This is a read-only archive. Find the latest Linux articles, documentation, and answers at the new!

Feature: Internet & WWW

Barracuda offers a new -- and free -- alternative to Spamhaus

By Robin 'Roblimo' Miller on December 17, 2008 (7:00:00 PM)

Share    Print    Comments   

For many years Spamhaus has been top dog in the anti-spam world of DNSBL (Domain Name System Block List; also known as Realtime Blackhole Lists or RBLs). But Spamhaus is no longer a 100% free service. Even small nonprofits are now expected to pay at least $250 per year for a subscription to the Spamhaus DNSBL Datafeed Service. Now a new, free alternative to Spamhaus has arrived: the Barracuda Reputation Block List (BRBL), provided by well-known, open source-based Barracuda Networks. And Barracuda CEO Dean Drako says the company has no plans to charge for the service in the future. He says that BRBL (pronounced "barbell") "does cost us a little bit of money to run, but we think that the goodwill, the reputation and the understanding that Barracuda is providing the service will do us well in the long run."

While Barracuda Networks corporately and Drako personally are both open source boosters, he runs a for-profit company that sells spam-fighting appliances and services. In effect, BRBL is a promotional effort for Barracuda, not to mention that it's something the company needs to maintain anyway to support its own pay-for products.

Free is nice, but how well does it work?

Adam Lanier, who works for a New York investment firm, has been using BRBL since September, shortly after the service first went public. He has been running it in conjunction with Spamhaus and SpamCop. One of the biggest possible problems with black hole lists and other spam-fighting systems is false positives (where legitimate email messages are wrongly tagged as spam), but he says BRBL has given no false positives "that I know of," but qualifies that statement by adding, "Of course, I only know of a false positive if the use is reported back to me."

Overall spam figures are the best way to measure BRBL's effectiveness. Lanier says, "For the month of October, we had almost 107,000 total messages, and out of that, 40,000 were spam. And this is only messages that actually get into our system. We block many, many connection attempts to send us mail prior to it even getting to us. So we have actually blocked 3.3 million connection attempts trying to get into our systems in October alone. So a lot of spam and virus-laden messages never make it into our systems, because they don't get that far. But out of the messages that we actually received and processed, the Barracuda Block List hit on 16,000. That's 15% of total emails and almost 41% of spam emails. That's far more than any other blacklist. The only other blacklist [that has done better] -- and it's an entirely different class of blacklist -- would be the URIBL blacklist, which tracks URLs within messages, not the addresses that they come from."

In Midland, Mich., Mercury Network CEO David Sovereen is a long-time Spamhous user. "And then," he says, "I became aware of the Barracuda list maybe a month or two ago, and added it in, and it also has virtually no false positives, which is excellent. So, we block [spam] at the connection level. The moment that connection is made to our server, we do the DNS blacklist look up and block based on it. And [BRBL is] blocking lots of connections and consequently lots of spam."

Sovereen says Mercury Network currently has about 10,000 email users, and that "it became very apparent after 10 days that the Barracuda list was doing a really good job, because the number of messages sitting in our quarantine, where we have a 10-day retention, dropped from about 1.5 million down to 600,000. So that was very substantial." And, he notes, "approximately 75% of the messages that are blocked by a DNS blacklist are being blocked by the Barracuda list. The other 25% are being blocked by the Spamhaus list."

Both Lanier and Sovereen rely on a number of spam-blocking tools, not just RBLs. SpamAssasin is their primary spam-fighter. They use RBLs and other blacklists, such as URIBL, to help SpamAssassin come up with an individual email's likelihood -- SpamAssassin uses an adjustable numerical score -- of being spam rather than legitimate communication.

BRBL is a worthwhile addition to a company's anti-spam arsenal

Many network administrators would like to deploy 155mm howitzers and other pieces of heavy artillery against spammers. Sadly, this action is impractical (since spammers are spread all over the world), and hugely expensive. It is also illegal in many jurisdictions. So what's the alternative? SpamAssassin, and possibly commercial and proprietary anti-spam sytems (for those who prefer such things to FOSS). Plus RBLs and other methods of detecting spam-senders before their spew enters the network in the first place.

