JVF has never heard about UCEPROTECT until now. Their practices are bordering on extortion. Ourselves, as well as others in our same situation, feel that a class action lawsuit should be brought against them. Their method of blocking the entire ISP's IP range just because of a similar users IP is unacceptable and against every rule in the spam book. Below you can see the hoops we have been jumping through to get our IP address removed from their blacklist.
JVF Consulting recently upgraded our dedicated server to Liquid Web and was assigned a new IP address. After migrating everyone over one of our customers noticed their emails were bouncing back from an email address that he was normally able to send to. To investigate the reason behind this we did a quick blacklist check using mxtoolbox. As you can see in the screenshot below our IP address is listed on 11 out of 118 known blacklists.
Of course we were instantly interested in removing our IP to fix our clients email issues. We visited the website we were directed to, and from the first impression you can tell they're kind of shady and definitely not located in the USA.
UCEPROTECT is just another DNS blacklist. They track IP addresses possibly involved with spam so email server administrators can configure their servers to block email messages. We entered our IP address and ran a scan to see if in fact our IP address is really listed. The results below show that our entire IP range is on their list! Of course this is not due to us, but more than likely someone with a similar IP address. Thanks to UCEPROTECT's policy they block the entire IP range of /24 and /16 networks with their Level 2 and Level 3 lists. Simply said, JVF Consulting is getting punished by UCEPROTECT because of somebody else's spam. This is ridiculous!
After further reading UCEPROTECT suggests that we should change our ISP. Why would we ever switch from Liquid Web, they're by far the best hosting company on the planet. If we don't want to cough up the $200 to be removed is there another option? Supposedly there is, UCEPROTECT Network claims a 7 day waiting period for removal of blacklisted IP addresses, but we have be waiting for ours to expire for months now. The problem with this situation is that there is no indication as to when the blacklisting began, or when the 7 day ban began. UCEPROTECT does have an adequate IP removal process and their contact form is no help since they will purposefully ignore you and ban your IP if you request help with removal. These are direct quotes taken from their contact us page. "I know that my IP will be listed for further 7 days because of abusing the contact form if i ask for removals here!!"
After this experience we feel that independently operated black lists should not be taken seriously, especially this one. I have submitted an email to them requesting free removal even though we risk them adding us to their blacklist for an additional 7 days. I'm still waiting on a response, so when or if we have any news or updates to this situation we will keep you posted.
By Online Shopping posted on Thursday, May 7, 2009 @ 5:51 AMDidn't know we have to pay to remove our IP address off the black listed list.This is so unfair and why do they have the rights to black list without further investigation?
By Rich posted on Wednesday, June 10, 2009 @ 3:25 PMUCEPROTECT are scam artists.
No one use them.
By Jonathon Kim posted on Friday, July 31, 2009 @ 1:03 PMThey prey on weak administrators that dont know how to configure their RBL's correctly.
ALL Admins must remove these servers from their RBL's.
It is borderline extortion. The only people who pay are the admins that dont know any better.
Companies like Yahoo! should take them off their RBL's!!
I hope UCEPROTECT/BACKSCATTER.ORG gets sued!
By Ari Goldstein posted on Saturday, August 22, 2009 @ 1:18 PMI have a client who is using their direct Internet connection to host their own corporate exchange server. They are NOT a marketing company. They are not a SPAM company. The received a false positive from ucenetwork. After performing a search in google for +uceprotect +extortion I discovered that waiting for the uce group to take you off their list after 4 weeks will only invite them to put you back on their list. There is no actual reason for this. If we look at this from a business standpoint, ANY lead to 'protect' the Internet is better than none at all. So I used my paypal account and paid them their 50 euros. That comes to about $73. This client also had a blacklist from their web server hosting provider - shared hosting platform. This, too, was blacklisted, but on SORBS-SPAM. I spoke to their ISP to move us to another IP, but they claimed that they did not see a reason. They also admitted to me that they tried to contact Matt Sorbs direct for over ayear and a half regarding that IP, and there has been no answer back.
