Cisco’s SpamCop anti-spam service suffered an outage Sunday after a its domain mistakenly was allowed to expire.
SpamCop provides a Real-time Blackhole List (RBL) that mail servers can use to determine if incoming mail should be marked as spam.
Today, mail administrators, organizations, and ISPs worldwide suddenly found that their outgoing mail was being rejected as it reported as being listed in the blacklist at bl.spamcop.net.
It turns out that this was a false positive caused by the spamcop.net domain expiring yesterday and causing mail servers who use their RBL to reject incoming mail automatically. According to a post on Reddit, when visiting spamcop.net, the domain was shown as parked at the Sedo domain parking service.
BleepingComputer was told that Cisco is aware of the issue and has been working on renewing the domain throughout the day.
At approximately 1:00 PM EST, Cisco renewed the spamcop.net domain, but some mail administrators report that they continue to see issues with their incoming mail being blocked.
When mail is blocked, administrators see the following error in their mail server logs:
“The error on www.spamcop.net is: An error occurred while processing your request.”
These errors are likely caused by cached DNS lookup results in local DNS servers. Once the DNS TTL expires on the domain or admins flush the cache, the RBL should function normally.
BleepingComputer has contacted Cisco with further questions but has not heard back as of yet.
Thanks to Marcel for the tip!