back to article UK's Virgin Media subscribers suffer fresh email blocking misery

Just when long-suffering Virgin Media customers thought their spam woes had been fixed, it seems the firm's inbound mail server is now blocking the delivery of mail. The grey-listing anti-spam measure has been affecting users for several weeks, with many complaining of delays in receiving emails. One customer wrote to The …

  1. wyatt

    Virgin Media's what? Anyone still use this?

    1. Anonymous Coward
      Anonymous Coward

      I still use my old Blueyonder address...

    2. GruntyMcPugh Silver badge

      I've been a customer of theirs since the late 90s, even worked for them for a few years around then. Never had any email service from them. The only reason I'd get that is to set up remote TiVo control, last time I tried it asked for a VM email address. Although I can't say not having that has been a problem, there is always catch up,... or just not caring.

  2. DaLo

    "This is to help sort out the mail servers from the spam bots out there. Spam bots typically won't retry; mail servers always retry unless they get a definite 5xx error."

    Ahh, genius. There is absolutely no way that the spammers will be able to work around that amazingly inventive piece of mastery. I'm surprise it hasn't solved the spam problem for everyone for good.

    1. Frank Zuiderduin

      Curiously enough, in practice it actually does work that way. Greylisting as such isn't a bad idea. You just need to implement it properly.

      1. DaLo

        It may work for individual organisations, but when large ISPs start to use it (and especially when they publish that this is what they are using), how long will it still work?

    2. Lee D Silver badge

      Would you like to see my mail logs for a large school?

      Greylisting blocks something like 90% of the spam that manages to make it through Spamhaus etc. RBL checks, reverse-DNS checks, SPF checks, etc..

      You're required to retry, but on the timescale that the SERVER asks. If you retry too quickly (e.g. automated blasts from botnets), you end up making it even longer before your email will be accepted.

      Additionally, retrying adds a lot of logic, storage and bandwidth to the system that only interfere if you're emailing en-masse, without hindering genuine email servers that play ball. You have to retry, from the same address, with the same email, only after the specified delay.

      Yes, it's just "another measure". But it's effective. And, like tarpitting (which is basically what it is), it shows you who's just trying to get as many emails out as they can before they get shutdown, and those mail servers who are happy to just deliver your email on your schedule.

      Honestly, greylisting does more than some blocklists manage on their own.

      Until someone fixes email with a replacement that's secure, authorised (i.e. NO you can't send me email because I don't know who you are), low-bandwidth, compatible, popular etc. then greylisting is a pretty damn good measure.

      1. Gerhard Mack

        Greylisting tends to really aggravate the users. Users (especially sales teams) get upset if mail is even a little bit slow to arrive.

        1. Pascal Monett Silver badge

          From what I've heard, greylisting only hits the first mail that arrives from an unknown address. It dynamically adjusts when it recieved the mail again and that address becomes basically whitelisted.

          So the marketing department will gnash its teeth the first time, not afterwards. And they should be happy about it, because it's that much less of a chance they'll click on a bad link.

          1. Gerhard Mack

            I wish

            "So the marketing department will gnash its teeth the first time, not afterwards. And they should be happy about it, because it's that much less of a chance they'll click on a bad link."

            Dream on. Sales departments get a lot of emails from new people and when they don't respond right away the customers call in wondering what happened and then the question "Why is our mail server slow" I tried it years ago and it worked as expected but I nearly lost all of my clients that month.

            If I tried it at my current job, I'd have the whole sales department in the IT director's office demanding my head on a plate (they have pitched fits for less).

        2. This post has been deleted by its author

    3. Anonymous Coward
      Anonymous Coward

      It's actually a very effective technique, I use greylisting on my small personal mailserver, and of the ~65000 IPs attempting delivery so far this year, only ~4500 of those came back to retry and actually deliver the mail. The rest tried once and never came back.

      Having to retry is expensive for spammers in terms of time, when your mission is to pump and dump as many mails as possible, many spammers don't bother with retries.

    4. Anonymous Coward
      Anonymous Coward

      Ahh, genius. There is absolutely no way that the spammers will be able to work around that amazingly inventive piece of mastery. I'm surprise it hasn't solved the spam problem for everyone for good.

      Oh, greylisting works quite well - so well, in fact, that professional spammers have intensified their attempts to find open relays and hosts they can breach to set them up as proxies, which means that SPF based blocking presently gets a real workout.

      May spammers get struck by the death of a thousand (paper) cuts.

      1. Lee D Silver badge

        People relying on email to be delivered EVER and certainly within a specific time-frame are failing to understand how email works anyway.

        An email server could hold onto email for 24h or not deliver it at all and nobody would ever know, once the message has been acknowledged by the server itself.

