Virgin Media's what? Anyone still use this?
UK's Virgin Media subscribers suffer fresh email blocking misery
Just when long-suffering Virgin Media customers thought their spam woes had been fixed, it seems the firm's inbound mail server is now blocking the delivery of mail. The grey-listing anti-spam measure has been affecting users for several weeks, with many complaining of delays in receiving emails. One customer wrote to The …
COMMENTS
-
-
Tuesday 7th March 2017 09:34 GMT GruntyMcPugh
I've been a customer of theirs since the late 90s, even worked for them for a few years around then. Never had any email service from them. The only reason I'd get that is to set up remote TiVo control, last time I tried it asked for a VM email address. Although I can't say not having that has been a problem, there is always catch up,... or just not caring.
-
Monday 6th March 2017 10:28 GMT DaLo
"This is to help sort out the mail servers from the spam bots out there. Spam bots typically won't retry; mail servers always retry unless they get a definite 5xx error."
Ahh, genius. There is absolutely no way that the spammers will be able to work around that amazingly inventive piece of mastery. I'm surprise it hasn't solved the spam problem for everyone for good.
-
Monday 6th March 2017 10:47 GMT Lee D
Would you like to see my mail logs for a large school?
Greylisting blocks something like 90% of the spam that manages to make it through Spamhaus etc. RBL checks, reverse-DNS checks, SPF checks, etc..
You're required to retry, but on the timescale that the SERVER asks. If you retry too quickly (e.g. automated blasts from botnets), you end up making it even longer before your email will be accepted.
Additionally, retrying adds a lot of logic, storage and bandwidth to the system that only interfere if you're emailing en-masse, without hindering genuine email servers that play ball. You have to retry, from the same address, with the same email, only after the specified delay.
Yes, it's just "another measure". But it's effective. And, like tarpitting (which is basically what it is), it shows you who's just trying to get as many emails out as they can before they get shutdown, and those mail servers who are happy to just deliver your email on your schedule.
Honestly, greylisting does more than some blocklists manage on their own.
Until someone fixes email with a replacement that's secure, authorised (i.e. NO you can't send me email because I don't know who you are), low-bandwidth, compatible, popular etc. then greylisting is a pretty damn good measure.
-
-
Monday 6th March 2017 11:41 GMT Pascal Monett
From what I've heard, greylisting only hits the first mail that arrives from an unknown address. It dynamically adjusts when it recieved the mail again and that address becomes basically whitelisted.
So the marketing department will gnash its teeth the first time, not afterwards. And they should be happy about it, because it's that much less of a chance they'll click on a bad link.
-
Monday 6th March 2017 14:22 GMT Gerhard Mack
I wish
"So the marketing department will gnash its teeth the first time, not afterwards. And they should be happy about it, because it's that much less of a chance they'll click on a bad link."
Dream on. Sales departments get a lot of emails from new people and when they don't respond right away the customers call in wondering what happened and then the question "Why is our mail server slow" I tried it years ago and it worked as expected but I nearly lost all of my clients that month.
If I tried it at my current job, I'd have the whole sales department in the IT director's office demanding my head on a plate (they have pitched fits for less).
-
-
This post has been deleted by its author
-
-
-
Monday 6th March 2017 11:38 GMT Anonymous Coward
It's actually a very effective technique, I use greylisting on my small personal mailserver, and of the ~65000 IPs attempting delivery so far this year, only ~4500 of those came back to retry and actually deliver the mail. The rest tried once and never came back.
Having to retry is expensive for spammers in terms of time, when your mission is to pump and dump as many mails as possible, many spammers don't bother with retries.
-
Monday 6th March 2017 12:11 GMT Anonymous Coward
Ahh, genius. There is absolutely no way that the spammers will be able to work around that amazingly inventive piece of mastery. I'm surprise it hasn't solved the spam problem for everyone for good.
Oh, greylisting works quite well - so well, in fact, that professional spammers have intensified their attempts to find open relays and hosts they can breach to set them up as proxies, which means that SPF based blocking presently gets a real workout.
