Oppedahl Patent Law Firm LLC (“OPLF”) sponsors many listservs (email discussion groups for intellectual property professionals, here is a list of them), some with over a thousand members. In recent days, hundreds of members of the listservs have started to receive email messages that prompted questions, such as:
I received an email, and I need to know whether it is a phishing hack. If it’s legitimate, I will respond accordingly.
Another listserv member responded:
Got same thing yesterday. Is real. The question is why.
What do these emails mean? Why are the listserv members receiving the emails? How should listserv members respond? In this blog posting, I try to answer these questions.
First, a bit of background. Recently our hosting service provider (Namecheap) made some ill-advised and poorly communicated policy changes. The policy changes forced OPLF to migrate the listservs from one kind of hosting to another kind of hosting (blog article). The listservs (here is a list of the listservs) used to be be at a first IP address and now the listservs are at a new and different IP address.
Each listserv member, of course, makes his or her own decision whether to self-host his or her email service, or whether to outsource his or her email service to a commercial email service provider (“ESP”). By far the most common choice is to outsource it to to somebody. Well-known examples of ESPs include Google (gmail), Microsoft and Barracuda Networks, but there are dozens of other ESPs whose names are lesser known.
It turns out that the ESPs chosen by hundreds of members of our listserv communities behave irresponsibly when it comes to spam filtering. Some ESPs react to a new source IP address as a presumed spammer. And that is what is going on here for those hundreds of members of our communities.
Any listserv necessarily uses some particular software package to do the job. OPLF has used and continues to use the well-known Mailman package. The Mailman package is designed to avoid doing anything that could possibly appear to be spam. If some ESP repeatedly bounces our listserv postings (wrongly, of course, but if the ESP does it) then Mailman logs the bounces and has no choice but to assume that this is what the particular listserv member wants. Mailman makes plans to disable that person’s membership in the mailing list. But Mailman gives that member several chances to avert the disabling. Mailman write to the member in a private email, saying something along these lines:
Your membership in the mailing list Patentpractice [for example] has been disabled due to excessive bounces. The last bounce received from you was dated 08-Jan-2026. You will not get any more messages from this list until you re-enable your membership. You will receive 3 more reminders like this before your membership in the list is deleted.
To re-enable your membership, you can simply respond to this message (leaving the Subject: line intact), or visit the confirmation page at [special web link].
This is the kind of email that prompted one listserv member to ask:
I received an email, and I need to know whether it is a phishing hack. If it’s legitimate, I will respond accordingly.
This is the kind of email that prompted another listserv member to respond:
Got same thing yesterday. Is real. The question is why.
My answer to the listserv member was that our listserv server (Mailman) is trying to do you the courtesy of telling you that your email service provider has been (wrongly) bouncing lots of our listserv postings. And out of respect for your (apparent) wishes to receive no more emails from us, our listserv server is disabling your membership in that listserv.
I responded to this listsev member that you get several choices if this happens.
First, of course, if you have not already done so, I invite you to subscribe to my blog. My blog postings come from a different IP address than our listserv postings. So even if your ESP is (wrongly) bouncing emails from our listserv, maybe your ESP is not misbehaving in this way with respect to my blog postings.
Second, I invite you to read my blog postings about this stuff, for example this blog article. I go to quite some trouble to write these blog postings to describe and disclose exactly what is going on with the listservs and you might find the blog postings helpful.
Third, yes, you might as well click on the confirmation link that you asked about, the link that you worried might be spearphishing. Clicking on the link will not at all change the wrong behavior of your ESP, but it will reassure our listserv server that you really do want to receive the listserv postings.
Fourth, if you have not already done so, I suggest you get on the telephone with your ESP and have a very frank discussion of the fact that you pay them to provide a service and they are doing it wrong, bouncing emails that anybody would realize are not spam if they went to the trouble to look at them.
Related to this would be to learn how to whitelist things with your ESP. This is very different from one ESP to the next and so it is not within my ability to give you magic words to use with the particular ESP that you selected (perhaps years ago) to handle your inbound email. If your ESP is doing its job right, your ESP has a way to whitelist the IP address of the listserv (see the IP address in that blog article cited above) and a way to whitelist the email domain name that the postings come from (oppedahl-lists.com).
Have you successfully whitelisted the IP address of the listserv? Have you successfully whitelisted the email domain name that the postings come from? Please post a comment below, perhaps describing how you accomplished it.