        Email is NOT guaranteed. Stop using it as if it is.

        It is CERTAINLY not time-guaranteed in any way, shape or form.

        But, yes, greylisting often works on a hash of the sender domain, recipient user/domain and IP address such that genuine email from genuine mailservers is delayed by a few minutes for the first ever combination and then never again after a successful retry (subject to certain time windows, e.g. after 30 days of no email it might reset and delay an email again).

        1. nevstah

          if a server decides not to receive a particular email, thats all well and good, so long as the right bounce/NDR is returned, but a server that receives an email and acknowledges to the sending server that it has been received OK and THEN decides to silently drop/delete/eat said email with no notification to either party, is just plain rude. This has become quite common and causes lots of headaches

          email isn't guaranteed, but it would be helpful if users were told if/when/why an email isn't delivered

          1. kain preacher

            ATT does this if the MX records are not set right our not set at all. Currently I can not revive email from sprint for this reason

          2. Lee D Silver badge

            Problem with relying on server bounces? Server bounces end up creating more spam than the original messages, because you can't verify that the address to bounceback to is correct. The only thing that guarantees the server that is sending to you got the message is an error response in the SMTP session itself. Which is easily ignored and not propagated back to the original sender because... you can't verify the original sender's email address if you're the endpoint or a transport server somewhere in the middle of the conversation (e.g. a mail forwarder). And if you don't have the correct settings and suspect that bounceback email isn't genuine, you CANNOT send a bounceback and if you do, likely you're distributing spam on their behalf, etc. anyway.

            Email is fundamentally broken in this regard, as are the associated standards which say you MUST send bouncebacks no matter what, etc.

            Until someone re-invents email, there is no guarantee of delivery or timeliness.

            1. Terry 6 Silver badge

              Lee D

              Yes. I still find myself shocked that email was "designed" in a way that allows itself to arrive with sender details that may be completely fictitious. I just don't understand why anyone would set it up like that. It's not far from them deciding to allow fraud functionality as part of the standard.

              As in; "Let's see, we need to be able to attach files. Check. Allow messages to be forwarded. Check. Give crooks a way to hide their identities. Check. Job done then- lets go down the pub."

            2. Gerhard Mack

              @Lee D

              That is why I just refuse the message and let the sending mailserver generate the bounce.

        2. Mark 85

          @Lee D

          Funny thing about that... most users I daresay do indeed think email (and text messages) are guaranteed and delivery is instantaneous. Oh.. and that any recipient is sitting with bated breath at their PC, smartphone, etc. waiting on that particular email/message.

  3. Simon Harris

    My Virgin Media account has email?

    Oh, apparently not any more...

    https://my.virginmedia.com/customer-news/articles/virginmediamail.html

    "If your mailbox isn’t accessed within a 90 day period, we may suspend access to your mailbox without prior notice. If we do this, your mailbox will remain suspended for 60 days."

    I don't think I've ever accessed my Virgin Media email - I accessed my Blueyonder email once, but it was already overflowing with spam so never bothered again.

  4. Little Mouse

    Huh???

    VM have been flagging too many emails as spam?

    I don't think so. Not if the deluge of shite hitting my inbox for the past few months is anything to go by...

    1. ravenstar68

      Re: Huh???

      For me, the spam filtering does work better than it did. Occasionally spam does get to my inbox but the majority of it does go to my spam folder.

      The problem is that Virgin does also flag legitimate mail as spam. I get newsletters from ASUS, Creative, Samsung etc, and for a good portion of 2016 these were all ending up in my spam folder. (Note newsletters like these are not spam because you have a dealing with the company and have either failed to opt out of the newsletter or deliberately opted in (Note the preferred paradigm is that users opt in but it's not mandatory).

      However other users reported e-tickets, hotel reservation e-mails, etc were being flagged as spam, and because Virgin opted for a default of reject spam, these were being returned to sender. Virgin only reset those defaults in Dec/Jan, meaning there was a lot of mail that should have gotten to people that didn't.

    2. sitta_europea Silver badge

      Re: Huh???

      If you'd like to let Virginmedia know about my offer, I can fix this for them.

  5. wolfetone Silver badge
    Coat

    Ammendment.

    "Just when long-suffering Virgin Media customers thought their spam woes had been fixed"

    Should read:

    "Just when the lazy Virgin Media customers who continue to use their piss poor email service thought that the thing that shouldn't have broken had been fixed..."

    I'll get my coat.

    1. Terry 6 Silver badge

      Re: Ammendment.

      No Wolftone. Ordinary users, including plenty of techies, get Internet from an ISP. It comes with email. It's part of what they pay for ( note, not "free" - part of the package). They do not, and have no reason to, buy an extra email service. Many may also use a nominally free email service like Gmail etc. But the ISP email is there to be used. Not "lazy". Just ordinary paying customers, including small businesses for whom every penny counts.

