We have recently started using Constantcontact.com to keep our customers up-to-date with the goings on at our company and have been very happy with the service until today when we looked at the number of invalid email addresses that were being reported. Upon investigation, we even discovered that the emails to our own servers that use Vamsoft ORF for Anti-Spam filtering, with Greylisting configured, was not receiving any of the emails being sent from Constantcontact.com.
For those of you that don’t know what Greylisting is, it is a method used by Anti-Spam software to reject the first send attempt from an email address that the server has not received mail from before. Because most spammers will only try to send a message once, then move on to the next target, they don’t usually come back to try again. As an anti-spam tool, this technique is incredibly effective. If the sending mail server tries to send the message again, then the receiving server using Greylisting will not reject the second connection attempt unless it has other issues with the sender, the sending server or the sender’s IP Address etc.
Getting back to Constantcontact.com – having contacted their support team, it was determined that their servers only ever send a message the once and if they encounter a server that uses Greylisting, their servers cannot distinguish between an invalid email address rejection message (550 5.1.1 Unknown User Error) and a Temporary Rejection Message (451 4.7.1 Temporary Rejected – Try Again Later), so they fail the send attempt and class this as an invalid email address. They advise that an email will get tried again 16 days later, but most Greylisting software has a timeout of 24 hours, by which time if they haven’t heard back from the sending server, they then temporarily reject the next connection attempt and then start the 24-hour countdown again. With a 16-day retry interval, the mail from Constant Contact will NEVER reach a mail server using Greylisting.
The support team at Constant Contact’s advice was to contact the recipients and request that they Whitelist (expressly allow mail from their mail servers) the Constant Contact IP Addresses. Considering that we had about 150 “Invalid Email Address” rejections out of about 500 messages, we didn’t find the suggestion that we should contact every customer who they couldn’t email to ask them to Whitelist the Constant Contact mail server addresses a very helpful or indeed practical solution.
As an Exchange Administrator – I am reluctant to Whitelist IP Addresses / mail servers as this can open up the receiving server to problems should the sending server that is Whitelisted become infected. As the problem would appear to be an issue with the mail server configuration at Constant Contact not retrying an email, we have decided to look for an alternative provider that can work properly with servers using Greylisting.
If you send out messages using Constant Contact and have plenty of “Invalid Email Addresses” in your mailing list, then you need to think about using a different provider until they change their working practises because the chances are your email addresses are perfectly valid, but you won’t ever be able to send them emails using Constant Contact.
You have been warned.
****** UPDATE *******
Further to the above information, it now appears that Constant Contact can work happily with Greylisting servers, but the bigger problem that they face at the moment is being blacklisted on pretty much all their servers by UCEProtect Level 1.
Filed under: Anti-Spam, Exchange 2003, Exchange 2007, Exchange 2010, Exchange Server, Security | Tagged: Constant Contact, Greylisting | 8 Comments »