I am amazed that there is both the EFF and many US legislation efforts for anti SPAM and some kinds of rights, but basic extortion schemes like unregulated blacklists and RBL's are completely ignored.
By Hosting Spain posted on Wednesday, August 26, 2009 @ 11:27 PMThese people are crooks and probably run by the same people that create spam. No respectable hosting company should use them for blacklists.
They have no legitimate reason for listing an IP and can offer no proof or information for fixing the so called offence (even if you pay 150$ for it).
There are many scams on the Internet and UCEPROTECT is one of them.
By Jeffrey posted on Thursday, September 3, 2009 @ 11:49 PMI tried some port scanning and came out with golden gloves. then I tried an mx server that my domain uses for an email server. I hardly go there yet and my site is bascially being rebuilt ground up to make it better. Anyway I hardly ever even send emails from my pc using my business email yet! Maybe if am lucky 5 a MONTH.
The only thing I do know is there are forms on the site for users to be contacted with infomration or membership options etc. and order confirmations and hardly am on the planet yet of being a busy site yet. But still the mail server I share is Blocked by a company called Backscatter. you know what maybe Backscatter should be on the one Blocked totaty every which way then can as when I did go to there site they appeared to be Cowards and they know their users probably hate them! And deservedly so. Now take Action and retaliate! Cal evey ISP. the FCC if needed about Backscatters extortion methods and no way to even contact them when they are stealing gobs of money. I bet the the reciepts are for a ukrainian syndicate. No harm to the ukrainians I even hired develoeprs there and were the nicest people.
By GKnight posted on Tuesday, October 27, 2009 @ 7:48 PMI cannot believe anyone was so ignorant as to fall for thier "Pay us 50 Euros or we will block you forever" scam!!?! I am sorry for those who shelled out the cash, but this company is merely a fake RBL provider who are trying to extort money from legitimate busnesses. If you check out thier psuedi site (www.uceprotect.org) and enter any user pass and key, a script runs with all sorts of 733t-speak BS, showing that these guys are just a bunch of looser idiots who are stuck in thier teens. All admins should immediately remove them from your lists!!!
By The Internet Presence posted on Friday, November 13, 2009 @ 3:14 PMI don't think that it is a coincidence that right after I voiced my opinion on UCEPROTECT that they blacklisted me on level 1, 2, and 3.
What do you think? This DEFINATELY shows questionable behavior!
By Zyphos posted on Thursday, January 14, 2010 @ 8:09 AMWe are victim of this Black Listing system. Our internet service provider is being entirely blacklisted by them. Our ISP is the number one in Belgium.
I like their false positive ratio:
54 spammers lead to 2560 IPs blocked.
About 98% of false positive. That's a record !!!
Indeed they are going to block all spam but the whole internet too.
By Ben posted on Thursday, January 21, 2010 @ 9:38 AMDid anyone actually pay to be removed? If you did could you please post on here or email me the Paypal e-mail he uses?
This should be seen on your payment receipt generated by Paypal after you paid. You can also view it via your Paypal account information.
By Franz posted on Thursday, March 4, 2010 @ 3:54 AMInteresting: You were listed in 11 of 114 blacklists and the guys at UCEProtect told you that your ISP is a spammerhaeven.
Instead of kicking your ISP's ass you are whining about the blocklist?
How ignorant are you?
Reading the text I got the impression that all they require to be done is that your ISP kicks off the spammers in that range and then it will be removed free of charge within 7 days.
Hard to believe that someone is stupid enough to call that extortion.
Anyway I have to say thank you for blogging about UCEprotect.
Without you I would possibly never have heard about their project.
Since there is so much whining about them, they seem to be very effective.
I will therefore install their lists on all my servers.
By hundefaenger posted on Friday, March 12, 2010 @ 5:06 PMOf course this is extortion and nothing else.
By the way, almost nobody uses these scammers' lists apart from a handful of bavarian inbreds.
By Tony posted on Wednesday, March 31, 2010 @ 9:44 AMI sent a complaint to http://www.bka.de/ today.
Everyone, please send a complaint to http://www.bka.de/ - they are the department in Germany who deal with criminal organisations.
We need to get this company shut down as asking for money to remove IPs from so called black lists is illegal and shows this company is a scam. Franz, above, is clearly an employee of this scam outfit.
By J. Reives posted on Friday, April 9, 2010 @ 2:54 AMThey are not only backscatter/er but all uceprotect combinations, lautenschlager combinations, adminswebsecurity combinations, apews, triosex de and more. Not very smart of them is their wannabe-intimidating linking of their websites to the NSA of the U.S. either. This authority dislikes if someone adorns themselves with plumes borrowed from them.
There is obviously more than one reason why Dirk L. is wanted by some authorites and private persons now.
By Anthony posted on Wednesday, June 23, 2010 @ 9:18 AMThis one is totally fraud actions, no company is able to take a range of IP's and put it on a black list for no reason. You should not stand and stare and do something about it. I will send compliant too immediately.
By Ralf posted on Friday, July 23, 2010 @ 1:49 AMTotal scam artists, sad to see that they are located in Germany, as I am a German myself.
This is plain and simple extortion, and I am currently checking if they added a clients IP address intentionally/maliciously in their blacklist. Found out last week when out of nowhere users at a client (I work for an outsourced IT service provider) got bounces on all emails. Checked the blacklists and saw they were indeed listed at a few. Reputable ones like CBL, Spamhaus and Spamcop removed the unfounded listing within minutes, Barracuda took it's sweet time and removed the IP within a couple of hours. Just those con-artists at UCEPROTECT hold you hostage for at least 7 days unless you pay them $150. I certainly will check up on those guys and will do/join any effort to get them shut down...
By Pat posted on Friday, July 30, 2010 @ 1:00 PMyes really unfair, we have dedicated server with 2 IP's range
both are blacklisted because we are on these range
we had to paid to unlist the main server IP.
we lease theses IPs for our clients to know they are all blacklisted.
I used their form to tell them the way I think, once I clicked on submit , the form said
MESSAGE DENIED! - We don't take messages from people claiming to be a Spambot.
Spambots are welcome write us here .
ridiculous, they want you to fill their form and then tell you denied and want you submit via your ISP email
I never claimed for a remove on this form, just a way to express myself about their unfair and scam policy
now open to sugestion to figth them, a forum, or anything to stop them
thats not only affect service provider but the complete web community with shared, reseller and dedicated server clients.
I didn't checked if big big company as yahoo or hotmail are listed, there are plenty of spam sent from them.
contact me if you have a solution or proposition or sugestion to make
By Pat posted on Friday, July 30, 2010 @ 1:06 PMsorry I forgot:
about hold you hostage for at least 7 days
if it was only 7 days or so, I will not make stories of it, but when 7 days come unlimited, this is another game.
on their level 3, we are, this is unlimited time, in short mean alway blacklisted
and not because we are spammer, but because in the range of where is our IP (1000's others) there are someone (if there are) abusing by spamming
really UNFAIR and Scam to make money on peoples making the web a way to earn money and paid their daily bills
By Bozaka posted on Wednesday, August 4, 2010 @ 4:28 PMI have recently removed UCEPRotect level 1 from our mail server as they caused way too many false positives - I've maintained a very large whitelist to override the uceprotect list so the business can operate without losing legitimate emails.
I've finally given up as their lists are excessively vicious and on an almost daily basis block the IP addresses of LARGE ISPs and IP addresses of clients who are clearly NOT spammers. The final straw was OUR OWN ip address being added to their lists - we've never spammed, our network is nailed down heavily with NO access to port 25 except for our mailhosts. Why were added? Bugger knows.... And then the extortion method to get us delisted? NO thanks.
UCEPROTECT are overzealous with their lists and cannot be relied on unless you enjoy losing legitimate emails.
