Okay, the whole story, according to our research: In Dec 2023, an " IT professional" joined Codeberg with a valid email address. In the meantime, they apparently changed something with their server, because the email address is no longer available. They are also a very active contributor to abuseipdb.com, reporting every server which sends mail to nonexistent email addresses on their personal server to. This report triggered the abuse department of our ISP to take down our server. Thank you!
Okay, the whole story, according to our research: In Dec 2023, an " IT professional" joined Codeberg with a valid email address. In the meantime, they apparently changed something with their server, because the email address is no longer available. They are also a very active contributor to abuseipdb.com, reporting every server which sends mail to nonexistent email addresses on their personal server to. This report triggered the abuse department of our ISP to take down our server. Thank you!
@patricus if they can't be contacted in an alternate address, why not remove email address from wherever they were getting emails from? --- moreover, noone should be blocked because of non-delivery to a single address...
and who reports those to abuseipdb anyway? false-positive ratio for reporting every single not-found address, must be >50%. reporting recurring attempts to multiple email addresses like admin@ it@ support@ info@ etc, is usually more correct.
sure, but typos are a thing too you know.. in general i'm also submitting to abuseipdb/blocklist.de, just not those... false positive ratio isnt worth it. --- Btw, wherever you register, there should/could be a limit of email bounces, then user deactivation/deletion. like in mailing list software. what do you think?
We're still waiting for a response from the abuse department about a potential unlock. We apologize for the inconvenience caused.
We have blogged about the problem when providers like @netcup (in our case) rely on blocklists as the single source of truth, without second thought or verification.
This caused much trouble and headache for us, but the person who put us on the list due to a config error will likely never know it happened, after all.
I was a netcup customer myself. Not so surprised that you have also mail problems similar which I also had with Netcup.
To be fair: I think email is broken. There are far too many servers that reject mail for unknown reasons. On the other hand there is too much spam that can be sent to easily. All blacklisting and stuff is just a big pile of workaround ... unforunately it is the de facto standard for message exchange.
@netcup Do I understand this correctly? @netcup took down your STMP/Mailserver cause its IP address was added to that abuseipdb.com? And now you are not able to send email through your smtp anymore?
@ck @netcup No, today I would not rely on my own smtp server to send emails from a service like codeberg. I'd use an external service that is specialized - and known for - handling email. Cause that service has made sure that it's IP address(es) are not put on any blacklist, as that would cost them money ...
We're very sorry for the inconvenience and want to explain, how this case evolved. An abuse case was reported to us and although it is never entirely given that every single report that is filed is valid, we cannot ignore them so services had to be shut down. We're always keen to optimize work related to abuse reports and investigate reported cases even more thoroughly. However, as you know the case was closed -services are up and running again. Thank you for your patience!
Blocklists are not only community-maintained resources, but often charge for monitoring and removal services.
There is an imbalance between small and large operators, and the fact that many people suggested us to just use service from $$company$$ instead of self-hosting emails indicates the terrible situation.
And: If you must operate a server that auto-reports incoming messages as spam, consider **not** registering with such an email address on public servers.
Use a honeypot that no legit provider has any reason to email to, please!
this is the part, that actually terrifies me: how do you protect yourself from such a thing? there's no way to cross-reference email addresses, that people use to sign-in, that I know of ... 😱
I guess the only way to find out if somebody is using a problematic address, is to access the blacklists. Which is not feasible... Or, you know, never touch emails, even with a ten-foot pole and let others do it 🙈
I get not wanting to have a second server & set of DNS records, but if you're automatically sending reports based on unregistered addresses on an actively used mail server, you should probably be at least keeping tombstones for deleted addresses.
Is this auto-report thing a FOSS project or just some admin's script? Either way, they might want to carve out exemptions for common well-known addresses like `webmaster@domain`, `admin@domain`, `security@domain`, etc.
Szwendacz
Als Antwort auf Codeberg.org • • •Codeberg.org
Als Antwort auf Szwendacz • • •@Szwendacz This is the full story: social.anoxinon.de/@Codeberg/1…
Codeberg.org
2024-06-05 13:40:40
Codeberg.org
Als Antwort auf Codeberg.org • • •In Dec 2023, an " IT professional" joined Codeberg with a valid email address. In the meantime, they apparently changed something with their server, because the email address is no longer available.
They are also a very active contributor to abuseipdb.com, reporting every server which sends mail to nonexistent email addresses on their personal server to.
This report triggered the abuse department of our ISP to take down our server.
Thank you!
King Calyo
Als Antwort auf Codeberg.org • • •patricus
Als Antwort auf Codeberg.org • • •patricus
Als Antwort auf patricus • • •Codeberg.org
Als Antwort auf patricus • • •uhuru
Als Antwort auf Codeberg.org • • •@patricus if they can't be contacted in an alternate address, why not remove email address from wherever they were getting emails from?
