Your email might have been blacklisted at one time. You probably found that out when customers or suppliers told you that they weren’t receiving email they were expecting from you. It’s painful and can shutdown your business. Staying off blacklists is just one of the ways to guard your email deliverability. The other is DMARC. DMARC enables you to proactively obtain feedback about your email so that you know about how your recipients’ email systems perceive your email quality. From that information, you can determine how to improve your email quality before it becomes a blacklisting issue.
Email delivery can be complicated. New technologies have emerged to help inbox providers protect themselves and their customers from spam and fraud emails, but these can also stop legitimate emails from being delivered. How do you protect your email delivery?
Our MxToolbox Email Experts have created a checklist to help you improve your email delivery. Learn more
If you are on a blacklist, then you’re feeling the urgency and pain of getting off the blacklist and restoring your ability to send email to customers, prospects and vendors – you’re ready to get back to business. But, wait a second, what caused you to be blacklisted in the first place?
Causes of Blacklisting
- Malware or Virus infection
- Errant bulk email campaign
- Random mail to spam traps or honeypots
You can control these issues with software that filters inbound and outbound email, but really, these are just symptoms of a greater problem – poor Email Delivery Management, meaning methodically developing best practices to ensure email gets to the inbox.
What is going on with email delivery?
Long gone are the days when you could fire off an email and assume it went directly into your customers’ inboxes. Between spam filters, anti-virus programs, and blacklist-based email filters your email delivery is controlled by several layers of security. But, do you know anything about how that security works? Do you know if your email is getting through? Do you get any feedback from users? Blacklists are just part of the equation. By the time you know you are on a blacklist, it’s already too late, your email is already being denied.
In addition, you are probably using several 3rd party companies to email for you. These could include a bulk email service, marketing automation, forwarders or even rogue email systems sitting in your network. Do you know if you or partners emailing on your behalf have good reputations with your customers, their inbox providers and those security tools I mentioned? Do you get any feedback until you’re blacklisted?
In recent years, Google and Outlook.com have been rapidly gaining market share as inbox providers. They and many other companies are prioritizing email that has passed SPF verification and is signed by a valid DKIM signature. Are you ready for SPF and DKIM? Do you know if all your 3rd party emailers are covered in your SPF record?
Finally, email spoofing is becoming one of the biggest methods for exploiting a company’s brand to obtain private information and user credentials. Do you know who is leveraging your brand to spoof your customers?
How do you manage email delivery?
The short answer is to adopt three important technologies:
- SPF – Enables you to tell the world who is legitimately allowed to send email on your behalf
- DKIM – Enables you to sign email and take ownership of the quality of the email you send
- DMARC – Enables you to publish an email address where you can receive feedback from inbox providers about the quality of the email coming from your domain and control how a provider processes email that fails SPF or DKIM.
With all three technologies, you take ownership for the email you send, designate additional senders for your domain and get feedback on email sent by you, your senders and potentially malicious senders. This is the start of email delivery management.
After talking with dozens of clients, we realized that our customers needed help decoding DMARC reports and understanding:
- Who is sending email purporting to be from your domain
- What is the reputation of your domains and delegated IPs
- Where other senders are and What their reputations are
- How your SPF, DKIM and DMARC setup is performing
- What senders are failing DKIM
- What senders are failing SPF verification
- When to setup more restrictive policies for DMARC
Check out MxDelivery Center and how our experts can help you better reach your customers.
Blacklisting can be a pretty complex issue. There are several different catgories of blacklists and each finds bad actors in it’s own unique way: honeypots, customer reports, protocol scans, etc. This can leave many users confused.
What blacklists matter?
Which ones should I monitor?
What servers should I monitor?
First, MxToolbox monitors the most comprehensive, best curated list of blacklists. Our experts understand blacklists and the causes of blacklisting better than anyone out there. You can trust that our list of 100+ blacklists is the list you need to know about for your online reputation. In fact, new blacklists are often asking us to add them to our checks!
Second, you need to understand the causes of blacklisting. Even if you are using a legitimate server on a legitimate IP address, you could legitimately get caught in a blacklist honeypot, attacked by malware, accidentally spam someone and flagged for malicious activity. Monitoring your servers for blacklisting is like an insurance policy – you need it whether or not you’re planning to have an accident.
Our experts recommend the following monitors to ensure your email delivery and online operations by monitoring your blacklist reputation:
- IP Blacklist monitor for each mail server IP
At minimum, you should have an IP monitor for the IP referenced in your MX record
- IP Blacklist monitor for each web server IP
At minimum, you should have an IP monitor for the IP referenced by your website’s A record so that traffic is not interrupted to your e-commerce site.
- Domain Blacklist monitor for your domain
This is optional, few companies are referenced enough in spam to be blacklisted unless they really are a major source of spam, malware or botnets.
