One of my clients complained to me that some of their email wasn’t being delivered. I investigated and discovered that email to them through my server was being bounced. The error message in the maillog was:

Feb 25 10:44:59 server1 postfix/smtp[607]: 852EA400001: to=, relay=mail.global.bigfish.com[216.32.180.22], delay=2, status=bounced (host mail.global.bigfish.com[216.32.180.22] said: 550 Service unavailable; Client host [64.34.170.90] blocked using 88.blacklist.zap; Mail From IP Banned To request removal from this list please forward this message to delist@frontbridge.com (in reply to RCPT TO command))

Visiting Frontbridge.com takes you to a page at Microsoft.com. Frontbridge is apparently Microsoft’s hosted Exchange servers. So I emailed that message to the address given in the bounce message, and got an auto-acknowledgment that they would look into removing my server from the block. This morning I got an email that my IP has been safelisted. But:

As long as this IP address does not continue to send a majority of spam, messages will continue to be allowed to route through our network. If this IP address gets relisted after a period of time, further assessment of this IP would be required and the removal process would be more difficult.

So I emailed and asked what spam they think my server had been sending. The response:

The 88.blacklist.zap is an internal list generated with logs from our spam filtering engines. IP addresses may end up on this list if a certain percentage of the mail received by our network from that IP address is marked as spam by our filters for a given period of time. For example 90 percent of the mail is spam for 15 days. The thresholds are variable and may change as needed to ensure the safety of our network.

When the IP address is listed in the blacklist, all emails coming into our network from that IP address are blocked without going further into our filters.

We do not keep a copy of spam messages in our server. After the IP address has been safelisted, we cannot provide you traces or logs of spams prior to being delisted.

So if I have no idea what messages are triggering their alarms, I can’t fight the problem. I can’t even protest, since I don’t think I’m sending spam. Which probably means I’ll be losing a client if I get blacklisted again by Frontbridge.

Through watching the logs, I think I’ve figured it out. I use Mailman to manage mailing lists. For that client, the list is set to reject any message sent to the list from a non-subscriber. That message though is forwarded to the list-owner. So the 100 spam messages that are sent to that list everyday were being forwarded to my client. Frontbridge saw those messages and concluded they were spam. I’ve turned that option off, so now my client won’t get those refused messages. Hopefully no one on the list will accidentally use the wrong address to post, because no one will get a warning they tried to do that.

If you're new here, you may want to subscribe to my RSS feed. This allows you to read my newer articles without having to visit the site again. Thanks for visiting! Mike

I recently discovered that one of my active web sites’ domain names has attracted the attention of a cybersquatter. I emailed the address on the page, which bounced. So I poked around a bit and found another email address. I emailed that address and got a polite note back. I asked if I could purchase the domain name for $75, which should cover their registration expenses for the 4 years they’ve had it. I got back a note telling me that only serious inquiries would be entertained. Their page now has the same keywords and text that is found on my site.

I think I can very easily show that the other domain has been registered in bad faith. He’s trying to make some money off of my hard work. And he’s causing confusion in the marketplace, if people accidentally go to his domain name instead of mine.

Under ICANN’s rules for Domain Name Dispute Resolution, I think I would win the domain if I filed a formal complaint. The catch is that would cost me $1,300 or $1,500, depending on which organization I file the complain with, The National Arbitration Forum (NAF) or World Intellectual Property Organization (WIPO).

I’d love to get some advice on how to proceed. My options are:

1. I could offer the cybersquatter (who has lost several of these cases, so he’s familiar with the process) a little more money, but that really galls me.
2. I could file a complaint, and be out at least $1,300. But I think I would prevail.
3. Or I could rebrand my site under a new domain name.

If anyone has any experience with this process, I’d love to get your feedback.

Here are a couple of good resources:

• Wikipedia entry on CyberSquatting
• Kevin J. Heller’s The Young Cybersquatter’s Handbook

I’ve started using a new system to fight comment spam. If you see any problems when trying to submit comments on the site, please let me know. Email of course, since you won’t be able to send a comment if you find a bug. mclark at planetmike.com. Thanks.

For Christmas 2007, my wife and I made a movie with our 8 year old nephew playing all of the roles. It turned out pretty well. My sister-in-love and brother loved it, it was definitely a surprise.

Filmed with a Canon GL2, edited in iMovie HD.

Currently most, and soon all, of the content at PlanetMike.com is related to technology and web design. So I took this opportunity to rename the site from “Michael Boyd Clark Journal/Blog” to “PlanetMike’s Technology Journal.” I am now adding new GoogleAlerts to monitor for the new name appearing in splogs (already found two!). I also tweaked the settings in my rss footer plugin.