---
moreover,
noone should be blocked because of non-delivery to a single address...
and who reports those to abuseipdb anyway? false-positive ratio for reporting every single not-found address, must be >50%.
reporting recurring attempts to multiple email addresses like admin@ it@ support@ info@ etc, is usually more correct.
2c
Codeberg.org
Als Antwort auf uhuru • • •@uhuru the idea to report servers sending email to non-existent generic addresses is probably a good thing.
The problem is if you use that server to register somewhere, then remove that inbox 🙄
uhuru
Als Antwort auf Codeberg.org • • •in general i'm also submitting to abuseipdb/blocklist.de, just not those... false positive ratio isnt worth it.
---
Btw, wherever you register, there should/could be a limit of email bounces, then user deactivation/deletion. like in mailing list software. what do you think?
Codeberg.org
Als Antwort auf uhuru • • •@uhuru Most self-hostable software is actually not aware of email bounces. Most tools are fire-and-forget (SMTP only). They are not aware of bounces.
We could implement it into Forgjeo, but this likely affects so much more.
Aral Balkan
Als Antwort auf Codeberg.org • • •Lynn Lablanc
Als Antwort auf Codeberg.org • • •Paul Flo Williams
Als Antwort auf Codeberg.org • • •Codeberg.org
Als Antwort auf Codeberg.org • • •We're still waiting for a response from the abuse department about a potential unlock. We apologize for the inconvenience caused.
We have blogged about the problem when providers like @netcup (in our case) rely on blocklists as the single source of truth, without second thought or verification.
This caused much trouble and headache for us, but the person who put us on the list due to a config error will likely never know it happened, after all.
blog.codeberg.org/how-blocklis…
How blocklists prevent the internet to be decentralized – and safe. — Codeberg News
blog.codeberg.orgVash
Als Antwort auf Codeberg.org • • •I was a netcup customer myself. Not so surprised that you have also mail problems similar which I also had with Netcup.
To be fair: I think email is broken. There are far too many servers that reject mail for unknown reasons. On the other hand there is too much spam that can be sent to easily. All blacklisting and stuff is just a big pile of workaround ... unforunately it is the de facto standard for message exchange.
@netcup
Michael
Als Antwort auf Codeberg.org • • •ck
Als Antwort auf Michael • • •@schmic
That is how email is done in the todays world.
@Codeberg @netcup
Michael
Als Antwort auf ck • • •Codeberg.org
Als Antwort auf Michael • • •We don't want to rely on third parties to deal with confidential parts of our user data, but we should've done better to prevent this situation.
@schmic @ck
Daniel
Als Antwort auf Codeberg.org • • •Codeberg.org
Als Antwort auf Codeberg.org • • •@netcup The issue is resolved with the help of our provider. Thanks for this and all your patience.
Most of the email was successfully delivered, only few remains in the queue.
netcup
Als Antwort auf Codeberg.org • • •Codeberg.org
Als Antwort auf Codeberg.org • • •In the responses to this thread, many users started to blame the IT admin who automatically put our IP address to the blocklist.
Please note that we don't want to blame a single party. Reporting spam and reacting to abuse reports is a good thing.
However, we are concerned about the fact that automation based on accusations from single parties escalates to regular headache for network operators.
This is also far from the utopy of an Internet, where everyone can easily host their own services.
Codeberg.org
Als Antwort auf Codeberg.org • • •Blocklists are not only community-maintained resources, but often charge for monitoring and removal services.
There is an imbalance between small and large operators, and the fact that many people suggested us to just use service from $$company$$ instead of self-hosting emails indicates the terrible situation.
We have written about our position in detail previously: blog.codeberg.org/how-blocklis…
How blocklists prevent the internet to be decentralized – and safe. — Codeberg News
blog.codeberg.orgCodeberg.org
Als Antwort auf Codeberg.org • • •And: If you must operate a server that auto-reports incoming messages as spam, consider **not** registering with such an email address on public servers.
Use a honeypot that no legit provider has any reason to email to, please!
Thank you.
brillenfux
Als Antwort auf Codeberg.org • • •Codeberg.org
Als Antwort auf brillenfux • • •~f
brillenfux
Als Antwort auf Codeberg.org • • •Sam Lehman :nixos:
Als Antwort auf Codeberg.org • • •I get not wanting to have a second server & set of DNS records, but if you're automatically sending reports based on unregistered addresses on an actively used mail server, you should probably be at least keeping tombstones for deleted addresses.
Is this auto-report thing a FOSS project or just some admin's script? Either way, they might want to carve out exemptions for common well-known addresses like `webmaster@domain`, `admin@domain`, `security@domain`, etc.
Volker Stolz
Als Antwort auf Codeberg.org • • •Stupeflo
Als Antwort auf Codeberg.org • • •Codeberg.org
Als Antwort auf Stupeflo • • •Luc
Als Antwort auf Codeberg.org • • •Codeberg.org
Unbekannter Ursprungsbeitrag • • •But yeah, they could've investigated first.