/ Do you have Preventative Measures in Place to Prevent your Email IP being Blacklisted?
Outbound Scanning Tools will prevent IP Domain Blocking Battles!
Let's first access the situation. Do you have 2 (or more) different, separate IP addresses for :
- Your email server?
- Your network internet access?
Is your network locked down to prevent infections? Have many of the following do you have in place?
- Network infrastructure/architecture is secure
- Inbound spam/malware/virus filtering
- Web access filtering
- Endpoint anti-virus
- OS and software security patches up to date
Have you set up your mail server so it is not an open relay?
Other Important questions to answer :
- Do you have a firewall rule ensuring that the only thing allowed to send SMTP out of your environment is your mail server – to block infected workstations from sending email?
- Are you logging attempted violations and do you have an alert set up to notify you so you can immediately investigate any possible infections?
- Do you pass your outbound mail through a spam filter?
- Do you have an appropriate SPF record?
- Are you using a reputable DNS service? i.e. not an open or free DNS (such as Google’s 220.127.116.11). Otherwise, URIBLs will not even respond to blacklist queries from your spam filter and you risk allowing incoming emails with known malware delivery sites URL links.
- Have you worked with your Marketing department to get them using an autoresponder (such as ConstantContact, Mailchimp, etc) account for their mass mailing needs – so that these high volume emails are not sent from your mail server? Note that simply sending a sudden high volume of (clean) email from a previously low volume domain will get your email rejected by ESPs.
- Do you have rules limiting the number of sent messages per day and number of recipients per day?
- Have you implemented multiple outbound netblocks to cycle your outbound IP through, so that if you do get blacklisted, you can recover in a snap simply by switching to the next netblock?
- Do you have a second Internet connection with different IP address range, for failover?
- From a preventive standpoint, do you have the mail logs parsed for unusual spikes and odd patterns?
- Do you have automated log analysis?
- Have you set up thresholds and alerts?
If you answered NO to more than 3 of the above questions you should think about an immediate and comprehensive review of your network security. What are the obstacles that have delayed/prevented you getting these implemented?
You can solve almost all of the difficult stuff in the list above – quickly, easily, and economically with SpamTitan Email Security.
How it works:
- What if you could have your outbound spam filtering, rate controls, and outbound IP netblock pools managed in the same box – so that you can limit by number of emails per unit time (seconds, minutes, hours), or size per unit time, per mailbox, per domain, for all traffic through the box, and/or by destination IP, domains, etc. – with alerts for threshold volations?
- And allocate pools of IP address blocks to groups of domains – so that low volume email is sent via new or rehabilitated email addresses (e.g. previously blacklisted) to rebuild their reputation (with stricter limits on throughput) while “safe” email (e.g. from reputable customers with a history of high-volume/low-spam email) is delivered via a separate pool of IP addresses.
- Per IP pool, you can rotate through IP addresses so that the risk of blacklisting (even in the event of a spambot on the network – now throttled by rate control, and raising an early warning alert) will not send all of (the significantly reduced level of ) spam via the same outbound IP address – so it will be far less likely to breach the spam threshold that would normally result in IP blacklisting.
- And what if all of this was in the same appliance – that could be downloaded, installed and configured within an hour or two? Let me introduce you to SpamTitan antispam.
Most people who attempt to track the global level of spam being sent, estimate anywhere between 70%-95% of all email transmitted daily across the Internet is spam. This is why there exists published public blacklists of mail servers that have been relaying spam. These lists allow other mail servers to first check if they’re receiving an email from a server’s IP address that might have possibly been flagged for sending spam in the past. It’s not uncommon for a server’s mail IP address to temporarily end up on a public blacklist, especially if you’re on a shared server. This can happen for several reasons but can be mitigated against as outline above.
How it can be prevented
SpamTitan uses layers of security and network tests (both inbound and outbound) to protect your network from attack. With a lot of deployment flexibility you can choose the best fit for your IT environment. Reduce your risk of being blacklisted quickly, easily, and economically with SpamTitan which included crucial features to prevent blacklisting including outbound spam and malware filtering, rate limiting and IP rotation – as well as providing separate IP addresses from the company
Learn all about SpamTitan's inbound and outbound scanning to prevent your organisations IP Domain,
Try a FREE Trial today
View SpamTitan Demo