Barracuda Networks is at it again: Any Suggestions as to an Alternative?

Ray Corbin rcorbin at
Mon Apr 11 12:07:55 UTC 2011

I don't think they had blocked mail coming/going from which would have been more careless to their subscribers (especially when our outbound units were processing a few million emails a day from our customers). They blocked the domains so you couldn't have a link to google/yahoo in the body and then set that as an update for all of their devices. I believe it was something about a URL redirect on each site that spammers were using..but this was a several years ago so I don't recall exactly.


-----Original Message-----
From: Jon Lewis [mailto:jlewis at] 
Sent: Monday, April 11, 2011 7:56 AM
To: Ray Corbin
Cc: nanog at
Subject: RE: Barracuda Networks is at it again: Any Suggestions as to an Alternative?

On Mon, 11 Apr 2011, Ray Corbin wrote:

> <rant>I had experience with Barracuda as outbound anti-spam filters for 
> a very large hosting provider and I won't use Barracuda again. Some of 
> their methods for blocking spam are a tad extreme. At one point they 
> decided to block both and in their domain filters 
> because neither company responded timely to their complaint emails and 
> wanted their attention.

Those both have pretty poor reputations for handling outgoing spam and 
other abuse issues.

Yahoo is notorious for the "the message in your complaint did not come 
from our servers" response, when any idiot who can read headers can see 
that it clearly did come from their servers.  They've gone a step beyond 
this recently by refusing to accept spam complaints to abuse at 
unless they're in ARF format.  That raises the bar high enough that unless 
you have the skills to easily turn yahoo spam into ARF-compliant reports, 
you can no longer send them complaints when you receive spam from their 

Google ( is the only free-mail provider I'm aware of that hides 
the spammer's originating IP.  All sorts of abuses seem to be tolerated 
there for much longer spans of time than you'd think it would take "the 
brightest of the brightest" to lock things down.  i.e. URL redirectors 
used by spammers for months, phishing collectors reported to Google 
security, and nothing apparently done about them.

Sometimes, the only way to get an appropriate reaction from an org that 
just doesn't seem to care about its abuse issues is to make those abuse 
issues cause them some pain.

  Jon Lewis, MCP :)           |  I route
  Senior Network Engineer     |  therefore you are
  Atlantic Net                |
_________ for PGP public key_________

More information about the NANOG mailing list