      1. wolfetone Silver badge

        Re: Ammendment.

        "Not "lazy". Just ordinary paying customers, including small businesses for whom every penny counts."

        If every penny counts then why stick with a service that lets them down and costs them money?

        1. Terry 6 Silver badge

          Re: Ammendment.

          As to why people select any given ISP (and included Email) that is another matter. But which ever one we have, for whatever reason, we should demand it works properly.

          As for me, I use Virgin as ISP because I get the full 200mb download speed, and their TV and fixed-phone service and it's very good value for us. And it's been really reliable.

          That doesn't change the fact that they need to clean up their spam handling - which is grim. I don't think I've missed any incoming emails. But I get plenty of obvious spam ones arriving in my junk folder then filtered by Thunderbird. And plenty more that do get as far as the VM web mail junk folder when I log in and look at it; mostly telling me that there is lots of money available to me from other people's accounts in various places or that "Y0ur Papa1 acc0unt is SuSpended". Oh, and there are some very friendly sounding women....

      2. ravenstar68

        Re: Ammendment.

        Terry6

        I respectfully disagree

        Virgin Media users get E-Mail provided gratis as an additional extra for their paid for services. as do most other ISP users. However, it should be noted that these free benefits can be withdrawn at any time (case in point Virgin Webspace) because it's classed as a promotional extra. The fact is that there are a host of other email options out there available to users, and BTW if your a business, even a small one, using a consumer grade email is bad on two fronts.

        1. There's no guaranteed SLA should the service have problems.

        2. Having your own email domain tied to your business looks far more professional than using a free service.

        3. You get full control over which email addresses you use if you use your own domain.

        4. Last but not least - it's a breach of the T&C's of most free email service to use it for business purposes.

        5. Because of 4 if your business loses money as a result of email failure, you may be lucky to recover your losses. Certainly, VM would argue that they have no obligation to refund such losses.

        1. Terry 6 Silver badge

          Re: Ammendment.

          I wouldn't disagree with much, if any of that as it happens.

          Once email becomes part of a business' service model that's a whole different kettle of ball games.

          But for the domestic user or the small business that just wants a convenient way to send messages etc. but isn't dependant on the ISP email it's fine.

          When I got VM as an ISP email was specifically included in the package. I notice that it no longer is. I just looked. From that point of view customers subscribing without it even saying that email is provided probably don't have much to complain about. But that wasn't the case when I found myself on, or upgraded my contract with, VM.

  6. Anonymous Coward
    Anonymous Coward

    Smart Hosts people.

    £5 Digital Ocean droplet with reverse DNS and SPF record for outbound. Spamassasin and postfix to store and forward inbound.

    Point store and forward at your business email server, done.

    Easy.

    You also have a nice BC solution if your crappy office internet dies...your S & F box will queue email until you're back online.

    1. Anonymous Coward
      Anonymous Coward

      Re: Smart Hosts people.

      And in words that mere mortals can understand?????

      I get it that Digital Ocean calls it VPS's a Droplet but what else needs to be done?

      Is it that simple? If so then why isn't everyone doing it?

      Come on now, don't be bashful, tell us everything we need to know to make an informed decision or else we may have to assume you are being just another 'smarty pants'.

      Oh, and still no Article about the Smart Meter overcharging. As the tips email seems to be disabled either just at weekends or permanently it is no surprise...

      http://www.bbc.co.uk/news/uk-39169313

      £19K for one days leccy! Yay, let everyone have a smartmeter tomorrow!

      1. AMBxx Silver badge
        Boffin

        Re: Smart Hosts people.

        It's only simple if you're running your own email server. I use MX Guarddog for something similar. For most home users (those typically using ISP email services), it's no use at all as you have no control over DNS.

        Before everyone rushes off to install their own email server, check you can change your reverse DNS as some people are using that to check email source too.

        1. Anonymous Coward
          Anonymous Coward

          Re: Smart Hosts people.

          @AMBxx

          Sorry man.

          https://www.digitalocean.com/community/tutorials/how-to-configure-a-mail-server-using-postfix-dovecot-mysql-and-spamassassin

          Thats if you want standalone email hosting.

          To forward on you need a transport map. You dont need dovecot for this step. Just postfix and spamassassin.

          http://marcelog.github.io/articles/configure_postfix_forward_all_email_smtp_gateway.html

          You can lock down postfix to only accept outbound messages from a specific IP but I prefer to use iptables.

      2. HieronymusBloggs

        Re: Smart Hosts people.

        "still no Article about the Smart Meter overcharging"

        That surprised me too.

