1) What is UCEPROTECT?
UCEPROTECT publishes three different blocking lists with IP addresses that have become known for allegedly abusive behaviour. These lists can be downloaded and used. UCEPROTECT uses lists such as backscatterers, in which emails are listed by bounce emails. Backscatter are automatic replies via email, such as non-deliverability reports, delivery confirmations and out-of-office messages (or so-called bounce messages). If the sender of the original email is fake, it may happen, that said emails are delivered to innocent third parties.
2) What is the UCEPROTECT deny list?
UCEPROTECT uses its own spam traps and deny lists for its customers, including those from Backscatterer, as well as specially made lists that result from their customer feedback.
3) Why are Hornetsecurity IP addresses listed on UCEPROTECT?
If the recipient of an email uses UCEPROTECT as a deny list, our outgoing IP addresses can also be placed on this list as soon as a bounce message is sent via us. Arbitrary reasons can also play a role, which UCEPROTECT reserves. In addition, UCEPROTECT also uses filtering based on the technology of the sender callout (sender verify). As an anti-spam service, we cannot provide any services, without such queries, but this is not differentiated from UCEPROTECT. Any form that could be interpreted as a DDoS attack could end in deny listing, even if the traffic is legitimate.
4) Does Hornetsecurity request the removal of its own IP addresses from the UCEPROTECT deny list?
You also regularly send such bounce messages through us. As your external email security provider, we are obliged to legally deliver these emails. Therefore, Hornetsecurity does not consider these emails as spam. If this is spam, we have the necessary technical measures to prevent this and make the sender aware of it. The operator of the deny list is also to be regarded as not serious, since they are only removing IP addresses from their deny list for a fee, regardless of whether the sender disrupts mail operations or not. For these reasons, Hornetsecurity will not request, that our IP addresses are being removed from the UCEPROTECT deny list.
5) What can a Hornetsecurity customer do if their emails are rejected due to the UCEPROTECT deny list?
Anyone who uses this list for blocking without mitigating the consequences of the mandatory "false positives" with an allow list must expect that legitimate emails will not reach them. The communication partner should not use the UCEPROTECT deny list as the only classification criterion. However, the configuration of a mail server is the sole concern of its operator. Hornetsecurity can only make recommendations to the operator of the affected mail server. We recommend that you contact the communication partner should such a case arise.