Drako says that he has a Removal Request page and staff dedicated to helping people whose IP addresses get into the BRBL database by mistake or who have corrected the problem that caused their addresses to be blacklisted in the first place. This customer service aspect of the spam-fighting business is one of the larger costs associated with it, but Drako says Barracuda is willing to sustain this expense not only today but in the future. Indeed, we asked him directly about Barracuda's motives in providing this free service, and whether he expects it to bring in enough new business for Barracuda to justify its expense. He says, "I don't know if it pays for itself quite yet, but it probably does. It will be a hard thing to measure, because it's a little bit of a goodwill gesture for us to the community, because we have benefited from and use a lot of open source software. I have always felt that it's important to give back to the open source community, and we donate to a lot of projects, we support a lot of projects. We have four or five engineers at Barracuda who work full-time on open source projects. It is just part of the philosophy here of giving something back to the community."

Share    Print    Comments   


on Barracuda offers a new -- and free -- alternative to Spamhaus

Note: Comments are owned by the poster. We are not responsible for their content.

Barracuda offers a new -- and free -- alternative to Spamhaus

Posted by: Anonymous [ip:] on December 17, 2008 09:07 PM
cool, great news. I had this in my /etc/exim4/vexim-acl-check-rcpt.conf:

deny message = DNSBL listed at $dnslist_domain\n$dnslist_text
dnslists =

However I am not sure which URL to put there now, the "How-To-Use"-section is a bit unclear about that. Any help?


Re: Barracuda offers a new -- and free -- alternative to Spamhaus

Posted by: Anonymous [ip:] on December 23, 2008 02:37 AM
The URL you should use is:


No false positives? BS

Posted by: Teilo on December 17, 2008 10:50 PM
I'm sorry, but Barracuda is not one of my most favorite RBL's right now. Somehow our gateway ended up on their BRBL. Our SMTP server, however, was not. Nevertheless, any emails sent from behind our Gateway, using our perfectly clean SMTP server, were blocked by Barracuda.

I checked every major RBL and we were not on there. I even checked for spurious SMTP traffic coming from behind our Gatway. Nothing. I checked the few Windows machines here for possible spyware or viruses (we only have a few because we are a Mac shop). Nothing. I asked Barracuda how we got on their list. I received no response. I have found others online who have the same complaint. Barracuda will tell you that you are suspicious. They will tell you that their is automated, and not based upon reports. They will not tell you what the criteria was that got you added. If you are there, you have no way to know how you got there. If Barracuda decides not to remove you, you are SOL. You can't email any of your customers who use Barracuda.

I was lucky in that they took my IP off, and did not put it back on (so far). Others, not so much. Barracuda response, "Sorry, but your a spammer, and we aren't going to tell you why we think so."

It gets worse. On their IP Removal Request page, they state:
Barracuda Reputation System honors domains registered at If you want to avoid email with your domain and IP being inadvertently blocked, you can register your domain at
Hmm. Looks interesting. I go there.

This is what I see:
This list is the Registered Email Sender List (RESL.) The RESL data is provided as a free RBL for all to use. There is a small administrative charge of $20 to put your domain on the list and have it verified. This list is used by many people to bypass their spam filters.
Huh!!!? You mean, if I pay you $20 (a year), you will remove my IP and not put it back on? But you won't tell me how it got on there in the first place? This is nothing short of extortion.

Sooo. Who the heck is Checked their About us, and Contact. Nothing. Checked WhoIs. Privacy masked. WTF??

Ok, let's try this another way:
Got the IP. Now:
OrgName: Barracuda Networks, Inc.
Address: 3175 S. Winchester Blvd
City: Campbell
StateProv: CA
PostalCode: 95008
Country: US
Something does not smell right here, folks!
[Modified by: Teilo on December 17, 2008 04:51 PM]


Re: No false positives? BS

Posted by: Anonymous [ip:] on December 18, 2008 06:32 AM
I have just verified everything Teilo just said. Barracuda claims that they will "honor" a domain if you pay them $20. This is an extortion scam. Do not use Barracuda Networks, Inc.


