cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1768
Views
0
Helpful
8
Replies

Open connections: Untd.com (Juno & NetZero) blocking mai

johnb_ironport
Level 1
Level 1

Untd.com (Juno, NetZero, Mybluelight.com) routinely blocks email from our Ironport by ip address. The reason Untd.com gives us for blocking our email is because of "open connections" left incomplete by our Ironport.

We use a filter to temporarily work around the problem to send email out another ip address for the domains that Untd.com manages. We then patch our Ironport or make some setting change and tell untd.com we've corrected the problem and within 24 hours or so they start allowing email from the ip address they had blocked.

Has anyone else had a similar experience?

We send a million and a half emails a month to the typical variety of email providers (Hotmail, Yahoo, Google, AOL, Comcast...) and Untd is the only one to ever block email from our Ironport for any reason.

8 Replies 8

How long are they saying the connections are held open for?

I'm nearly certain that a feature of AsyncOS is to leave the delivery connection open for 5 seconds after the mail finishes in an attempt to have a slight performance improvement if another message comes through for that same destination.

I would try convincing the untd.com adminstrators that their policy is a bit aggressive.

johnb_ironport
Level 1
Level 1

Thanks bvanzant.

You said "a feature of AsyncOS is to leave the delivery connection open for 5 seconds after the mail finishes". I will look into whether there might be an option to close delivery connections more quickly per domain. Might you know whether this is possible?

I agree that untd.com is being unreasonable... we send a million and a half emails a month all over and never have this issue with any other ISP's. Our mail list managers want to tell our subscribers to change ISP's.

As I was writing that response up I took a look through destination controls and the like and didn't see that option. I assume that's where it should be.

If one of the SEs here on the board doesn't know I'd fire through a request to IronPort support and see what they say. It's probably possible; there's little you can't configure on these machines.

johnb_ironport
Level 1
Level 1

According to response from the support engineer:

"the 5 seconds timeout is not configurable. We keep the
connection for 5 seconds longer for optimization in case there is another mail going to that same destination."

I'll come back to this Monday and look at it fresh...

I just looked through the code and the CSE is correct, it is not configurable.

ghoule_ironport
Level 1
Level 1

United Online is notoriously stingy on their incoming mail policies. If you are sending any significant amount of mail to them, they will block you after only a handful of unknown users. You will remain blocked until you contact them. The best thing to do is to make sure you deliver to them very slowly with no connection caching.

Donald Nash
Level 3
Level 3

The best thing to do is to make sure you deliver to them very slowly with no connection caching.


Why reward bad behavior? That just encourages more of it. When people complain to you that mail isn't reaching untd.com, you explain to them that it's untd.com's fault (don't just tell them, explain it as much as they are able to understand). Negative feedback from their own customers, especially if those customers leave because they can't reliably get the e-mail they're expecting, might convince untd.com to loosen up. And if it doesn't, well, then it doesn't. People who stay with untd.com knowing that they are unreliable have made a choice to do so.

Yes, I admit to being someone callous. I just don't like having to make otherwise-unnecessary allowances for other people's incompetence. If you're obeying the rules, not making a nuisance of yourself, not causing anyone problems, etc. (a very important set of preconditions), and then run into an artificial roadblock put up by someone who doesn't know what they're doing, then it should be their problem, not yours. They're the ones who aren't getting their mail, after all. And yes, I understand that the sender also has a stake in the matter. Sometimes you have to work around the problem from your end if the situation is important enough. But in general, if the receiver creates the problem then it should be up to the receiver to fix it.


In case it isn't obvious, I've run into this sort of problem before, albeit not with untd.com. I've even gone so far as to recommend to our administration here that we ban all use of a certain large, free e-mail provider because we could not reliably get past their completely unreasonable spam defenses. It was aggravated by the fact that there was nothing I could do to change the behavior they didn't like (it was a tiny amount of spam leakage through our defenses, amounting to a few dozen spams out of hundreds of thousands of messages per day). What saved the day was that our student newspaper caught wind of the problem (I wish I knew how they found out), and called that large, free e-mail provider to inquire about why we were having trouble getting mail to them. The next thing I knew, the large, free e-mail provider was calling me on the phone to see about getting the problem fixed. Score one for a free press. But it left me with an extreme dislike of poorly run spam defenses.

jasongurtz
Level 1
Level 1

I can understand the attempt at improving performance, but maybe an option to use pipelining (if offered) might be a friendlier option.

~JasonG

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: