Well, I did say in the introduction to my book that I’m not a DNS expert per se, unless you use Neils Bohr’s definition of an expert as:
“Somebody who has made all possible mistakes within a very narrow field.”
…here’s another one:
Over the past few weeks I noticed a palpable decrease in the number of responses to my personal emails. People just stopped getting back to me, precipitating an near-perpetual series of follow-ups “did you see my last email?” etc etc.
I had ops checking the IP reputations of our mailouts. They were fine.
I started to tell people “make sure you whitelist me in your mail reader” with marginal results.
It was driving me crazy, and culminated with a long-time friend and mentor who was simply not getting my emails no matter what. He was using Godaddy for email, so via a mail-ops mailing list I was able to get connected with a very nice Godaddy email admin who was able to look up the exact message IDs which were going into limbo.
At first I simply couldn’t mentally parse his response, he had checked their spam scoring system and told me:
That fingerprint is for the domain readthis<dot>ca, which was reported as having had its web site compromised.
They need to clear out the junk HTML files and secure the server before we can look at resetting it.
There were a very high number of reports. Looking at the feedback I see:
– 100% of reports seen were to block
– 53% of blocks were from spam traps
– 4 ISPs provided spam trap feedback
– Last spam trap hit : 2016-01-18 05:15:07
– First report : 2009-02-01 13:33:49
– Last report : 2016-01-18 05:15:07
And I’m reading this thinking (and pardon my French here…) “What, the fsck, is he talking about? readthis.ca?”
Finally it hits me. A few weeks back, around the time all this trouble started, come to think, I thought it would be clever (always a warning sign) to put a URL shortened link to my book in my email .signature file:
Mark E. Jeftovic <email@example.com>
Co-founder & CEO, easyDNS Technologies Inc.
Author of Managing Mission Critical Domains & DNS: The Book
And the URL shortener I was using for this was our own readthis.ca which is part of our easyURL shortening service. What I didn’t take into account was that easyURL was open to the public and people were using some of those domains for some pretty dodgy links. Readthis.ca was one of the worst hit, and as a result, I’m tripping everybody’s email filters all over the place.
Which is the moral of the story, one I should have realized: when promoting your business or your wares, use domains and URLs that you directly control (and others don’t).
Sometimes there is no escaping not doing this, like when we send out #AxisOfEasy every week Klaviyo automatically puts their tracking domain in the way of our links but in general, try not to use domains whose reputation can be easily impacted by the internet at large. That’s what I did here and it was a major blunder.
On a sidenote, we’ve shutdown easyURL to non-easyDNS clients. The entire system needs a major upgrade, like adding SSL support, and this experience has me thinking that the ideal solution would be to offer a URL shortening subsystem for your own domains that you can use just for yourself or your organization. That’s where all this is headed, because publicly accessible URL shorteners are increasingly under a deluge of toxic redirects.