Re(1): No false positives? BS

Posted by: Anonymous [ip:] on December 20, 2008 12:57 AM
Please let me know exactly what you verified?

I went to the BRBL removal request link and saw a form to fill out with no fee required.

In addition to their free removal service, they offered people the OPTION of going through an outside service called charges $20 for them to spend the time verifying that you are not a spammer, then whitelisting your domain name through a service that spam filter providers can use.

When I think of all the hassles you go through to get every spam filter providers to get your name back off their blocklist if you once had a botnet, paying $20 one time for a company whose business is to verify you are valid is well worth it. But regardless, has nothing to do with Barracuda, since you can use their own removal form for free. By pointing you there, Barracuda is letting you know that you can do this to avoid being blocked elsewhere. It is NOT required for BRBL - it is clearly noted:

Barracuda Central Reputation System – Removal Request

To request adjustment of your IP reputation on the Barracuda Reputation System, please enter your email server's IP address, your email address, phone number and an optional reason for removal below. Please note that the BRBL is generated by automated systems. Requests without valid information will be ignored. Multiple requests will also be ignored.

Removal requests are typically investigated and processed within 12 hours of submission if provided with a valid explanation.

Barracuda Reputation System honors domains registered at If you want to avoid email with your domain and IP being inadvertently blocked, you can register your domain at

(BRBL removal form below this)


Barracuda offers a new -- and free -- alternative to Spamhaus

Posted by: Anonymous [ip:] on December 18, 2008 12:12 PM
I agree that Barracuda Networks is a scam. Our mail server, a university email gateway, was listed in the Barracuda RBL but doesn't tell you what particular email(s) caused it to be listed. Except for the fact they will delist you for a certain fee.

I tell our end users if your email is blocked by a remote server because of a Barracuda RBL, tell the remote site to stop using Barracuda.

The Barracuda RBL cannot be trusted due to so many false positives and the SCAM they are trying to pull.


Barracuda RBL: false positives

Posted by: Anonymous [ip:] on December 18, 2008 01:50 PM
Hi, we are running an anti-spam service for hundreds of compagnies and, sure thing, we tested BRBL...
Actually we had to stop using it because of the falses positives; we had almost no FP with SpamHaus, some (but few) with Surriel, but way too much with BRBL.
I think their service may be some help for individuals and small enterprises, but it has a long way to do before being in the same leage than SpamHaus.


Please Be Less Disingnuous.

Posted by: Anonymous [ip:] on December 18, 2008 10:13 PM
Robin, please be a bit less disingenuous. Your wording makes it sound as though Spamhaus has started the, oh so familiar, move from free to closed and pay for use. That's just not the case. Spamhaus charges for their feed service which is a raw feed of their ENTIRE database content. It is a monumental amount of data that is intended for very large networks or mail systems that want to reduce or eliminate their DNS requests for checking RBLs by hosting the RBL in house. The bandwidth costs alone associated with providing this feed are huge so charging for it is not unreasonable.

Spamhaus' standard RBL service where you perform a DNS lookup, exactly like the Barracuda offering, is COMPLETELY free of charge as it always has been. It doesn't even require registration, like Barracuda does. Spamhaus has never made any indication that this would ever change. However, Barracuda's own site states that they only hope that it can remain free. As if they already have plans to monetize it and are simply waiting for the user base to grow to critical mass.

Contrary to your insinuation, small non-profits would not need or use the Spamhaus data feed. They would use the regular Spamhaus SBL just as they always have and just like most Spamhaus users do. Big mail systems like Yahoo! and big companies like Walmart might need and use the Spamhaus data feed but, most companies and small non-profits don't. Barracuda doesn't provide a datafeed service at all. Barracuda's offering is the same concept as Spamhaus' free offering. Perhaps Barracuda will offer a feed service in the future. But, I'll wager that it if it ever arrives won't be free either!