There are other monitors that will help your overall system reputation, stability and reliability:
- An MX monitor for your mail server in case it should ever be changed or DNS go down
- An A record monitor for webserver
- A SMTP monitor for your mail server to ensure uptime and report downtime and issues with availability
- A Mailflow monitor to check your end-to-end mail system performance
Every so often a customer contacts us because they feel it is taking too long to be de-listed from a blacklist or they were almost immediately re-listed on a blacklist. We have a few recommendations for you:
First, be patient! Some blacklists are operated by a small team that must field hundreds or thousands of requests every day. They need time to get to your issue. Some blacklists require a minimum delay before they will delist an IP address or domain. This is for everyone’s protection. They have no credibility as an anti-spam service if they delist a regular spammer or if they delist someone with a malware infestation before it has been remedied. Blacklist administrators need time to trust your servers again. Give them time. It’s painful for you, but it’s temporary.
Second, research your issue! You may not think you have an issue, but it is very rare that your email randomly dropped into a honeypot or other spamtrap that blacklist administrators use to create their lists. You have an issue, somewhere. It might be a malware infection, it might be an accidental inclusion in an email campaign, it could be an internal user sending malicious email by accident. Regardless, you need to do some research into your systems to make sure it doesn’t happen again! And, you may need to look into your internal email controls and policies. You should be doing this anyway, but now is the time to make a special effort!
Finally, fix your issue! Put new policies in place. Invest in new email controls. Talk with Marketing about how they do campaigns. Setup user controls. Sweep your systems for malware. Clean your house. This will save you time and money down the road. And, you can mention all this in your next request to delist. The blacklist provider will appreciate the work.
Why do all this work if it was an accident? How do you know it was really an accident you were listed? You don’t unless you look into it and there’s tremendous risk in assuming that you’re “okay”. The downside of being listed a second or third time is severe: you will be listed for a much longer time and it will be much more difficult to be delisted. In fact, most blacklist administrators have a three-strikes policy. A third listing and you’ll likely be blacklisted for the better part of a year. Continued listing could get you on their permanent blacklist.
Yes, I am trying to scare you. Yes, this is serious. Yes, this requires you to work to fix the issue. Get started! The downside is much more severe than the minor inconvenience you are experiencing with your first blacklisting or even with your delisting request being delayed. And, remember, paid MxToolbox users don’t have to go it alone: we provide delisting support services to help you get off these lists. But, we can’t magically delist you: you still have to do the work.
To start, let me welcome you to the new blog. Same content, better format!
Today’s topic is about curating the blacklists we search and how our experts decide to select a blacklist to be included on our site.
First, our experts in email deliverability look at what blacklists are being used by actual mail service providers, internet service providers and medium and large companies as part of their anti-spam filters. Chances are good that if we list it, someone is using it to block spam somewhere.
Second, we require that there is some form of free delisting. While the blacklist may have an express delisting fee or some other fee or donation associated with it, all our blacklists have a method of freely delisting your IP address or domain. This may be a painfully long automatic delisting, but it’s still free.
Note: Automated delisting is becoming more popular as delisting requests require significant oversight. The idea behind automated delisting is that repeated issues are a sign of a repeated problem. Delisting occurs typically when the issue for which the IP or domain was listed has not occurred in a certain amount of time, often proportional to the time the issue did occur. Protected Sky is an example of a blacklist with an automated delisting. Patience is required with these.
Finally, we look at relevance to our customers. There are many blacklists out there, but are they in use? Are they active? Do they overlap other blacklists? Are they limited to regional email traffic?
While we look at relevance to our customers, and where are customers are, the biggest test of relevance for your email is this: Are you experiencing bounced email and on a blacklist? If you are experiencing bounces and on a blacklist we don’t support, let us know. We will work to get add the blacklist if it is publicly available. If you are on a blacklist we curate and not experiencing bounces, congratulations! That means none of your customers or partners are using that blacklist as a spam filter.
At any time, if you have questions or comments about our blacklist curation, please email email@example.com
Blacklists came about as a response to unethical and illegal spam. Blacklists have no other purpose but to stop bad or malicious acts, so they typically occupy the ethical high ground. Since they are used by businesses, universities and internet service providers to screen traffic, they are incented to be ethical, list only known bad actors and not list legitimate commercial traffic. To do otherwise would undermine the value of their service to their own customers.
All that said, MxToolbox carefully curates a list of the most used and best maintained blacklists. All the blacklists we check provide free delisting services. We feel that requiring payment for delisting is not ethical. However, a few blacklists offer expedited delisting services, which is a bit of a grey area. Other blacklists may ask strange or seemingly random questions. Think of this as geeks being geeks, rather than anything malicious or unethical.