Low-Watt Net Admins - or: why you didn't receive your license key



as all ouf our valued customers know, purchasing from cf/x involves a rather simple process: you download a product, try it out, and if you like it, simply purchse a registration code on-line. cf/x sends a personalized registration key as soon as it processes the payment. the process is rather painless, and works remarkably well. recently, however, we seem to have encountered a curious problem.

the past months have seen a marked increase of returned license mails. these mails never reach their owners. rather, the ISP blocks the mail before it enters their system, and sends back a block notification (this is how we learned about the problem). our customers, after waiting a few days, write to enquire about the whereabout of their keys. we answer them, only to be notified that, again, our email was blocked. our customers become angry, and we lose reputation, and business.

after the refusals started to increase, we investigated what was going on. the result was as astonishing as it was disturbing (to say the least), and it does not reflect well on the overall ability of some ISP's 'experts'.

you see, when you send an email, it goes though many different servers before it reaches your inbox. at the least it goes through our outgoing mail server, into your ISP's incoming mail server and then into your inbox. because of the incredibly large amount of spam that circulates on the net, ISPs try to quickly discard spam even before it reaches the inbox of their clients. but how do they do that? there are many ways to go about this, but the most effective ones work on the same basic principle: blacklists. you see, on the internet all emails when sent are tagged with the sender's server address. this is just the way it works, and a good thing, too. because if you happen to be a known spammer, your emails can be identified quickly. if you spam, you get blacklisted, and any email that originates from your server gets discarded. there are well-respected external services (e.g. SpamHouse - http://www.spamhouse.org) that keep large lists of known spam offenders.

since this may not be enough to effectively block spam, providers usually combine external blacklists with additional in-house rules. for example, an ISP might set up a complaint service, where it keeps a list of all external "eddresses" (electronic address) about which it received complaints from customers.

some ISPs go even one step further, where they try to come up with their own rules to blocking spam. and this is where things went wrong for us. the block notification we received sometimes contained a link through which we were able to determine why our email was blocked. they usually linked to a web pages that would perform an audit of our email, and tell us why it was refused. invariably, all external checks, as well as internal complaint blacklists would give our email address a clean bill of health. it was always that last, ISP-specific 'special rule' check that denied permission.

at first we where baffled. contact with 'specialists' at these providers where inconcluseve at first (plus the fact that some of our enquiring letters to them where also blocked didn't help). but after a while a certain pattern emerged: some ISPs have taken to blocking whole address ranges, and our email address fell into one of these ranges. an address range is simple to block because internet addresses are just numbers, and there is an inherent structure in them. by blocking a range you can effectively block a whole segment of the world, or a certain ISP from your servers.

we took a closer look at the range blocked, and found out that the rule in place at these providers effectively blocked all emails that originated from switzerland (we are located in, and hosted from, switzerland). but why would anyone want to block all incoming mail from here? after all, there are less than 10 million people living here, and the amount of spam originating from here is minuscle. it took us some time, but eventually we figured it out. one hint (one we initially did not understand) was that one of the network administrators (whom we shall not mention to prevent further embarrassment) told us that our range was blocked "because of the large amount of spam" originating from here.
we contacted our provider immediately to find out about this. a few days later we received word that, even though there might be some spam originating from our provider (who is, after all, the biggest provider in switzerland), outgoing email traffic (i.e. leaving switzerland) was almost non-existant compared to incoming, and has been like that for the past year. again, we were baffled.

we contacted the network administrator again, to receive further information. after some time, we suddenly understood what was going on. in 2005, the top 3 spam offenders by country were USA, South Corea, and China. now, the connection isn't immediately appearent, but it is there. in order to block all mail from a specific region, you simply take the 'top-level domain', and look up it's address range. for example, all addresses that end in '.xyz' are registered in the top-level domain 'xyz'. each top-level domain has a range of addresses that they can assign to their customers. to block all traffic from a certain domain, you simply look up it's address range, and add it to your black list.

and this is what happened - or, rather, what went wrong. eager to block all spam from china, this network expert looked up the address range of the '.ch' domain, and blocked it. the problem here is, of course, that '.ch' is not china, as he thought (but did not bother to double-check). Rather, '.ch' stands for switzerland (the reason, of course, being that 'CH' is the internationally accredited country signature, just as UK is for England (United Kingdom), or USA for, well, the USA. incidentally, CH stands for 'Confederatio Helvetica' -- which is latin for 'helvetic confederation'. yes, switzerland is that old a country. and no, it's not sweden. some people - e.g. Tom Clancy in his 'Sum of all fears' novel - have trouble keeping these two countries apart. as far as stupid clichees go, we are supposedly the 'chocolate and clocks' country, while the swedes apparently are the 'blondes with boobs'.).

so, if you have purchased a key from us, and never heard from us it may well be because some rather uninformed network admin at your ISP was not as smart as he thought he was.

Posted: Fri - October 14, 2005 at 12:05 AM      


©