May spammers get struck by the death of a thousand (paper) cuts.
-
Monday 6th March 2017 12:17 GMT Lee D
People relying on email to be delivered EVER and certainly within a specific time-frame are failing to understand how email works anyway.
An email server could hold onto email for 24h or not deliver it at all and nobody would ever know, once the message has been acknowledged by the server itself.
Email is NOT guaranteed. Stop using it as if it is.
It is CERTAINLY not time-guaranteed in any way, shape or form.
But, yes, greylisting often works on a hash of the sender domain, recipient user/domain and IP address such that genuine email from genuine mailservers is delayed by a few minutes for the first ever combination and then never again after a successful retry (subject to certain time windows, e.g. after 30 days of no email it might reset and delay an email again).
-
Monday 6th March 2017 14:54 GMT nevstah
if a server decides not to receive a particular email, thats all well and good, so long as the right bounce/NDR is returned, but a server that receives an email and acknowledges to the sending server that it has been received OK and THEN decides to silently drop/delete/eat said email with no notification to either party, is just plain rude. This has become quite common and causes lots of headaches
email isn't guaranteed, but it would be helpful if users were told if/when/why an email isn't delivered
-
Tuesday 7th March 2017 14:59 GMT Lee D
Problem with relying on server bounces? Server bounces end up creating more spam than the original messages, because you can't verify that the address to bounceback to is correct. The only thing that guarantees the server that is sending to you got the message is an error response in the SMTP session itself. Which is easily ignored and not propagated back to the original sender because... you can't verify the original sender's email address if you're the endpoint or a transport server somewhere in the middle of the conversation (e.g. a mail forwarder). And if you don't have the correct settings and suspect that bounceback email isn't genuine, you CANNOT send a bounceback and if you do, likely you're distributing spam on their behalf, etc. anyway.
Email is fundamentally broken in this regard, as are the associated standards which say you MUST send bouncebacks no matter what, etc.
Until someone re-invents email, there is no guarantee of delivery or timeliness.
-
Wednesday 8th March 2017 14:08 GMT Terry 6
Lee D
Yes. I still find myself shocked that email was "designed" in a way that allows itself to arrive with sender details that may be completely fictitious. I just don't understand why anyone would set it up like that. It's not far from them deciding to allow fraud functionality as part of the standard.
As in; "Let's see, we need to be able to attach files. Check. Allow messages to be forwarded. Check. Give crooks a way to hide their identities. Check. Job done then- lets go down the pub."
-
-
-
-
-
Monday 6th March 2017 10:39 GMT Simon Harris
My Virgin Media account has email?
Oh, apparently not any more...
https://my.virginmedia.com/customer-news/articles/virginmediamail.html
"If your mailbox isn’t accessed within a 90 day period, we may suspend access to your mailbox without prior notice. If we do this, your mailbox will remain suspended for 60 days."
I don't think I've ever accessed my Virgin Media email - I accessed my Blueyonder email once, but it was already overflowing with spam so never bothered again.
-
-
Monday 6th March 2017 11:39 GMT ravenstar68
Re: Huh???
For me, the spam filtering does work better than it did. Occasionally spam does get to my inbox but the majority of it does go to my spam folder.
The problem is that Virgin does also flag legitimate mail as spam. I get newsletters from ASUS, Creative, Samsung etc, and for a good portion of 2016 these were all ending up in my spam folder. (Note newsletters like these are not spam because you have a dealing with the company and have either failed to opt out of the newsletter or deliberately opted in (Note the preferred paradigm is that users opt in but it's not mandatory).
However other users reported e-tickets, hotel reservation e-mails, etc were being flagged as spam, and because Virgin opted for a default of reject spam, these were being returned to sender. Virgin only reset those defaults in Dec/Jan, meaning there was a lot of mail that should have gotten to people that didn't.
-
-
Monday 6th March 2017 11:03 GMT wolfetone
Ammendment.
"Just when long-suffering Virgin Media customers thought their spam woes had been fixed"
Should read:
"Just when the lazy Virgin Media customers who continue to use their piss poor email service thought that the thing that shouldn't have broken had been fixed..."
