable; Client host [195.1.30.41] blocked using 88.blacklist.zap; Mail From IP Banned To request removal from this list please forward this message to delist@frontbridge.com)

    —– Transcript of session follows —–
    … while talking to mail.global.frontbridge.com.:
    >>> >>> DATA
    <<< 550 Service unavailable; Client host [195.1.30.41] blocked using 88.blacklist.zap; Mail From IP Banned To request removal from this list please forward this message to delist@frontbridge.com
    550 5.1.1 … User unknown
    <<
    > Below is an update for your support incident. You may reply to this e-mail or visit our Support Web Site if you wish to respond or check for further status.
    >
    > Click here to visit our Support Web Site.
    >
    >
    > * Subject*
    > 195.1.30.41
    >
    > * *
    > * Response (Kirk Goodman)* 10/15/2008 10:11 AM PDT
    > Hello,
    >
    > Thank you for your delisting request (081015-000074). Your information has been forwarded to our Abuse Team who will investigate and remove your IP address from our block list. If for any reason we are not able to remove your IP address from our block list, one of our agents will respond to you. If you do not hear anything from us within 24 hours, you should be able to send email through our network.
    >
    > Thank you,
    >
    > Kirk Goodman
    > Technical Support
    >

  7. Anonymous says:

    This message is directed to any employee at microsoft.

    FrontBridge, another great tunnel-vision expierence brought to you by the only people in the industry who want complete domination over the internet. Get your head out of the ‘clouds’ and down to reality. Now go create some technology that will actually work.

    Cheers Folks

  8. Just another data point – at my previous employer’s we were bitten by frontbridge’s blacklisting a while back. The only possible justification we could find was a phishkit that lived for an estimated 22 hours on a hosted web server.

    The gory details and a reasonably complete but largely unedited writeup at http://www.bsdly.net/~peter/bizarre-incident/ – I considered turning it into an article or blog post but gave up in disgust. If you find it useful, feel free to quote it

  9. r smith says:

    I am still working on this TRUSTe complaints against Microsoft involving these issues. Microsoft/FrontBridge will not respond at all. At this point TRUSTe will not give a reasoable response to the complaint.

    I have escalated the matter at the Federal Trade Commission. I have complained about FTC employees leaving the government and taking jobs with TRUSTe and not properly processing the complaints. If i cannot get a reasoable answer about this issue I am escalation to the Fraud, Waste, and Abuse Congressional complaint office.

    Anyone can typoe in http://www.frontbridge.com, scroll down , and see the TRUSTe endorsed privacy policy that Microsoft has. Truste says that somehow this policy to frontbridge.com. Anyone, including the FTC attorneys, can type it and see for themselves.

  10. I find the apparently conflicting statements by frontbridge.com employees to be somewhere in the confusing via irriatating to self-incriminating on their part.

    It would be appropriate to remind all blacklisters that as accusers the burden of proof is firmly on them. If Frontbridge in does not archive samples of messages that trigger blacklisting, they are anything but professional. However, there are indications that they can indeed produce samples when pressed, so the supposed lack of archiving may just be a convenient smokescreen.

    In any case a large part of the problem here is that they trust their automated system too much for their own good. My guess is that whoever wrote the original system years back laughed all the way to the bank when Microsoft bought the company and likely moved on or retired soon after, leaving the machinery in the care of significantly less competent personell.

    I don’t have any spare capacity to get much involved, but I wish you the best of luck in the quest to make these incompetents lose money.

  11. Henry says:

    We are a timeshare company who has close ties to Starwood and their Westin chain of hotels. What confuses me is how can an automated system blacklist us for being in constant communication with our business partners??? Now we have to resort to Yahoo and Hotmail to stay in contact?

    From what I have read here, it seems that either Frontbridge has to rewrite their algoritms, or everyone should stop using thier service.

  12. matilda says:

    hi,
    i read all your comments here…and sorry ,my english is maybe not perfect(like the same,like from this frontbridge-people)…know anybody ,of you where is this company from??…because ..the name and the number is something ,what is for me and many other people here in germany -realy familiar!first:frontbridge!-is one of the extrem-right-wing organisations..and the numbers have their own ,meanings!!for example 88-is meaning:HH=heil hitler!..this are in germany the secret-numbers in many titels ,which this people or organisations ,using(in the internet,in mails,or in magazins,books or in any organisations!!).
    second:you,we all sit in the same boat!!:)
    ..you or we ,share maybe the same ideas,we like maybe the same people(actors,political parties,freedom or left-wing stuff!!)..if you toooo,left -wing -thinking…and you toooo….much friends ,with the same thinking!!!..than you are automaticly ,on their list!!..it happend the same in germany,is always the same system!!-NO ,any differences!!…if somebody ,from you ..think no,never!!ohh,this is not possible!!…i tell you,live all your life in germany and all the time extrem-right-wing peoples surround you!!..you ,believe not in any fairy tales,anymore!..everybody ,have to be careful with everything ,what and who do you write!!
    ..wish you luck ,guys!!
    m.

  13. G says:

    https://messaging.custhelp.com/cgi-bin/messaging.cfg/php/enduser/std_alp.php

    Replying to the email finally works..also you can check out the above link as it is a direct resolution center for frontbridge

  14. kevin says:

    I am the owner of a small media company that rents a fully-dedicated server from a web hosting company. We have seven sites on the server, only one uses our hosted e-mail system (SmarterMail). The clients have lists that only include their customers. They send a few communications per week via these lists. None of the communications come close to spam. They are text-only e-mails telling hundreds of people important information, like appointment times and instructions for preparing for upcoming meetings. Pretty dry, informational e-mails. They are usually just several sentences.

    As I’m sure you can guess, our server was also blocked via 88.blacklist.zap. I am in the middle of protesting with the company. It was nice to stumble upon this blog. Please contact me if anyone ever is inclined to sue these guys. Count us in.

  15. We are using an ISP public IP to relay mails. WE are a small company can not afford to host all the users in IDC. Out IP is also listed in this 87.blacklist.zap, because of which we are unable to send the mails to anyone. Can I request you to please remove our IP once for all. The reason why my IP always goes to SPAM is reverse look up. WE are sending mails from one IP and our email resolves to other IP which is our email service provider IP. Please help us come out of it and be productive.

  16. DWalk says:

    Same here. We are a small auto dealership that hosts our own webserver. We use SonicWall’s email appliance to detect both incoming and outgoing spam. Yet, somehow, we are blacklisted on Microsoft’s 88.blacklist. What a bunch of B.S.

    I have explained to some of our customers and vendors the problems we are having and that they should stop hosting their email using FrontBridge services.

  17. Jean-claude says:

    Same problem, since this morning our web server is in this f***ing list, we don’t send spam, have only 20 website on the server and no mailing list or anything else…
    That’s incredible, frontbridge sounds like e-terrorist.

  18. mike says:

    One thing is, everything is touched by microsoft like a gravy sauce that taste sour pewky. mean they do things without logic. We dont have anything that could be spam. we just recently send a request to Staple.ca store and we received back message was resend saying not delivered.

    since then every business they are with this global.frontbridge.com … we tell them to close our account with them and we do business with less nutshell. many of us (businesses) we have discussed about this illogic and we decided to do our own server mail without restriction… we count more then 2400 business we send what we want without headach.