Comcast, SpamHaus, Google Apps and Failed Messages

If you use Comcast as your ISP and then Google Apps to manage your companies email you may have seen this message when sending to some of your clients:

554 554 The message was rejected because it contains prohibited virus or spam content (state 18)

This message is returned by the recipients email server, when passing your message through their spam filter. The reason it's rejected is because your IP address shows up in a SpamHaus Blacklist. This is the IP address given to your home/office by Comcast. In fact, Comcast has requested that many of their IP addresses are added to this Policy Black List. See here http://www.spamhaus.org/pbl/query/PBL191981 for one example. (Our office IP is in that subnet)

Sending via Google Apps web-interface is OK, but sending from applications (Outlook, Thunderbird) or from other automated billing systems (Imperium) will fail because the message originates from an IP in the blacklist.

If you try to call Comcast and resolve this issue they will first point you to a form to remove your IP from their blacklist. As if you were restricted from sending into the Comcast network. Clearly the don't understand the issue. It's outbound mail and it's related to "Outbound Email Policy of Comcast for this IP range" as indicated by the link above.

Subsequent calls to Comcast will only serve to frustrate you. They will try to look at Outlook settings, reset the modem and other things that are completely unrelated to SpamHaus PBL issue.

After escalating the call you will speak with someone like Brandon who will say. "We aren't blocking you" - which is not true. Comcast is blocking us by putting a large set of their IPs on the policy black-list managed by SpamHaus (see link above). Then Brandon will ask you to contact the company who is blocking the message, which is any provider subscribing to the SpamHaus lists (a large number).

So, in short Comcast puts all their IPs on a Policy Black List (net-block owners are responsible for this). Then they will tell you they are not responsible for the blockage (lies!). They will point to others as the cause and their CSRs are unaware of what a PBL is and refuse to acknowledge that Comcast (the net-block owner) is the only party that can instruct SpamHaus to put such a large subnet on a blacklist.

The only solution is to send using the Comcast SMTP servers. That's nice in theory except when sending through the Comcast servers I have no record of the sent message in my Google Apps account. We need these sent messages in our Google Apps accounts for compliance purposes.

Once again Comcast has hurt their customers and their internal staff is a) unaware and b) not knowledgeable enough about network operations to assist. Mr Roberts please - do something!