I'll get my coat.
-
Monday 6th March 2017 21:07 GMT Terry 6
Re: Ammendment.
No Wolftone. Ordinary users, including plenty of techies, get Internet from an ISP. It comes with email. It's part of what they pay for ( note, not "free" - part of the package). They do not, and have no reason to, buy an extra email service. Many may also use a nominally free email service like Gmail etc. But the ISP email is there to be used. Not "lazy". Just ordinary paying customers, including small businesses for whom every penny counts.
-
-
Tuesday 7th March 2017 09:49 GMT Terry 6
Re: Ammendment.
As to why people select any given ISP (and included Email) that is another matter. But which ever one we have, for whatever reason, we should demand it works properly.
As for me, I use Virgin as ISP because I get the full 200mb download speed, and their TV and fixed-phone service and it's very good value for us. And it's been really reliable.
That doesn't change the fact that they need to clean up their spam handling - which is grim. I don't think I've missed any incoming emails. But I get plenty of obvious spam ones arriving in my junk folder then filtered by Thunderbird. And plenty more that do get as far as the VM web mail junk folder when I log in and look at it; mostly telling me that there is lots of money available to me from other people's accounts in various places or that "Y0ur Papa1 acc0unt is SuSpended". Oh, and there are some very friendly sounding women....
-
-
Tuesday 7th March 2017 13:49 GMT ravenstar68
Re: Ammendment.
Terry6
I respectfully disagree
Virgin Media users get E-Mail provided gratis as an additional extra for their paid for services. as do most other ISP users. However, it should be noted that these free benefits can be withdrawn at any time (case in point Virgin Webspace) because it's classed as a promotional extra. The fact is that there are a host of other email options out there available to users, and BTW if your a business, even a small one, using a consumer grade email is bad on two fronts.
1. There's no guaranteed SLA should the service have problems.
2. Having your own email domain tied to your business looks far more professional than using a free service.
3. You get full control over which email addresses you use if you use your own domain.
4. Last but not least - it's a breach of the T&C's of most free email service to use it for business purposes.
5. Because of 4 if your business loses money as a result of email failure, you may be lucky to recover your losses. Certainly, VM would argue that they have no obligation to refund such losses.
-
Tuesday 7th March 2017 16:45 GMT Terry 6
Re: Ammendment.
I wouldn't disagree with much, if any of that as it happens.
Once email becomes part of a business' service model that's a whole different kettle of ball games.
But for the domestic user or the small business that just wants a convenient way to send messages etc. but isn't dependant on the ISP email it's fine.
When I got VM as an ISP email was specifically included in the package. I notice that it no longer is. I just looked. From that point of view customers subscribing without it even saying that email is provided probably don't have much to complain about. But that wasn't the case when I found myself on, or upgraded my contract with, VM.
-
-
-
-
Monday 6th March 2017 11:12 GMT Anonymous Coward
Smart Hosts people.
£5 Digital Ocean droplet with reverse DNS and SPF record for outbound. Spamassasin and postfix to store and forward inbound.
Point store and forward at your business email server, done.
Easy.
You also have a nice BC solution if your crappy office internet dies...your S & F box will queue email until you're back online.
-
Monday 6th March 2017 11:49 GMT Anonymous Coward
Re: Smart Hosts people.
And in words that mere mortals can understand?????
I get it that Digital Ocean calls it VPS's a Droplet but what else needs to be done?
Is it that simple? If so then why isn't everyone doing it?
Come on now, don't be bashful, tell us everything we need to know to make an informed decision or else we may have to assume you are being just another 'smarty pants'.
Oh, and still no Article about the Smart Meter overcharging. As the tips email seems to be disabled either just at weekends or permanently it is no surprise...
http://www.bbc.co.uk/news/uk-39169313
£19K for one days leccy! Yay, let everyone have a smartmeter tomorrow!
-
Monday 6th March 2017 12:02 GMT AMBxx
Re: Smart Hosts people.
