How To Resolve IP Reputation Issues
As a server administrator, one of the few things you hope never to have to deal with is poor IP reputation. Poor IP reputation makes providing email services difficult and can be a lengthy task to address. Don't loose too much sleep over this, it can be fixed. This guide will help you get your IP reputation back so you can get back to the things that matter.
How Did Your IP Get Poor Reputation?
Most likely your server was found to be sending too much spam. "Wait a minute, I don't send spam!" you say? While this is likely true, what you consider to be spam and what global users & servers do is another matter. In most cases, it takes A LOT of spam to get blacklisted. If you have found your IP on blacklists you will want to investigate your mail server logs. Chances are one of your accounts or perhaps an account of one of your customers has been breached and is being used to send spam by a third party. If this is the case the first thing you'll want to do is secure the affected account to contain the damage. If your investigation does lead to an email account breach, see my previous article on Secure Email Passwords.
Find The Blacklists You Are Listed On
A quick and easy way to do an IP blacklist check is to use MXToolbox's Blacklist checker. Add your IP address to the search field to start a review. Make note of any blacklist that is not marked as "OK". Not all global blacklists are available on MXToolbox. Notably the Microsoft Outlook/Live/Hotmail blacklist. More on this below.
Requesting a Blacklist Delisting
Okay, so you found that your IP is blacklisted on one or more lists. Most of the major blacklists provide a delisting request form. Before you fill out these forms it is crucial that any issues you had with spam have been resolved. Your plea to be delisted may be rejected if your server is still actively sending high volumes of spam.
Here are a few of the major blacklists and their delisting form URLs:
- Barracuda Central: http://www.barracudacentral.org/rbl/removal-request
- Spamhaus: http://www.spamhaus.org/lookup/
- LashBack: http://blacklist.lashback.com/
- Invaluement: http://www.invaluement.com/removal/
- DNSBL: http://www.dnsbl.manitu.net/
In some cases, you will be asked why you are requesting removal and what steps you have taken to secure any issues. Be honest and to the point and you should be fine.
Dealing With Microsoft's "Evil" Blacklist
By evil, I mean 'difficult'! Unlike most global email servers, Microsoft manages their own blacklist for their Outlook/Live/Hotmail customers. Getting delisted from this beast can be a challenge but it is possible.
The first thing you need to do is confirm your IP is blacklisted. To do this, you need to sign up for Smart Network Data Services. This service will allow you to add and monitor your IP health. This service will not only reveal if your IP is blacklisted, it provides IP management tools.
Next get enrolled in the Junk Mail Reporting Program. The Junk Mail Reporting Program (JMRP) is a service provided for email senders by Outlook.com. It lets you set up a feedback loop, so you can receive copies of messages Outlook.com users mark as junk.
Finally, sign up for Sender Score. The Sender Score is an indication of the trustworthiness of an email sender's IP address and is used by email providers and filters to determine additional email filtering criteria. Just like a credit score is used by financial institutions to decide the terms of a loan, email providers use the Sender Score to determine the terms for filtering your emails.
Once all of the above is done you can send Microsoft a request to be delisted. As of the time this article is written, all known URLs for Microsoft's delisting form are offline. As such I recommend sending an email to delist (at) messaging.microsoft.com. Please note that getting a response can take some time. I have also found that if you have not enrolled in the above programs they may ignore your request.
Be sure to use DomainKeys Identified Mail. DKIM lets an organization take responsibility for a message that is in transit. The organization is a handler of the message, either as its originator or as an intermediary. Their reputation is the basis for evaluating whether to trust the message for further handling, such as delivery. Technically DKIM provides a method for validating a domain name identity that is associated with a message through cryptographic authentication.