By Rhonda Brabbin posted on Wednesday, August 25, 2010 @ 4:30 PMWe are blacklisted by UCEPROTECT and cannot believe that some of our customers use this awful extorsion ring as spam protection what they are really doing is interfering in legitamate business, what do we need to do to shut them down? If anone has any information on taking down this idiotic organization please email me
By Laura posted on Friday, September 17, 2010 @ 9:24 AMUCEProtect are still blocking huge IP blocks owned by BT, one of the UKs biggest ISPs.
They MAY have a legitimate claim that some BT users are sending spam, but blocking the entire range breaks the basic function of a anti-spam service - letting legitimate email through.
They have stated on their site that they are not going to be removing BT from the level 3 list. As many customers do not have the option of changing ISP, they are stuck, so we need to encourage all mailserver admins to either ignore this blocklist altogether, or only use it as a low-scoring spam indicator. It's wildly inaccurate, so has no place as a primary spam detector.
The requests for money to be delisted just make an irritation into something more suspicious.
By Gratis posted on Saturday, November 13, 2010 @ 3:03 PMSome of these comments could have been posts in their own!
By Laurence Forcione posted on Tuesday, January 18, 2011 @ 11:08 PMWe too have been experiencing the same issue with them. After having been blacklisted over and over, paid the delisting fee numerous times, paid the white-listing fee and changed our mail server configuration, we still have no way to get in touch with them to find a solution.
This has been going on for several years and I believe they are hurting legitimate businesses more than they are helping. Their obnoxious stance towards anyone complaining with being listed and blaming it on incompetent mail administrators should be enough to reveal their intentions as a business organization.
Yes, they should be ignored, that's the best way to get rid of them, unfortunately some big players seem to rely on them (how the hell is that even possible?). Anyway, recently the effect of being listed on Backscatterer has been way less noticeable and they got more aggressive in listing IPs, so I decided to ignore them, stop paying their fee and will support any action that will help sanitize the process.
We should organize a petition to have their practices and other similar ones, banned as they have no intention in making the web a better place. Just rip-off legitimate businesses by taking advantage of the ability they have to interfere with proper email delivery and the lack of international regulations regarding email sending practices.
By FM posted on Tuesday, January 25, 2011 @ 6:07 PMAs a native German, I feel as if I have to apologize for them - then I noticed that they were from Bavaria, a state that we unsuccessfully tried to sell to the Austrians after WWII as revenge for letting the dictator out of Austria in previous years.
I'm not current with German law, but as they're "only" making a list available and aren't doing the blacklisting - which is done by whoever uses their list - they might be a slippery eel to catch.
Now, if we could just convince firelan.net and others to NOT use that blacklist, it'd all become a mute point soon enough.
By Jamey posted on Wednesday, February 9, 2011 @ 6:27 PMchbmotd@uceprotect.net is the email they use for paypal. Yes, I got suckered too!
By Nathan posted on Sunday, February 27, 2011 @ 4:48 AMI would like to see Backscatterer.org blacklisted. They have blacklisted my ip for a month unless I pay them $105 US. I am waiting for my one month to be up. I refuse to pay extortionists no matter what damage they do to my business. I am not a spammer but a legit business. Don't know how I got blacklisted to tell you the truth! All the websites hosted on the same server are blacklisted. I doubt they were all spammers!! I think this is a scam to take peoples money! Backscatterer.org says they will blacklist you permanently if you go to authorities. I suggest everyone blacklisted complain to authorities. We did.
By Michael M posted on Wednesday, April 6, 2011 @ 2:52 PM
By Vertreter posted on Thursday, July 14, 2011 @ 9:41 PMDo not pay anything to them. That company has no physical address and no bank connection (paypal is _not_ a bank).
The full names of these louts are known, also the whereabouts >http://www.aaroncake.net/misc/showthought.asp?thought=57< Lawsuits pending. Make paypal freeze their account because of money laundering.
