Bill Carton - (The Roadie)
2004-11-15 22:08:48 UTC
Don't know when. Don't know how. But some of my outbound spam reports have
been silently filtered by smtp.west.cox.net for at least a few days.
Troubleshot it for a while, and the URL http://www.ezleadcapture.com is one
example. Include this in the BODY of an email, and it won't be sent. It
will look like it's been sent, but the recipients will never see it.
Misspell the domain name in any sklight way, and it goes through.
Note this is not INBOUND spam filtering - Cox added an OUTBOUND body
filter.
First and second level tech support claim it can't be happening, but
confirmed that it was when they tried to duplicate the symptoms. Note to
Cox: thank you for not outsourcing support to India and wasting more of my
time.
Cox abuse/security guy had no idea on the phone that they have outbound
body filters, either. Discussed it a long time, but he concluded it was to
protect Cox from being blacklisted in case of zombied customers sending
spam. Yeah, OK. But how can one send any email discussing spam issues if
they can silently discard any outbound email containing one of a secret
list of bad URLs?
This also explains why a few of my SPAM-L messages went missing when sent
via Cox.
If you're a Cox customer, could you try that URL, and send it to a non-Cox
account to make sure it's truly an OUTBOUND filter?
If you're a Cox employee, can you shed any light on when this secret filter
went into place and why? Port 25 blocking is all well and good, as are
virus filters, but body content filtering on URLs is just one step away
from a dirty word filter, isn't it?
been silently filtered by smtp.west.cox.net for at least a few days.
Troubleshot it for a while, and the URL http://www.ezleadcapture.com is one
example. Include this in the BODY of an email, and it won't be sent. It
will look like it's been sent, but the recipients will never see it.
Misspell the domain name in any sklight way, and it goes through.
Note this is not INBOUND spam filtering - Cox added an OUTBOUND body
filter.
First and second level tech support claim it can't be happening, but
confirmed that it was when they tried to duplicate the symptoms. Note to
Cox: thank you for not outsourcing support to India and wasting more of my
time.
Cox abuse/security guy had no idea on the phone that they have outbound
body filters, either. Discussed it a long time, but he concluded it was to
protect Cox from being blacklisted in case of zombied customers sending
spam. Yeah, OK. But how can one send any email discussing spam issues if
they can silently discard any outbound email containing one of a secret
list of bad URLs?
This also explains why a few of my SPAM-L messages went missing when sent
via Cox.
If you're a Cox customer, could you try that URL, and send it to a non-Cox
account to make sure it's truly an OUTBOUND filter?
If you're a Cox employee, can you shed any light on when this secret filter
went into place and why? Port 25 blocking is all well and good, as are
virus filters, but body content filtering on URLs is just one step away
from a dirty word filter, isn't it?
--
Bill "the Roadie" Carton
Bill "the Roadie" Carton