Perhaps you are reading this because your email system is on a Blacklist; or perhaps you are interested in how these services can improve your client's experience. This document describes these services in some detail and provides information on how they operate. If your system has been blacklisted, this document will provide information on removal from the blacklist.
These services exist due to the large volume of spam or unsolicited commerical email (UCE). Blacklists (also known as DNSBL) are lists of email addresses, servers and/or IP address that are known, to the blacklist owner, to send UCE. Many organizations provide this service; a partial list is below. Greylists are like a blacklist and require some method of re-validation of the sender. These are usually implemented on the recipient's server via temporary delay or bounce-back messages. Whitelists are lists of known valid email addresses or servers, usually maintained per recipient address.
If your organization is blacklisted and needs assistance, please contact Edoceo for blacklist testing and monitoring services.
As described above these are known malicious email addresses or servers. An address or server may be blacklisted for many reasons. For instance, sbcglobal.net is blacklisted by rfc-ignorant.net because they do not maintain RFC-required accounts. Email servers run from broadband connections with dynamic IPs may be blacklisted because of the address pool they reside in. If the sending server or address is blacklisted, one must contact the blacklist maintainer and request removal.
If a sending server is blacklisted, one can expect mail from that system to fail for many of the desired recipients. Many major ISPs are using DNSBL to reject the large volumes of spam that target them. For legitimate senders this can be an issue. If your ISP is blacklisted request they fix the problem or find a new ISP.
It may also be desireable to subscribe to a blacklist-monitoring service to identify when blacklisting has occurred. These monitors may also offer resolution and removal services too.
Greylists delay a message until the sender of the message can be validated. Some systems, i.e. postgrey, will perform this task with no user intervention. Other systems will generate a message to the sender which requires some action on their part to validate the orignal message. Greylists aim to defeat UCE senders through a double validation of the sender.
In the specific example of postgrey the first time a sender address is seen, it will be greylisted the recipient server will generate a temporary failure message (SMTP 4xx code). The sending-server must resend (per RFC standard) and will then be allowed through with no delay. Generally mailbombers sending UCE will not retry the message as UCE softwares generally don't follow RFCs.
This is a simple list of known valid sender addresses, domains and/or servers. In the specific case of Edoceo, we have whitelisted a few domains for our clients because the sending servers were on a blacklist or not RFC compliant. Many times these lists are maintained on a per user, or per recipient, domain basis.
If a server is blacklisted one must contact the blacklist maintainer to request removal. Removal from these lists is not guarnteed. For example, rfc-ignorant.org will test the system that was requested for removal and only remove if the system passes the tests. Each blacklist that identifies a sending server will require individual submission for removal.
There are consultants and others who provide blacklist monitoring. These services monitor the subscribers' servers and addresses to ensure they are not blacklisted. Many times the organizations that offer monitoring services will also provide resolutions and removal services.
- SpamCop - Spam blacklists
- RFC Ignorant - Lists of system with ignorant administrators
- Composite Blocking List - Uses spam traps for detection
- Distributed Sender Blackhole - IPs of servers that operate poorly
- SpamHaus - Tracks Spammers and Spam Gangs
- Blacklist Services List - Provided by Declude
About the Author
/djb has been working with computers since 1987.
During his career he has been a Desktop Support Specialist, Network Engineer, Systems Analyst, Security Analyst and Solutions Engineer in the hi-tech, bio-tech, financial and legal industries.