Cloudmark CSI IP Reputation Remediation

I manage an email server that uses an Atlantic Broadband SMTP server as a smart host. I maintain a mailing list on the server that currently has about 1,300 email addresses. Each month someone sends a monthly newsletter to the email addresses in that list; the people associated with those addresses are all members of a retirees organization and have all indicated they wish to receive that organization's newsletter. Usually, the newsletter is transmitted without problems, but occasionally I will find that email transmitted from the server is silently discarded with no bounced emai indicating why that is occurring. Though that doesn't occur often, when it occurs, it usually occurs when the newsletter is sent. When the problem occurs, as it did yesterday, I have to request that the IP address of my server be unblocked. Initially, I would call the ISP's phone support number, i.e, an Atlantic Broadband support number, but they would in turn have to contact their email service provider, since the email service they provide is outsourced to Echo Labs as I found from examining email headers - see Email sent via an Atlantic Broadband SMTP server not being delivered. But I found that I could get the block removed more quickly if I submitted a request through Cloudmark, an anti-spam company co-founded by Vipul Ved Prakash and Napster's co-founder Jordan Ritter, which provides an anti-spam service used by Echo Labs.

Cloudmark has a CSI IP Reputation Remediation Portal where you can request that an IP address be removed from their blacklist. The following information appears on that page:

Cloudmark Sender Intelligence™ (CSI) is a comprehensive global sender monitoring and analysis system that delivers timely and accurate reputation on good, bad, and suspect senders. CSI uses real-time data from Cloudmark's Global Threat Network™ system to create the industry's most comprehensive sender reputation service.

If you believe the reputation of your IP address is not correct or if the reputation has changed, you may request a reset of all related email traffic statistics within CSI for your IP address.

Please note this is not a portal for submitting complaints regarding content based spam signatures. Those requests must be directed at the service provider who is blocking the message. This portal will only accept statistical reset requests for IP addresses published by Cloudmark Sender Intelligence.

When I completed the form at that page today, I provided the IP address of the server on which the mailing list resides. Since I never receive a bounced message, I put "None" in the "Exact SMTP 5xx error string received" field. I explained the problem in the "Comment" field. When I clicked on the Submit button I saw a message stating that Cloudmark won't remediate dynamic IP addresses.

Warning: The submitted IP (137.103.82.6) appears to be dynamic

The DNS pointer record for this IP (137-103-82-006-dhcp.gsv.md.atlanticbb.net.) appears to be dynamic. Cloudmark will not remediate dynamic IP addresses.

If you have a static IP address with generic rDNS, you may wish to talk to your service provider to see if they will assign you rDNS that more clearly identifies you as responsible for the IP address.

If you're sending mail from a dynamic IP address (as will usually be the case with consumer-level broadband and dialup), you may want to investigate 'smart-hosting' or sending your outbound mail through your ISPs primary outbound mail servers.

Remediate Poor IP Address

Please consult the above warnings and check that you have submitted the correct IP Address.

If you believe that these warnings are incorrect, please resubmit the form below to request reevaluation by our Security Operations Center. An abuse engineer will investigate and respond to you within one business day. Requests that do not contain an error message or time-stamped log entry will not receive a response.

After the above message appeared, I could click on a "resubmit" button to attempt to send the support request again. I clicked on that button and then saw the message "An email has been sent to the email address you provided. Please follow the instructions in this email to confirm the request for remediation." Within minutes after I clicked on the link in the email I received to confirm the request, the block was lifted.

Related articles:

  1. Email sent via an Atlantic Broadband SMTP server not being delivered