Finally there is Barracuda's pay to delist feature, mentioned in previous posts. This bogus technique was tried before by IronPort and AOL. With this pay for service, spammers can pay to be delisted or to bypass a company's spam filters. But, at $20 per year, Barracuda will lose so much money on it, they will surely discontinue the service.

Thanks anyway but, so far Spamhaus is still the best RBL. At least by my testing it has the highest trap rate and the lowest false positive rate and, contrary to Robin's insinuations, Spamhaus is still FREE!


Re: Please Be Less Disingnuous.

Posted by: Anonymous [ip:] on January 05, 2009 08:10 PM
Spamhaus is not free for everybody! As a matter of fact, it is very easy to get your system blocked by them from using their lists. They have a usage criteria on their website ( that they state going over will get you blacklisted. But my servers don't get their so called daily lookup requests in a week, but I still got blacklisted. And they also will not reply to your inquiry e-mails unless you are buying a feed.


Apple, meet orange

Posted by: Paul C. Bryan on December 19, 2008 01:48 AM
You're comparing apples to oranges.

Spamhaus is not charging for their service except for those who need their data feed, which uses a lot of bandwidth. As far as I can tell, Barracuda isn't even providing a data feed service! The Spamhaus DNS-query based service (like Barracuda) is free of charge.

To date, Spamhaus has a very good reputation, with near-zero collateral damage, in large part because they've strongly codified their policies and backed them up with vigilant investigators and administrators. Their policy: you are considered an offender if you send unsolicited bulk mail. You must meet this criteria to be listed.

As far as I can see, Barracuda has no such policy documented. Their methodology purportedly uses "honeypots" to attempt to automatically detect spammers -- presumably if you send an email to such an address, the server you send it through is considered an offender. I'm not sure how well this works, but I would at least wait for some independent testing of Barracuda to come out before switching my DNSBL server to them.

C'mon Robin, next time, compare apples to apples, wouldya?
[Modified by: Paul C. Bryan on December 18, 2008 05:58 PM]

[Modified by: Paul C. Bryan on December 18, 2008 05:59 PM]


Re: Apple, meet orange

Posted by: Anonymous [ip:] on December 20, 2008 12:46 AM

Spamhaus’ zen list is composed of 3 main blocklists: XBL, SBL and PBL.

XBL is done manually and Spamhaus clearly describes their methodology for it. But it only filters a very small percentage of their spam, maybe around 3%.

Spamhaus’ SBL list blocks the majority of their spam and their posted methodology for it only says that it is a combination of CBL and NJABL – the actual methodology is not published.

Don’t blame either company for not clearly posting their methods so spammers know how better to get past them them - it's tough enough as it is!

I have heard positive feedback on Barracuda’s low false positive rate directly from some IT admins that have tried it out.

But IT admin’s should take outside feedback (positive or negative) with a grain of salt and test it out for their own system. And unlike a commercial product they don’t have to buy it first!

Robin absolutely did an apples to apples comparison. We need to know what our choices are – healthy ‘competition’ keeps all the organizations/companies offering RBL’s motivated to keep improving their results.


Barracuda offers a new -- and free -- alternative to Spamhaus

Posted by: Anonymous [ip:] on December 19, 2008 07:45 AM
Folks, Try running a Google with "Roblimo" and "Barracuda", I think you'll find the results interesting...


Re: Barracuda offers a new -- and free -- alternative to Spamhaus

Posted by: Anonymous [ip:] on December 19, 2008 11:44 PM
I ran the Google search you suggested and found nothing except that Roblimo interviewed Barracuda's CEO Dean Drako on the Barracuda Trend Micro/ClamAV lawsuit.

Let's stick to facts here, not disingenuous obfuscation.


Barracuda offers a new -- and free -- alternative to Spamhaus

Posted by: Anonymous [ip:] on December 19, 2008 10:56 PM
Hate to break it to everyone, but Spamhaus IS NOT FREE to everyone. Check it out.

Use of the Spamhaus DNSBLs is free of charge for low-volume non-commercial use. To check if you qualify for free use, please see: Spamhaus DNSBL usage criteria.

