What Are Email Blacklists?

Most web hosting providers have at one time or another experienced having one of their servers blacklisted by email receivers. If you find yourself in this sticky (but common) situation, there are steps you can take to fix the problem.

Blacklisting occurs when your IP address is actively blocked by email receivers so that any email you are trying to send cannot be delivered.

Email receivers typically block an IP address because their users have reported a high rate of unwanted or dangerous email from that IP address.

If one of your IPs is on a blacklist, your customers are likely to notice and generate a lot of support tickets. When email is being blocked, the impact is immediate and severe.

 

How do email blacklists work?

You should have a basic understanding of how blacklists work to know what you can do as a web hosting provider to reduce your risk of being blacklisted.

Modern email receivers such as Gmail block an IP address when recipients either complain a great deal about or don’t interact much with (i.e. fail to open) messages from that IP address. Another common reason to block an address is when known-bad messages are received from it, such as messages containing URLs that point to malicious content such as phishing sites.

Another way to get blacklisted is to send email to a spam trap, a special-purpose email address that never receives legitimate email but rather acts as a “canary in the coal mine” to detect when a spammer has picked up an address he or she should never send email to.

There are several types of spam traps:

Recycled Spam Traps

These email addresses were once valid, but are now dormant. If they are dormant for a certain amount of time (the time varies by service provider), they are flagged as spam traps and could set off spam filters. Anti-spam operators often buy old or disused domains in order to obtain a set of recycled spam traps.

Typo Traps

These email addresses ended up on recipient lists due to user error, and never arrive at their destination. For example, somebody typed [email protected] instead of [email protected] If many sent emails on a sender’s list are typo traps, then the service provider flags the sender as engaging in poor list acquisition practices and/or poor user list hygiene.

Pristine Traps

These email addresses and domains were never used to actively sign up to receive email. They typically end up on mailing lists when senders engage in practices such as purchasing, renting, or scraping addresses.

Note that user-generated feedback is another way that service providers round out their blacklists. If many users report unsolicited emails, the senders of those emails may be manually placed on blacklists.

 

How to find out if you’re on an email blacklist

There are as many blacklists as there are service providers, but a good starting point is to check who is blacklisting your IPs or domains. See if they are one or more of these standard lists:

The Spamhaus Project tracks spam sources and maintains a number of DNSBLs. It also provides anti-spam protection. They provide a blocklist removal center you can use to request to be removed from their list.

Spam and Open Relay Blocking System (SORBS) is a list of email servers suspected of sending or relaying spam. It has been augmented with complementary lists that include various other classes of hosts, allowing for customized email rejection by its users.

Mail Abuse Prevention System (MAPS) is an organization that provides anti-spam support by maintaining a DNSBL. They provide five black lists, categorising why an address or an IP black is listed. MAPS was acquired by Trend Micro, Inc. in June 2005.

UCEPROTECT is a controversial DNS blacklisting service that is comprised of three distinct zones with each having different listing criteria.

BarracudaReputation Block List (BRBL) is a free DNS blacklist (DNSBL) of IP addresses known to send spam.

Invaluement provides an anti-spam DNSBL that identifies elusive senders of spam, such as senders of unsolicited bulk email that escapes traditional detection methods.

MXToolBox shows you whether or not your domain or IP address is blacklisted and performs checks on your DNS to see how it is configured.

MultiRBL is a free multiple DNS blacklist service that cross-references other blacklists by IPV4, IPV6, or by domain.

The Spamcop Blocking List (SCBL) identifies IP addresses that sent mail reported as spam by SpamCop users.

SURBL URI reputation data are not lists of message senders, but instead are lists of websites that have appeared in unsolicited messages.

 

How to get off an email blacklist

Your IP address will end up on a blacklist if you or your customers are sending to spam traps or there are public complaints that you are sending spam. You need to know how to get off blacklists.

As a service provider, you have to act on behalf of email receivers to assess what your own customers might be doing to trigger a blacklisting. Start by asking the following questions:

  1. Are your customers following best practices when constructing their email lists?
  2. Are your customers compromised? Is someone else using their account to send spam?
  3. Evaluate your sunsetting policy. Are there too many dead email addresses in your lists that are bouncing because they have become spam traps?

After you complete the two steps above (and ONLY after you complete them), request a delisting from the web hosting company and DNSBL sites using their relevant blacklist removal form.

You can go to each DNSBL site and enter your IP address to check if you are blacklisted. If you are on the list, follow the instructions at that site to get removed.

 

Be proactive!

When you find yourself on a blacklist, you must be proactive to remove yourself and stay off blacklists in the future. It is important for your reputation management. ISPs expect to see you trying to remedy your delivery challenges in a timely and concerned way.

If you find you are on a blacklist and feel out of your depth, there are deliverability experts to help you navigate the ISP landscape. Use these experts as resources to get your email delivery back up and running before you lose too much valuable engagement time with your customers and suppliers.

 

Reduce the risk

How do you avoid email blacklists? To reduce the risk, make sure you pay attention to your IP reputation as an email marketer. Monitor your complaint rates closely. Check DNS blacklists periodically to ensure you aren’t on them. Check your stats with each campaign deployment and look for delivery dips and low engagement rates.

By tracking your reputation, you can prevent delivery failures before they happen.

Also, be careful when you add new subscribers. Make sure you have the following procedures in place to verify you aren’t adding spam traps:

Confirmed opt-in

Many email marketers send a confirmation email to new email addresses before adding them to their active mailing list(s).

This ensures that the new addresses are valid. It also improves open and click rates because the recipients took the time to confirm. As a result, the ROI per message will be high.

Confirmed opt-ins have some disadvantages, such as fewer marketing email opt-ins due to the added “friction” in the sign-up process. But they do guarantee you are sending to valid, engaged recipients.

Engagement-Based Sunsetting

Some email marketers have active procedures in place to remove email addresses from their mailing lists that have not opened or clicked for a period of time. The time period varies, depending on factors like the industry and sending frequency.

By sunsetting dormant email addresses, you will remove “dead weight” from your email lists, improve ROI per message sent, and enhance your reputation because you are sending only to recently engaged recipients—and not sending to people who don’t want the emails. This practice will reduce recipient spam reports and unsubscribes, and reduce exposure to recycled spam traps and typo traps.

Engagement-based sunsetting has a few disadvantages, not least the technical logic requirements of checking who is engaged. With reduced list size, you may also be leaving some money on the table because you are no longer engaging with a group of formerly active users. You should first determine if there’s a percentage of non-engaged email recipients who may eventually be active again, and if this may cause you loss of revenue.

Real-Time Address Validation

Some email marketers check email addresses at the time of signup, to check for valid email addresses and common typos. This procedure reduces the chances that email addresses will be invalid, and when used instead of confirmed opt-ins will cause less friction for users. New sign-ins may even be impressed you caught their typos!

Real-time address validation is not easy, and will require additional engineering and technical effort to build the verification logic. If using a third-party service, licensing costs need to be considered.

 

In Summary

Blacklists help everyone by keeping the majority of spam out of our mailboxes. They ensure that recipients only receive email they opted in to receive, with explicit and informed consent, and prevent disgruntled recipients from complaining about unwanted emails.

There is no one preventative measure that will guarantee zero blacklistings, and your business model (including the volume of mail you send and how important it is to your business) will determine the best measures you can take to reduce the risk of ending up on a blacklist.

If you are doing all you can do to send email that people want to read, it will reduce the risk of being blacklisted—and make the process of getting delisted that much easier if it happens.

 

Related articles:

Never worry about IP blacklisting

MailChannels Outbound Filtering can help