In an earlier post, I had written about the various security measures to take to prevent losing your good reputation. But what happens if you find yourself on someone’s blacklist? What do you do?
The first step is to carefully read the contents of the bounce messages returned by the blocking mail servers. Bounces typically state the name of the blacklist server along with the specific IP that is being blocked (usually the primary IP used by your mail server). The bounces may also contain a link to the blacklist site and/or an online report that explains why your IP was listed and how to get yourself off of it.
Unfortunately, there is no standard delisting process and you might find yourself at the mercy of some overly-enthusiastic watchdog. Your best bet, though, is to visit the particular site to see what they recommend and of course to review the security checklist mentioned previously. In a very general nutshell:
– Most honeypot-based lists expire after a certain number of days, so they might make you wait it out
– Some sites require that you fill out and submit a complaint form to ask for removal, so again you might have to wait for a response or else try to track down an email or phone number for direct access
– And some (such as SORBS) may charge you to get off the list
There are too many blacklist servers to review all the delisting procedures, but here are some of the most commonly-used RBLs and their methods for removal.
Spamhaus1 Maintains several databases for different types of blacklists (SBL, XBL or PBL), so you’ll need to test your IP onsite to discover which database you’re on. They will issue an immediate report explaining why the IP was listed along with recommendations for fixing the issues and instructions for removal.
Spamhaus also makes a good point: ‘Some DNSBLs are simply too aggressive, unreliable or otherwise unsuited to use by more than a few hobbyist domains, places where most legitimate senders are unlikely to ever send any mail. If your IP address is in such a list, just ignore it! It’s not stopping you from mailing anyone and no one who knows anything about mail cares about such lists.’
Abuseat2 Like Spamhaus, you’re asked to enter your IP to trigger a report containing explanations for the listing, diagnostic recommendations and removal instructions.
Spamcop3 Issues an emailed block report containing a link. You’re asked to click the link to see the specifics about why you were blocked and how to get off the list.
SORBS4 Requires that you fill in and submit a delisting request form on their site. While they say they do not charge a fee for removing you from the proxy, vulnerability, relay, zombie or DUHL databases, ending up on their spam database could cost you: ‘The affected IPs (the ones used to send the spam) will only be delisted when a donation is made to an acceptable charity or good cause, or when sufficient time has passed, or when SORBS determines that the netblock has been returned to the RIR.’ There’s no mention of who determines what counts as an ‘acceptable’ charity or good cause!
Have you ever been blacklisted or have a good story to tell? I’d like to hear about your experiences.
Sources
1. Spamhaus online test: http://www.spamhaus.org/lookup.lasso
2. Abuseat: http://cbl.abuseat.org/
3. Spamcop: http://www.spamcop.net/fom-serve/cache/298.html
4. SORBS: http://www.us.sorbs.net/overview.shtml
The short version. One of our e mail accounts was hacked and the hacker was sending spam. We deleted the account and all is secure. Our web hosting company now says we can not send e mails due to their spam software deemed us bad reputation and they do not know when it will let us send mail. What can we do? We can send email we just can not send anyone else.