Uribl_Blocked

[thehemi]

The URIBL_BLOCKED option in my SpamAssassin says: "ADMINISTRATOR NOTICE: The query to URIBL was blocked."

Is this something that TCH can resolve? Should I submit a support ticket?

 

So much spam gets through, and this rule -- if working -- would help greatly.

 

Thanks!

[TCH-Thomas]

It wouldn´t hurt to ask them, so please submit a ticket and they will help you. Link in my signature.

[thehemi]

I'm going back and forth with support, I'm not sure he understands the problem.

[TCH-Bruce]

I was getting so much spam I signed up with MXGuarddog and it is doing a wonderful job. It's free if you have a couple of websites you can post one of their links to. You don't have to change any of your emails just your MX record.

[tts]

Hi Bruce,

 

I was seeing the same messsage and just checked the forum to see what others were doing about it. I think many of us were seeing the following:

 

0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.

I investigated and it looks like URIBL.com blocks lookups if an ISP has a large enough volume.

 

It looks like TCH started suppressing that warning message on 12/29/2014. I assume that was in response to this thread. Instead of suppressing, have you guys checked into how much it would cost to subscribe to URIBL? I have spamassassin configured with bayes filtering, and it is doing a great job catching most spam. I'm seeing some false positives, typically due to other spamassassin attributes. It seems like URIBL would help push the detected percentage higher for people who haven't configured bayes filtering.

 

I'll check into MX Guarddog. Do you know how they deal with false positives? I'm hoping they can be easily retrieved, like looking in the myspam folder as I am doing with TCH.

 

Tyler

[TCH-Bruce]

You are sent a digest and can check online all messages they block. If you happen to find one that didn't come in you can release it and immediately white list it. I've had to do it with a few messages but in 3 months I think only 4 had to be white listed.

[tts]

 

Bruce,

 

Thanks for the reply. I'll give them a try. For those who are interested, here is a quick values and equation for figuring out how much MxGuardDog charges.

 

100 credits for $25

Note: Rate varies if you purchase more or less credits.
10 email addresses = 10 credits per month

 

6 email addresses x 1 credits per month per email address x 12 months = 72 credits per year * $0.25 per credit = $18 per year

 

I saw someone mention that if you post a links on your website, you can earn credits. 5 credits for the homepage, and 2 credits for sub-pages per month. For 6 credits per month I would need to post the link on the homepage and one subpage, or three subpages.

 

If they do a good job filtering and have low false positives, it is probably worth it to not have to deal with configuring SpamAssassin.

[TCH-Bruce]

I manage a couple of websites. What I did was put it in the footer of each site and I'm managing 45 email addresses and not paying a thing for the service.

[tts]

I'm testing MxGuardDog right now. Over the past day it quarantined 82 messages. There were 8 false positives from legitimate marketing companies. Ten percent is a poor false positive rate. I guess as long as you put time in to maintain the quarantine queue, the service is usable. Usable for a small group, but would probably upset individuals on a server with a large number of email users. Examples of false-positives include: Art.com, AMCtheatres.com, Quora.com, Janus.com, and Shutterfly, Joann Fabrics. These are all big name companies whose emails may be missed by some customers who subscribe to them.

[TCH-Bruce]

You could always white list them. I didn't find the false positive rate that high. Less than 2% for my domains.

[tts]

Yes, I have been whitelisting them. I'll have to say, I'm unimpressed with the high false positive rate. From what I've seen they are blocking nearly all legitimate mailing lists. They blocked email from Ebay and Expedia! I don't want to see my users miss Ebay auction information or Expedia flight emails because the spam filter ate them. I think I'll rely on spamassasin for now and look into other services that do a better job of allowing mailing lists.

[TCH-Bruce]

Guess that's why I am not having any issues with it. I'm using it on business accounts and there are no mailing list emails being delivered.

[tts]

I didn't realize the user's receive an individualized daily report of what has been blocked and can release the messages from quarantine themselves. That relieves me of the responsibility of monitoring for their blocked email. This does look like a great service for a small website. I've only had one spam message in the past month, so they seem to be doing a great job of filtering.

[TCH-Bruce]

Glad it's working out for you.

[tts]

TCH-Bruce, do you have any pull with the staff at TCH? I've found MxGuarddog to be really effective overall. They miss some spam on occasion, so I would like to report those to their spam@ account. Their website says to forward the spam as an attachment, but TCH blocks all *.eml attachments on a server-wide basis. I'm sure it wouldn't be difficult to create an exception to allow the *.eml attachments through to MXGuarddog. The staff gives the canned "We do it for security purposes, we hope you understand" response. I tried to escalate to their manager but didn't receive a response.

 

I'm not suggesting the unblock all *.eml attachments, just let them through to the single email address spam@mxguarddog.com so we can report the ones that get missed.

[TCH-Bruce]

Not sure it can be done but if you open another ticket and in the subject mark it ATTN: TCH-Dick and see what kind of response you get.

[tts]

Thanks Bruce. I created the ticket as you requested and they accommodated this request. They were able to create a server-wide exception to spam@mxguarddog.com. Now I can report the false-positives.

 

Tyler