It's only simple if you're running your own email server. I use MX Guarddog for something similar. For most home users (those typically using ISP email services), it's no use at all as you have no control over DNS.
Before everyone rushes off to install their own email server, check you can change your reverse DNS as some people are using that to check email source too.
-
Tuesday 7th March 2017 02:05 GMT Anonymous Coward
Re: Smart Hosts people.
@AMBxx
Sorry man.
https://www.digitalocean.com/community/tutorials/how-to-configure-a-mail-server-using-postfix-dovecot-mysql-and-spamassassin
Thats if you want standalone email hosting.
To forward on you need a transport map. You dont need dovecot for this step. Just postfix and spamassassin.
http://marcelog.github.io/articles/configure_postfix_forward_all_email_smtp_gateway.html
You can lock down postfix to only accept outbound messages from a specific IP but I prefer to use iptables.
-
-
-
-
-
Monday 6th March 2017 12:30 GMT Anonymous Coward
Google Apps / G Suite
so you are paying $5 per month to let Google read all your emails?
Are you bonkers?
Does not matter if all the SPAM gets removed, why would you let Google read all your correspondence and pay then to do it?
Google knows far too much about each and everyone of us as it is. Hence my posting AC otherwise it would be the BB Icon.
-
-
Monday 6th March 2017 16:19 GMT David Paul Morgan
old NTL world here...
I had several NTLWorld accounts, which were subsequently transferred to Virgin Media (still with the old NTLWorld.Com domain).
Unfortunately they managed to lose 3 of the sub-mailboxes and finally managed to lock me out of the prime account - so I can manage my virgin statements, but I can't 'manage' my own e-mail sub-accounts.
I've given up and moved my seperate accounts to gmail.com, outlook.com and , yes, yahoo.co.uk who all, surprisingly, seem to have pretty good anti-spam/phishing policies.
-
Monday 6th March 2017 18:37 GMT Anonymous Coward
Re: old NTL world here...
You are taking chance with yahoo.co.uk. ATT uses yahoo and can not tell how many times I had to rest a hacked account when I worked for ATT. To many for stupid people or people that reuse passwords. I saw quite share of linux users that used a dedicated email app that had their email hacked.
-
-
-
-
Monday 6th March 2017 23:38 GMT John Brown (no body)
His English was very nearly understandable but I do think he needs learn a bit about what all those funny symbols on the keyboard are for. Especially the Shift Key and the ",", "." and "'" symbols. Although now that I think about it, hiding them between weird " symbols might not help him much.
-
-
-
Monday 6th March 2017 17:59 GMT Jack Cade
Long-time Virgin customer
Some problems not addressed properly by Virgin:
1. Spam filter refuses to learn when I flag as spam the same old repeat offenders again and again.
2. Webmail unusable overseas on a slow connection, where its old stablemate ntlbusiness works fine.
3. Webmail interface slow and hard to use (and not working at all right now).
4. Impossible to get information when Virgin service goes down for days at a time.
-
-
Tuesday 7th March 2017 08:16 GMT sitta_europea
Greylisting isn't an alternative to anything. It's a useful addition to the armour, but it needs to be applied intelligently.
The 'intelligently' part, unfortunately, is where ISPs in general fall down.
Last week I tried to persuade the 'Senior' technical people at daisygroup.com that the SPF record for daisygroup.com is broken. My original mail to them explained what record is broken (more than one problem) and how it is broken. After asking them to re-read my original mail, twice, I gave up. I think they've outsourced their technical department to a call centre in Afghanistan or something.
If you're even vaguely interested just
dig -t txt daisygroup.com
Incompetents like this are selling email services to paying customers. Those customers don't believe me when I tell them their supplier is incompetent. I had a school head tell me that their email was reaching other people, so if it doesn't reach me it must be my service which is at fault. Never mind that their Microsoft DNS says my domain name doesn't exist when I can prove that it does in a dozen different ways. No amount of explanation will make any headway. It's alll about how big and flashy the customer perceives the suppliers to be. In my opinion these customers deserve what they get.
-