view the rest of the comments
Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
Sure. But why would that matter when you're dealing with hostile 3rd party email providers that intentionally want to blackhole all email domains at Namecheap? But yes, just to clarify I do configure DMARC/DKIM/SPF and that works great for most cases.
I'm just describing what worked for me though in truth I don't know exactly how these hostile email providers actually determine the domain is hosted at Namecheap. My hunch is that they are using a lookup & finding the nameserver for the domain & have already blacklisted Namecheap's default free nameserver IP addresses. For whatever reason those same hostile email providers don't seem to be blacklisting Namecheap's paid nameserver but I think that sort of makes sense...
The larger issue is that Namecheap is known for cheap domains that scammers/spammers tend to buy in bulk & then use to spam with. Those same scammers/spammers aren't trying to spend extra money so they only ever use the default free Namecheap nameservers.
No it does not make any sense. There are literally thousands of domain registrars out there; almost every single last one of them will offer free DNS service with registration. Also, more specifically speaking, DNS provider host provider look up is not even part of email delivery flow.
The most well known spam registrar is GoDaddy as they spam ads everywhere, and everyone and their third cousin’s dogs know about them. NameCheap is a large registrar but isn’t that big of a fish comparatively speaking. But, regardless, blocking any registrars that size the way you’re describing would break way more businesses and hurt the recipient provider’s own reputation. This honestly starting to sound more and more like a smear campaign as opposed to anything grounded in actual technology.
Yeah I thought that too but when speaking with the email admin that was blocking Namecheap while figuring this out they had already decided it wasn't worth trying to allow the 1% of valid emails vs the 99% spam emails they felt they received via Namecheap domains.
Smear against whom? I'm a Namecheap customer, just relaying my own experiences using them. Besides that quirk I like them fine as a registrar.. I know it sounds dumb but I even renewed my domains there even after those email issues.
It's fine, you don't need to believe me as I said it's just my own experience using Namecheap domains for emails. But you could just google around, you'll see plenty of people discussing Namecheap & looking for solutions to block them (or solutions to successfully send emails with hem).. it's not something I randomly made up if that's what you're implying.
e.g.
https://community.spiceworks.com/t/blocking-emails-based-on-registrar/816565
https://tacit.livejournal.com/608386.html
https://shkspr.mobi/blog/2021/05/why-do-scammers-love-namecheap/
https://www.reddit.com/r/NameCheap/comments/13t6fvm/namecheaps_private_email_is_blacklisted_by/
https://www.reddit.com/r/NameCheap/comments/wlb6vp/namecheap_making_it_too_easy_to_register_domains/
https://www.reddit.com/r/NameCheap/comments/tz4mkb/my_emails_are_always_going_in_the_spam_folder_of/
https://www.reddit.com/r/NameCheap/comments/ye358x/i_am_getting_a_ton_of_spam_scams_from_namecheap/
etc.
The name servers themselves is not part of the equation. The commonality in all those linked are sending emails from Namecheap’s shared hosted email/website, not name servers. Sending email from shared hosted email/website is asking for trouble, doesn’t matter who you’re hosting with, because those IP range are always abused, especially with the larger providers, simply due to a larger exposure. The detection mechanism here is really simple and observable via raw mail headers by checking the
Received:
line. Filtering emails from this information here is a typical part of the anti-spam model. A typical implementation would be via DNSBL providers such as Spamhaus, Sorbs and alike. The solution is always to use trusted transaction email services to deliver email from the website instead.That, however, is a very different problem than the dedicated email services like Google Workspace Gmail, because you’d not be sending from your web server’s IP address, but rather via Google’s dedicated range. As such, the
Recevied:
line is much less likely to yield a match in DNSBLs. Validation for these are then done via the SPF/DKIM/DMARC records on your domain, checking if your configuration permits delivery from server at theRecevied:
line (look forReceived-SPF
) and whether or not you have the appropriate signing (look forAuthentication-Results:
and bits about the various stages of DKIM and DMARC).