Use of the Spamhaus DNSBLs via DNS queries to our public DNSBL servers is free of charge if you meet all three of the following criteria:

1. Your use of the Spamhaus DNSBLs is non-commercial*, and
2. Your email traffic is less than 100,000 SMTP connections per day, and
3. Your DNSBL query volume is less than 300,000 queries per day.


Re: Barracuda offers a new -- and free -- alternative to Spamhaus

Posted by: Anonymous [ip:] on December 19, 2008 11:50 PM
Thanks for posting the link - Spamhaus' limits for free use just is not practical for a reasonable size business.

I checked out and Barracuda does not have a limit for free usage for BRBL.

Don't blame Spamhaus for charging, it is just important to know the comparison.

Any Spamhaus user that the charges effect would know this anyway. Robin's article is saving new users some research time here.


Re(1): Barracuda offers a new -- and free -- alternative to Spamhaus

Posted by: Anonymous [ip:] on January 05, 2009 08:17 PM
My systems have been blacklisted, and I get far less than 100,000 SMTP connections a day, more like 10,000 to 15,000. And I doubt if I did 300,000 queries a day unless I got a DDOS attack in ONE day. Try and ask why you are blacklisted, and you receive no response. Maybe a listing of what days and how much we went over the limit would be polite, but I realize that they don't have to.

I am not saying that they can not charge, but I think they should at least live up to their own guidelines.


Re: Barracuda offers a new -- and free -- alternative to Spamhaus

Posted by: Anonymous [ip:] on December 29, 2008 03:06 PM
read the definition of non-commercial use:

*Definition: "non-commercial use" is use for any purpose other than as part or all of a product or service that is resold, or for use of which a fee is charged. For example, using our DNSBLs in a commercial spam filtering appliance that is then sold to others requires a data feed, regardless of use volume. The same is true of commercial spam filtering software and commercial spam filtering services.

A company that uses our DNSBLs solely to filter their own email qualifies as a non-commercial user and may use our free public DNSBLs if that company's email volume and DNSBL query volume is below the free use limits. The same is true for any non-profit organization, school, religious organization, or private individual who operates their own mail server.



Removal from Barracuda's BRBL is FREE

Posted by: Anonymous [ip:] on December 20, 2008 12:05 AM
Someone incorrectly posted that Barracuda charges some $20 'extortion' fee to remove your name from their blocklist.

There is no such fee, the removal service is free of charge.

Below is the link with instructions on how to request removal request.

I talked to someone that went through the removal process and they said it was straightforward to do and it worked.


Re: Removal from Barracuda's BRBL is FREE

Posted by: Anonymous [ip:] on December 20, 2008 07:23 AM
I think what Barracuda is selling with their "removal service" is more of a permanent way of not being listed. I believe that even though you request removal, it's possible to end up on the list again.


Re: Removal from Barracuda's BRBL is FREE

Posted by: Teilo on December 23, 2008 06:09 PM
Excuse me, but you are wrong.

Yes, you can "request" a removal. However, they do not have to remove you, and I know of specific cases where Barracuda said, "Sorry, but we won't delist you." When challenged, and asked why not, they refused to respond.

The alternatives? Pay them $20, or change your IP.


Barracuda offers a new -- and free -- alternative to Spamhaus

Posted by: Anonymous [ip:] on December 26, 2008 07:12 AM
I checked into this further and found out that I misunderstood something(as have most others in this discussion thread).

Registering on the site and paying their $20 administrative charge does NOT get you delisted off the BRBL at all.

If you want to be removed from the BRBL you MUST request removal from it directly on the BRBL removal page (for which there is no charge).

The list is a completely separate 'whitelist' of IP addresses used by/available to Barracuda and other commercial Spam Filters. The theory is that companies can list all their legit email addresses so that they will pass through any spam filter, so that a spammer/botnet posing as that company would not make it through. I think part of the idea is that it takes a credit card to register, so a real spammer would not give away their identity by registering.

