Berry King
asked on
What to do if your email server ends up on the black list.
New to Exchange, New to email. Trying to set up procedures on what to do if your exchange server ends up on the blacklist. Is there a step by step guide.
1) Stop sending all email, till problem is resolved.
This means blocking all outgoing port 25 (SMTP) traffic.
2) Determine source of spam... which could be...
a) Someone forging messages from your domain. Fix: Setup correct SPF + DKIM DNS records + setup correct DKIM message signing.
b) Someone is sending spam from your IP(s) consciously.
c) Someone has hacked your IP(s) + sending spam without your knowledge.
3) Close all spam sources.
4) Wait till RBLs clear, as most are completely automated now.
5) Important: Do not ever go through any whitelisting process (to remove yourself from an RBL) till you're 100% sure you've locked down your infrastructure. Each time you whitelist yourself + then get blacklisted again, the blacklist timer elongates. If you do this several times, you can end up blacklisted for months or a year, with no hope of whitelisting.
This means blocking all outgoing port 25 (SMTP) traffic.
2) Determine source of spam... which could be...
a) Someone forging messages from your domain. Fix: Setup correct SPF + DKIM DNS records + setup correct DKIM message signing.
b) Someone is sending spam from your IP(s) consciously.
c) Someone has hacked your IP(s) + sending spam without your knowledge.
3) Close all spam sources.
4) Wait till RBLs clear, as most are completely automated now.
5) Important: Do not ever go through any whitelisting process (to remove yourself from an RBL) till you're 100% sure you've locked down your infrastructure. Each time you whitelist yourself + then get blacklisted again, the blacklist timer elongates. If you do this several times, you can end up blacklisted for months or a year, with no hope of whitelisting.
You asked for a step-by-step guide. This is long + complex.
1) Better to just use a Mail Relay system like MailGun where you submit mail through MailGun via an authenticated port 587 submission.
Then enable MailGun spam filtering.
First 10K messages/month are free through MailGun, so likely you'll never pay anything for the service.
2) Another alternative is to find one of the many lengthy guides on the net + follow each step.
3) Another alternative, if you're losing huge amounts of daily money, is the hire someone to fix this problem for you.
1) Better to just use a Mail Relay system like MailGun where you submit mail through MailGun via an authenticated port 587 submission.
Then enable MailGun spam filtering.
First 10K messages/month are free through MailGun, so likely you'll never pay anything for the service.
2) Another alternative is to find one of the many lengthy guides on the net + follow each step.
3) Another alternative, if you're losing huge amounts of daily money, is the hire someone to fix this problem for you.
Whatever you do choose prepare for SPF, DKIM & DMARC as those are the only ones to prevent 3rd party spam
Be sure to set them up correctly.
Also prevent anything sending "mail" , except from the authorized mail servers you do control to send mail to somewhere else.
Use authenticated mail where needed to submit to those mailservers.
Be sure to set them up correctly.
Also prevent anything sending "mail" , except from the authorized mail servers you do control to send mail to somewhere else.
Use authenticated mail where needed to submit to those mailservers.
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
You need to ensure all the machines are properly patched and not sending any malicious contents to internet and request for a release..
Example reference to check IP - https://www.spamhaus.org/lookup/