Since the Google PageRank storm last October, I have changed how I place ads on my sites. Some of my sites, like here on PlanetMike.com, I don’t have advertising at all. Other, like ChristmasMusic247.com, do have advertising. But all ads on my sites now have the overly broad nofollow tag on them. In the past 6 months, three different ticket brokers have contacted me about adding ads to my site. And all of them backed away because they aren’t interested in sites that have the nofollow tag on ads. So if a search engine wants to prune out bad actors in the online ad space, all they need to is look at sites that are linking to the large ticket brokers. It’s also obvious that the ticket brokers aren’t really interested in supporting small web sites, or building their customer base from niche web sites. They want to game the search engines by the text in the links in the ads they would run. And that’s exactly what Google is trying to fight.

Ok, I’ve moved a whole bunch of posts from PlanetMike.com over to my personal site, MichaelClark.name. While tedious, it was a pretty straightforward process.

1. Install WordPress on your new domain. Make sure it is the same version as the one on the old domain!
2. Copy the active theme to the new site’s theme directory. This should be under wp-content/themes/.
3. Copy all of your plugins to the new site’s plugins directory. This should be under wp-content/plugins/.
4. Copy the WordPress database to a new database. Ideally, make a backup of the old site’s database, and then import it into a new database. At this point you have two WordPress database set up with 100% duplicated content, users, passwords.
5. Use a mysql editor to edit the “siteurl” and “home” values in the wp_options table. I used Navicat, but you could use any mysql database editor like PHPMyAdmin or the command line.
6. Then simply edit the wp-config.php file on the new site so it can read the new database.

Tada! You now have a complete copy of your old WordPress blog on a new domain.

I took this opportunity on the new site to change my permalink structure. I removed the dates from my post’s URLs.

Important! If you have any photos, style sheets, images, included files, or other content referenced from the old site, those links won’t work on the new site until you copy or move that content over. And since I was splitting out my personal information, I had a lot of other info to move around.

My goal was to have my photos, family stuff, jokes, etc… all on my personal site. So I moved those directories to their new location. But for now I don’t want those pages to break if someone visits that URL. So I created a link from the new site to the old site. For example:
ln -s photos ../www.planetmike.com/photos


I did this for a bunch of directories. To the end user, you can’t tell that anything has changed. But I do have the same content on two domains now, which could mean a penalty at some point from search engines. The reason I had a bunch of directories is that PlanetMike.com has been around since 1997, the days before there were content management systems available.

Now another tedious step: removing duplicate content from the blogs. On the new site I went through and removed a bunch of posts and categories that will not be used there. On the old site I didn’t have to do anything with those posts, since they aren’t changing.

And the final tedious step: On the old site, look at each post in the categories for the new site. A very few of these posts could be deleted entirely, from both blogs. But most needed to be redirected to the new site. I created a list of URLs from the old site that were to be redirected to the new site. I did this by category, just to keep this in manageable chunks. A few posts I reclassified into other categories. Then in my .htaccess for the blog, I added the RewriteRule, one for each URL:
RewriteRule 2005/09/15/virginia-tech-photographs/? http://www.michaelclark.name/virginia-tech-photographs [R=301,L]


This rule says if the requested url contains 2005/09/15/virginia-tech-photographs (with an optional slash at the end), that page has been permanently redirected to http://www.michaelclark.name/virginia-tech-photographs. As I added each category’s URLs to the .htaccess file, I deleted the post from the old blog. Anyone that requests the old URL would transparently be bounced to the new site. That might be confusing to people who visit the site during the transition.

I ended up with over 270 lines in the .htaccess file. I could have used some regex (regular expression) magic, but I liked actually touching each URL. By doing each URL one at a time, I was able to basically audit the entire site.

I finished this step a week ago, and have been watching my server logs and my Google webmaster account for problems. One problem I’m seeing now is that some of my category and monthly archives had multiple pages, but since I’ve pruned the number of posts down, the highest numbered pages don’t exist any longer. I’ll be leaving that as a 404 error so that the search engines will remove that page from their indices.

As much as I love using Akismet for getting rid of comment spam on my blogs, it is extremely frustrating that for some oddball reason, Akismet rarely catches spam that discusses Paris Hilton’s sex antics. I dutifully tag them as spam, but for whatever reason, Akismet won’t learn that Ms. Hilton’s shenanigans aren’t a real comment.

The same thing happens with email using SpamAssassin. Just this morning, one of my users complained to me about a bunch of messages that were getting through safely. I watched the logs and tweaked the SA rules a bit, so hopefully that will help that user.

I really like that SpamAssassin’s rules can be tweaked and modified as needed. But Akismet is a closed to the world, we throw data into it, and what comes out is what comes out. I see that in 2005 someone worked on integrating SpamAssassin into WordPress, but stopped development. I wonder if it should be taken up again? Or maybe just a new plugin is needed that allows WordPress blog owners to add in some custom rules. I don’t think the built-in “Comment Blacklist” is enough.