Periodically I would get messages from Twitter and Facebook telling me that my email address is invalid. I would just hit reconfirm and it would work fine for a while.
When a client came to me and said he was getting the same messages, it became important to dig into it. What did I find? The Spam Cop is to blame.
What is an RBL and how does it block mail?
In earlier articles, I wrote my own spam blocking program because I wanted to be in control of how spam was caught. I no longer use that method, but if you read those articles, you will know that a common way of blocking spam is by asking different services “Does the ip address associated with this email send out spam?”. If the answer is yes, you can mark the email as spam, delete it or reject it.
One of the services that can answer the “Is this a spammer’s ip address” question is SpamCop.net. They are an automated service that has a bunch of email addresses out there waiting for people to send them spam. This method of setting a trap address for people to send email to generates what is called a “Real-time Black-hole List” SpamCop is one of the most relied on black list out there. The problem is that it includes both Twitter and Facebook ip addresses on the list.
Do Facebook and Twitter send out spam?
According to SpamCop’s position, the answer is yes and they know it:
FaceBook servers are sending ordinary spam, so they should be on our list like any other spam source.
Reports are being send to spamcop[at]facebook.com. We’ve sent them over 30,000 reports.
I can’t help but think they should be aware of the problem.
– Don D’Minion – SpamCop Admin –
In short, SpamCop isn’t budging and Facebook isn’t budging so the sys admins have to.
How do I fix this?
I see two paths: one: don’t use SpamCop as a black list; two: whitelist the ips that are being blocked.
Your method of implementing those steps may be different than mine, but if you use WHM and Exim on your servers, the process is simple. Open WHM and type in “exim” in the Find box and then choose “Exim Configuration Editor”. From that screen, in the RBLs section, you COULD uncheck “RBL: bl.spamcop.net” and hit save.
I decided that keeping SpamCop was important. So I logged into my server by SSH and made a list of all of the IPs that were blocked for Twitter and for Facebook using these two commands:
[root@hosting ~]# exigrep facebook /var/log/exim_mainlog*|grep spamcop|cut -f2 -d?|cut -f1 -d'”‘|sort|uniq
[root@hosting ~]# exigrep twitter /var/log/exim_mainlog*|grep spamcop|cut -f2 -d?|cut -f1 -d'”‘|sort|uniq
Now that I had a list of all ip addresses ever blocked for Facebook and Twitter I went back to that Exim configuration screen and at the end of the RBLS section under “Whitelist: IPs that should not be checked against RBLs” I clicked edit and pasted those IP addresses in. I then restarted my Exim mail server right from the option built into WHM.
If you would like, you can use the addresses I’ve included here in this list. There may be new ips to add each month, so you might also want to generate your own list to make sure it is current.
Also, it would be nice if we could white list blocks of IP addresses. I know exim supports that but I’m not certain if WHM’s interface does. I want to try it sometime. then to whitelist all of the twitter addresses, you could just put “22.214.171.124/20” or something similar. If you try that and it works, let me know.