View all posts

UCEPROTECT Real-Time Blacklist (RBL)

QuickHostUK receives many questions about the reliability of UCEPROTECT.

Here are some more details to help address any concerns as quickly as possible.

Background

Let’s start with the basics. Every internet-enabled device needs an IP address to get online. Every single IP address belongs to a larger range or network or subnet of IPs. Every subnet is routed using Autonomous System Numbers (ASNs). AS numbers are used to exchange routing information with other Internet Service Providers (ISPs). This is how many networks talk to each other to make the ‘Internet’ work.

Most data centres will have many, many ranges of IPs to provide to their customers.

Here is a basic example to help visualise the setup:

asn example

Ordinarily, if a website or mail account got hacked, or was actually being used by a spammer, the IP address of the sending user or device would get blacklisted. In extreme cases, the entire IP range might get listed. Then, anyone using a blacklist as a part of their antispam solution would be protected and not receive any mail from that sending IP.

How does UCEPROTECTL work?

By contrast, UCEPROTECTL will often block entire AS numbers and/or entire ranges of IPs, rather than the single offending IP.

As an example, as per the above visualisation, if user-2 on IP 1.1.1.3 knowingly or unknowingly sent spam, then AS 123 got listed, this would flag all 256 user IPs in each range 1.1.1.0, 2.2.2.0, and 3.3.3.0 and cause every single and unrelated customer to appear on the black list. As you may agree, this is both unfair and disruptive for the other customers. Furthermore, UCEPROTECTL will then require payments or donations to delist them. For this reason, the UCEPROTECTL blacklist is considered by many to be a form of blackmail, extortion, or simply a scam pay gate as this goes against the very essence of a blacklist and a free and open Internet.

Currently, we are not aware of any companies actually using UCEPROTECTL to block mail, so this should not affect your email delivery at all. But it will flag up in some Blacklist Checkers.

If you do find that your IP is showing as LISTED in UCEPROTECT on a Blacklist Checker, such as MxToolbox, then the first thing you should do is search your IP in UCEPROTECT directly.

MXToolbox

Check your IP

You can use this direct link to check your IP: https://www.uceprotect.net/en/rblcheck.php

In this example, we can see;

  • The user’s IP is in fact NOT LISTED
  • The /24 network (256 IPs) that the user’s IP belongs to is NOT LISTED
  • The AS number where all the IPs are routed is LISTED

UCEPROTECT

Bounce Backs

If you are receiving bounce back messages, you should read the message for the reason.

Here is an example:

Error Type: SMTP Remote server (104.47.73.161) issued an error. 
hMailServer sent: MAIL FROM:<user@sender.com> Remote server replied: 
550 5.7.1 Unfortunately, messages from [1.2.3.4] weren't sent. 
Please contact your Internet service provider since part of their network is on our block list (S3140). 
You can also refer your provider to http://mail.live.com/mail/troubleshooting.aspx#errors. [MW2NAM04FT024.eop-NAM04.prod.protection.outlook.com]

So as we can see here, the message was rejected as part of the senders IP network is on the Microsoft (live.com, hotmail.com, outlook.com) block list. This is completely unrelated to UCEPROTECTL. To resolve this issue, you should contact your ISP/Hosting Provider so they can request a delisting.

Summary

In the examples above, we can see that the AS was listed. However, the IP itself was not listed. Also, the wider network or IP range that the IP belongs to was not listed. This will potentially flag thousands of IPs, all of which are completely unrelated to the spam source that was reported.

You can safely ignore the UCEPROTECTL listing unless you see it printed in a bounce back, which is very unlikely.

Related Articles...

cpanel wordpress

WordPress Manager is now in your Client Area

We’re glad to announce that we’ve integrated WordPress management into your Client Area. You can now manage all of your WordPress sites without logging into a single WordPress admin panel, or hosting account for that matter! Simply... Read more
January Sale

January Hosting Sale 2022

January sales and Boxing Day sales 2021/2022 A fantastic Boxing Day & January sale is one of the best ways to take advantage of our state-of-the-art hosting packages. Are you looking for an incredible deal? Look no further! We are slashing... Read more

This website uses cookies

We use cookies for the analysis of our visitor data, to improve our website, and to give you a great website experience. For more information about the cookies we use, please see our cookie policy.