SpamCop anti-spam service suffers an outage after its domain expired

[Karlston]

SpamCop anti-spam service suffers an outage after its domain expired

 

Cisco's SpamCop anti-spam service suffered an outage Sunday after a its domain mistakenly was allowed to expire.

 

SpamCop provides a Real-time Blackhole List (RBL) that mail servers can use to determine if incoming mail should be marked as spam.

 

Today, mail administrators, organizations, and ISPs worldwide suddenly found that their outgoing mail was being rejected as it reported as being listed in the blacklist at bl.spamcop.net.

 

It turns out that this was a false positive caused by the spamcop.net domain expiring yesterday and causing mail servers who use their RBL to reject incoming mail automatically. According to a post on Reddit, when visiting spamcop.net, the domain was shown as parked at the Sedo domain parking service.

 

BleepingComputer was told that Cisco is aware of the issue and has been working on renewing the domain throughout the day.

 

At approximately 1:00 PM EST, Cisco renewed the spamcop.net domain, but some mail administrators report that they continue to see issues with their incoming mail being blocked.

 

When mail is blocked, administrators see the following error in their mail server logs:

 

"The error on www.spamcop.net is: An error occurred while processing your request."

 

These errors are likely caused by cached DNS lookup results in local DNS servers. Once the DNS TTL expires on the domain or admins flush the cache, the RBL should function normally.

 

BleepingComputer has contacted Cisco with further questions but has not heard back as of yet.

 

Thanks to Marcel for the tip!

 

 

SpamCop anti-spam service suffers an outage after its domain expired

[aum]

An expired domain was to blame

 

(Image credit: Shutterstock)

 

A blunder involving Cisco’s SpamCop anti-spam service resulted in thousands of emails being blocked after being mistakenly labeled as spam. The issue occurred after SpamCop allowed its domain to expire, resulting in mail servers that employed the service to automatically reject any outgoing messages.

 

As a result of the domain expiration, thousands of organizations and mail administrators all over the world found that their outgoing emails were listed as spam, blacklisted at bl.spamcop.net. Administrators were also confronted with the following, rather unhelpful, message when they reviewed their mail server logs: "The error on www.spamcop.net is: An error occurred while processing your request."

 

Once SpamCop’s domain expired, visiting spamcop.net resulted in a redirect to a domain parking service’s IP address. This meant that every time SpamCop checked for a valid DNS entry to see if an IP address has been associated with spam in the past, it returned a positive result – blocking the message.

 

Remember to renew

 

Cisco did act quickly to resolve the issue by renewing the expired domain. This should have fixed the problem for email administrators but some were still reporting issues. It seems that how quickly email services return to normal can vary significantly.

 

If organizations continue to receive error messages, it is possible that the problems are caused by cached DNS lookup results stored on local DNS servers. They could try deleting the cache, which should return functionality to the SpamCop service.

 

Allowing a domain to expire is an embarrassing reason for disruption to occur – and easily avoided. Businesses could set up a master spreadsheet of all their domain names and renewal dates or, where possible, pay for critical domains to renew automatically.

 

Source

[Karlston]

Similar topic merged.