  7. Cab
    Trollface

    "The Register has contacted Virgin for a comment."

    No response ?

    Because if you contacted them via email...

  8. Leigh Geary

    Long time Google Apps / G Suite user here. $5 per month for no spam and email on my proper domain everywhere, plus no hefty mail downloading and shifting around etc. Didn't think I'd gel with it but never have any email issues.

    1. Anonymous Coward
      Anonymous Coward

      Google Apps / G Suite

      so you are paying $5 per month to let Google read all your emails?

      Are you bonkers?

      Does not matter if all the SPAM gets removed, why would you let Google read all your correspondence and pay then to do it?

      Google knows far too much about each and everyone of us as it is. Hence my posting AC otherwise it would be the BB Icon.

      1. wolfetone Silver badge

        Re: Google Apps / G Suite

        "Does not matter if all the SPAM gets removed, why would you let Google read all your correspondence and pay then to do it?"

        How do you think spam emails are identified? Just by the subject line alone?

  9. Wolfclaw

    Whoever is in charge of VM mail should be sacked, tarred and feather and run out of the I.T industry !

    1. kain preacher

      But then HPE or capita would just higher them.

  10. David Paul Morgan

    old NTL world here...

    I had several NTLWorld accounts, which were subsequently transferred to Virgin Media (still with the old NTLWorld.Com domain).

    Unfortunately they managed to lose 3 of the sub-mailboxes and finally managed to lock me out of the prime account - so I can manage my virgin statements, but I can't 'manage' my own e-mail sub-accounts.

    I've given up and moved my seperate accounts to gmail.com, outlook.com and , yes, yahoo.co.uk who all, surprisingly, seem to have pretty good anti-spam/phishing policies.

    1. Anonymous Coward
      Anonymous Coward

      Re: old NTL world here...

      You are taking chance with yahoo.co.uk. ATT uses yahoo and can not tell how many times I had to rest a hacked account when I worked for ATT. To many for stupid people or people that reuse passwords. I saw quite share of linux users that used a dedicated email app that had their email hacked.

  11. Donnajmc

    iv had nothing but bother since i joined virgin esp the billing iv never paid what its actually meant to be they always want more n some off the ppl that speak to are defo not ppl friendly

    1. Anonymous Coward
      Anonymous Coward

      Donnajmc

      Maybe you should start by using English?

      1. John Brown (no body) Silver badge

        His English was very nearly understandable but I do think he needs learn a bit about what all those funny symbols on the keyboard are for. Especially the Shift Key and the ",", "." and "'" symbols. Although now that I think about it, hiding them between weird " symbols might not help him much.

  12. Jack Cade

    Long-time Virgin customer

    Some problems not addressed properly by Virgin:

    1. Spam filter refuses to learn when I flag as spam the same old repeat offenders again and again.

    2. Webmail unusable overseas on a slow connection, where its old stablemate ntlbusiness works fine.

    3. Webmail interface slow and hard to use (and not working at all right now).

    4. Impossible to get information when Virgin service goes down for days at a time.

    1. Anonymous Coward
      Anonymous Coward

      Re: Long-time Virgin customer

      So why are you still with them then?

      If they are that crap isn't it long past the time to move on?

      Oh, and if you read this VM, your constant snail mails (2 a week) make great firelighters so keep em coming but I'll never sign up to your crapware.

  13. Grease Monkey Silver badge

    Greylisting is a cheapskate alternative to proper spam blocking.

    1. sitta_europea Silver badge

      Greylisting isn't an alternative to anything. It's a useful addition to the armour, but it needs to be applied intelligently.

      The 'intelligently' part, unfortunately, is where ISPs in general fall down.

      Last week I tried to persuade the 'Senior' technical people at daisygroup.com that the SPF record for daisygroup.com is broken. My original mail to them explained what record is broken (more than one problem) and how it is broken. After asking them to re-read my original mail, twice, I gave up. I think they've outsourced their technical department to a call centre in Afghanistan or something.

      If you're even vaguely interested just

      dig -t txt daisygroup.com

      Incompetents like this are selling email services to paying customers. Those customers don't believe me when I tell them their supplier is incompetent. I had a school head tell me that their email was reaching other people, so if it doesn't reach me it must be my service which is at fault. Never mind that their Microsoft DNS says my domain name doesn't exist when I can prove that it does in a dozen different ways. No amount of explanation will make any headway. It's alll about how big and flashy the customer perceives the suppliers to be. In my opinion these customers deserve what they get.

      1. ravenstar68

        Looking at Daisygroup's SPF record - what a mess

        12 DNS querying mechanisms - only 10 allowed

        ptr - what on earth.

        duplicate netblocks

        Someone needs to go back and do their homework.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like