CloudMark

CloudMark / CloudFilter.net – Filtering Legitimate Messages and providing no FBL or JMRP.

The current issue.

Over the last few months, the company I work for has been having issues with a company called “CloudMark” blocking the legitimate messages of our users sent to their clients. This has resulted in emails sent to AT&T, T-Mobile, COX Cable, and others to fail. While I’m happy for CloudMark to have expanded and acquired all of these large ISP customers – it hasn’t been a good experience for other service providers trying to reach users protected by CloudMark.

Our clients are having issues sending legitimate email messages to people at AT&T, T-Mobile, COX, and a few others – and we’ve had zero luck working with CloudMark to resolve the issue permanently. While we have managed to get them to unblock us a couple of times – we haven’t had any luck getting any details so we can cure the source instead of putting a bandage over the symptom.

How things worked historically.

Historically we’ve had very few issues with email even though email is honestly the largest pain of providing web hosting services. Email is the largest surface where you have the least control – for example you can send an email but you cannot force anyone to accept it.

For the first 7 years of being in business, we didn’t do anything to prevent spam or junk mail from leaving our network beyond throttling accounts to a maximum amount of emails per hour. This wasn’t super effective but did at least give us a ‘trigger’ to investigate. I.e. whenever someone hits the mail limit we could check the logs to see if they were sending junk/spam or legitimate messages.

In 2014 we started services with SpamExperts to begin performing anti-spam scanning on all email messages leaving our network. We had two primary goals – the first to make sure our IP reputations stay good and that our users can send their legitimate messages to their recipients successfully – and the second to help us to monitor our increasing email flows and to prevent junk from leaving our network.

It’s only in the last few years that services like Imunify Email have existed for service providers to filter outbound messages. SpamExperts was really intended for inbound scanning and we had to put some work in over the years to make it work for outbound.

Over the years we have signed up for notifications from various email feedback lists [ FBLs ] to receive spam reports. For example if one of our users sends a message to someone using Outlook/Microsoft for email and the recipient reports the message as spam we get a report letting us know the details like so:

These reports include the full header stack of the original message which enables us to trace the message back. Sure – the sender/subject/recipient is enough to usually find a message in the logs – the header stack does definitely make the process easier.

At the end of the day we don’t want SPAM or JUNK to leave our network any more than CloudMark but you wouldn’t know it from talking to them about it.

Resolving the issue with CloudMark

So far we’ve had zero luck resolving the issue with CloudMark. Here’s a short list of problems we’ve faced:

  1. They don’t reply to our messages / ignore us.
    We’ve reached out to them on several occasions and we consider ourselves lucky if they respond. Many times we’ve filled out their forms or sent them an email, which we confirmed was delivered, only for them to never respond or address the issue.
  2. When they do reply they are inaccurate or unhelpful.
    Several times when they responded they stated that they did not have us blocked / that we were not on their list when we were. We then had other representatives of CloudMark respond later in the same ticket that we were blocked and that they’ve lifted the block without explanation.
  3. They do not provide any sort of FBL or JMRP.
    They block messages but offer no mechanism to investigate or resolve the original issue. When someone reports a message sent from our network to a CloudMark recipient – that results in us getting blocked but does not give us any sort of notification or information on the incident.

We want more than anything to permanently resolve whatever the issue is that’s causing CloudMark to block our anti-spam scanners. We want our clients’ legitimate messages to pass through obviously but we also do not want spam or junk to leave our network – period. We would much prefer to stop any spam or junk at our border than for it to leave our network.

Why is this a problem now?

Honestly – I don’t know why this is suddenly a problem when it wasn’t in the past. We’ve been providing hosting and email since 2007, over 17 years now, and we have never had a problem like this before. If spam/junk was leaving our network I would imagine we’d have problems with other block lists/filter services and we’d have a pile of FBL and JMRP notices to go through.

We haven’t seen an uptick in spam reports / FBL reports / JMRP reports and haven’t had issues sending email to any other providers or networks except those sitting behind CloudMark.

Is the problem us, or CloudMark?

Honestly – it could be something obscure on our end – and that’s the main frustration with CloudMark being unwilling to provide any details. Message IDs, dates, times, subjects, senders, recipients, etc – would all be helpful. Even if all they provided was the Message ID alone – that would be extremely helpful for us to track down what is causing this and resolve it. It could be one single individual malicious user on our network or it could be something larger.

It could also be something on CloudMark’s end which I feel is at least somewhat likely considering that we’re not having any issues with any other mail providers around the world. That said I have zero visibility into CloudMark or their services so I can’t say for sure.

TL;DR

We just want legitimate messages to leave our network and be delivered. If you get spam/junk from us we want to know about it so we can do something about it. CloudMark is making this difficult and I’m not sure why. Maybe we just aren’t big enough or maybe we aren’t paying them enough [$0] for them to care. Perhaps it really is about money and not about spam being stopped and legitimate messages making it by.

Share

Leave a Reply

Your email address will not be published. Required fields are marked *