By Seamus posted on Thursday, November 17, 2011 @ 9:51 AMthese f***ers really have pissed me off big time, I have hundreds of customers who do not receive mail because of their stupid lists.. in The past I paid them a couple of times, and was removed... We reconfigured our servers and took measures to ensure that we were NOT abusing in their eyes... It is simply impossible that this happens now.. our last expiration was on 14.11.2011, 30 minutes later we were listed again... Simply impossible.. why... ? the mail server was turned off at that time... duuuhh... complete Scam. Now if we end up on the list I just ignore it... I tell my clients who do not receive their mail to have their ISP remove UCEprotect from their RBLs ... This is the only way.. @Franz... I live close to Bavaria and if I find out where you are I may organize a little visit for you from a few Irish pals of mine in Balaclavas... Believe me I am looking for you you little piece of s***, you have cost me thousands in lost revenue and support... Interestingly Gmail do not subscribe to UCE...
By Lance Purcell posted on Sunday, February 5, 2012 @ 6:18 PMHi All,
I see a lot of people are really angry with UCE Protect. To be honest, its not extortion. UCE Protect is simply maintaining a LIST. It is their RIGHT to maintain a list and add/remove whomever they want.
If I wanted to set up a brand new RBL today, I could throw it up and there is no law in any country that governs who/what IP addresses I can add to my list. UCE Protect has this same right.
If you are angry or frustrated with their delisting practices (coined as extortion here), then you should petition the recipient mail server administrator to whom you cannot send mail as a result of your IP address listing. They are free to REMOVE UCE Protect as one of the RBL lists they reference.
There will never be a class action suit because UCE Protect is just making a list of IP addresses which falls within their free speech rights. They have absolutely NO CONTROL of who uses their list to block IP addresses. They are offering a "free" RBL service to Mail server administrators.
By Tod Denbayern posted on Saturday, February 25, 2012 @ 7:54 PMSure, Lance. Adolf Eichmann also maintained lists, only. Lists of people to be killed for being different. No, he did not kill anyone, he just maintained these black lists.
But the Allieds and Israel thought this was enough to execute him for taking part in a crime.
Admins should not make the mistake to use that ucecrap. They will be nailed anyway.
Nobody has to petition anywhere. Just take a lawyer, mail the German police and sue them. Their names are known.
By Lance Purcell posted on Sunday, March 11, 2012 @ 2:06 PMYour comparison is absolutely ludicrous. Totally inappropriate for this forum IMO. We're talking about email and spam here. And your last sentence is just non-sensible babble. Your posts would probably earn you more credit in the History and Politics forums. Try there, you might make some friends.
By Rick posted on Monday, April 2, 2012 @ 3:57 PMIt looks like UCEPROTECT-Level 3 is a very accurate blacklist and produces very low false positives.
By Robert posted on Wednesday, April 18, 2012 @ 8:58 PM"LEASE NOTE THAT THIS IS AN OPTIONAL OFFER ONLY.
YOU ARE LOSING YOUR RIGHT TO EXPRESS DELIST YOUR IP IF YOU ARE STUPID AND CLAIMING THIS WOULD BE BLACKMAIL, EXTORTION, SCAM OR SIMILAR BULLSHIT. & WARNING: Do not play around here. You have no idea who we really are, and what will happen to you! " ...
Seriously??..ha ha ha.... These guys are narcissistic, powertrip dweebs...and seriously who in the hell would utilize this shadetree RBL as a freaking service for your companies email protection?..When there are plenty of free legitimate rbl's that don't threaten and extort money.. The supporters on this page in this thread MUST be trolls that work for the company, NOT network professionals with reputations to uphold.
By foster1628 posted on Wednesday, October 3, 2012 @ 3:04 PMUCEPROTECT is blocking our server ip as well.
Abuse the internet
By avi s posted on Thursday, February 13, 2014 @ 7:54 PMHello, We want your comment release of the record, because the company above is blocked about 8 days and is unable to function, Fault firewall was revised and all efforts to release them does not work, please help us urgently
mail.david-david.co.il which resolves to 184.108.40.206