Theoretically if everyone registered their legitimate domains in this way, spam making it through would decline dramatically.

Anyway, if you are on the BRBL and registered at, the commercial spam filter (such as a Barracuda spam filter) would need to use otherwise BRBL would still block you. So does not replace BRBL removal.


Re: Barracuda offers a new -- and free -- alternative to Spamhaus

Posted by: Anonymous [ip:] on December 29, 2008 05:28 PM
Theoretically, if everyone registered that way, they would make a sh*t pile of money. If you think for a second that Barracuda is not making money off click-throughs to, you are extremely naive. We also had our IP listed on Barracuda and it has never been used to send spam, nor is it listed on any legitimate blacklist. If we allow one paid whitelist, pretty soon we will all (anybody running a mail server) be paying thousands of dollars to keep our mail servers from being blacklisted. Do NOT give money to and do not use any blacklist that supports them.


Barracuda offers a new -- and free -- alternative to Spamhaus

Posted by: Anonymous [ip:] on December 29, 2008 05:32 PM
It's also quite interesting that is using Whois Privacy Protection Service, Inc. to cover up their whois records. I wonder why that is...


Barracuda offers a new -- and free -- alternative to Spamhaus

Posted by: Anonymous [ip:] on January 01, 2009 10:09 PM
Just as another follow-up for anyone looking for information, is owned by Affinity Path, LLC. This is the same company that owns Barracuda. If you don't believe me, do a little research. In particular, check out the executive profiles for Barracuda Networks. Barracuda and emailreg also use the same nameservers from, which also has privacy protected whois data. This is a SCAM, plain and simple.


Barracuda offers a new -- and free -- alternative to Spamhaus

Posted by: Anonymous [ip:] on January 08, 2009 01:25 AM
I think may people on spam projects hide their identity so that they don't get sued by spammers. e.g. remember that Spamhaus was for their block list. Lawsuits can be completely abused and can cost a fortune to defend - they are not to be taken lightly. I appreciate those that do these projects so I give them the benefit of the doubt. Think some put the projects under Apache, SourceForge simply for the legal protection.

Also, I just don't see how $20/domain name could do more than offset costs for something like this – there is a huge overhead for these things beyond the incremental costs. It just doesn’t strike me as a profit making commercial venture – Barracuda charges thousands for each security appliance and they do a lot more than spam filters (e.g. web filters, message archiving...).

I hadn't noticed any connection between Barracuda and, but after reading your post, I did some research and found these:

1. Barracuda open source an community projects page, mentions donations of hardware is listed there, including given them hardware and bandwidth.

Barracuda Networks supports the following community-based security projects:
• Bill Stearns: hardware donations
• Sanesecurity: mirroring of signature databases
• Spam URI Realtime Blocklists: mirroring of blocklists
• The Spamhaus Project: donations
• Free Barracuda Reputation Block List (BRBL): complete support
• hardware donations and bandwidth

2. 'about us'section - mentions Barracuda as a donor:

"This project was started out of frustration with spam filters blocking legitimate email from legitimate senders. A problem that we all encounter. This project is supported by donations from spam vendors and from individual users. We are also charging a small administration fee in order to develop a viable future for the project. We are still not covering our costs and any donations would be greatly appreciated. We have received support from Barracuda Networks and a few other people, and are thankful to them. Without them we would not have progressed to where we are and been able to build the database we have. If you would like to make a donation to further support our efforts (either because the data we provide is useful or because you believe in what we are doing) please contact us ( We hope to eventually help eliminate spam and make email more reliable.


Barracuda offers a new -- and free -- alternative to Spamhaus

Posted by: Anonymous [ip:] on January 15, 2009 05:52 PM
I did sign up for this, and even worse, there is no way to cancel rebilling on the credit card. It automatically rebills every year. There is no way to cancel this online and does not respond to queries through its online contact form. Do not sign up for this or you will be unable to cancel and will have to take it up with your credit card company.


This story has been archived. Comments can no longer be posted.

Tableless layout Validate XHTML 1.0 Strict Validate CSS Powered by Xaraya