554 5.7.1 Service unavailable; Client host [154.0.***.**] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBL289647
SMTP error from remote mail server after pipelined DATA:
550-197.242.**.*** listed at zen.spamhaus.org
You’d seen these error messages in your mail server, if your IP address has ever got listed in Spamhaus SBL. Getting blacklisted in SBL is a concern for many web hosts, as it often leads to customer complaints about mail delivery failures.
Our engineers fix Spamhaus issues everyday in their role as Outsourced Support Specialists for web hosting providers. Since Spamhaus checks only for their SPAM criteria, we’ve seen that even perfectly legitimate business mails were tagged as spam.
If not monitored closely or not taken proper preventive measures, chances are that the IP gets listed again, soon after delisting it. Sr. Support Engineer Hamish explains:
“SBL blacklisting often happens without a warning or grace period. Spamhaus SBL lists are updated every 10 minutes, and many a times, web hosts know about the blacklisting only when users complain about email bounces. If not delisted promptly, the IP can remain in the list for about 6 months, affecting mail delivery over this entire period. ”
[ You don’t have to lose your sleep to keep your customers happy. Our Hosting Support Specialists cover your servers and support your customers 24/7 at just $9.99/hour. ]
What is SpamHaus Block List (SBL)?
Spamhaus Block List (“SBL”) is a database of IP addresses which are marked as direct or supportive sources of spam, based on Spamhaus’s criteria.
The causes for SBL block can be broadly categorized into two – 1. Your mail server sending out spam directly 2. Your server gets being labeled as a source of spam indirectly.
In direct spamming, spam mails originate from your servers and is sent to other mail servers.
“Spammers or attackers can use your mail servers to send out spam”, says Hamish. “Vulnerable software or malicious scripts can be the source of such spamming. Valid users sending out unsolicited bulk mails from your server can also cause it to be blacklisted.”
Your mail server can get listed as spam due to its indirect involvement with spammers.
“Massive spamming that involves multiple IP address in a network can end up blacklisting the entire IP range.”, Dileep adds on. “If your server happens to be in that range, you’d be blacklisted too. Spam traps that get accidentally added to user mailing lists in your server is another reason for blacklist.”
Many mail servers use Spamhaus SBL to verify whether an incoming mail is from a sender whose IP is blacklisted or not. Mails from servers listed in SBL are rejected, as a preventive measure to combat spam.
That’s why getting listed in blacklist is not a good thing for web hosts, as it would directly affect your server reputation and cause trouble to the valid customers who use these mail servers to send mails.
So, why do you get blacklisted even if you don’t send out spam mails?
[ Use your time to build your business. We’ll take care of your customers. Hire Our Hosting Support Specialists at $9.99/hr. ]
How does your server get listed in SBL even if you are not sending out spam?
SBL is updated every 10 minutes, and without even verifying the content of the mails. Spamhaus has its own definition for spam, and this criteria is focused more on the consent of the receiver, than its content.
If an email is unsolicited and sent in bulk (UBE), then the message is treated as spam by Spamhaus. Servers who have users sending out such mails would be considered as spammers and added to SBL.
Bobcares Support Engineer Dileep explains:
“Web hosts often have users sending out bulk emails as a part of their business promotions, inquiries, etc. But these ‘legitimate’ mails can cause your server IP to end up in the SBL. Once listed, these records would remain intact for a long period. That’s why it is crucial for web hosts to act promptly and get the IP delisted to ensure seamless mail delivery.”
So, what’s the solution?
IP blacklist removal from SpamHaus SBL
Analyzing the mail logs regularly helps us to detect SBL blocks in a timely manner. A sudden inflow of mail delivery failures and email bounce messages can hint that the mail server has been blacklisted.
A blacklist notification may not reveal the cause for the blacklist in all cases. The immediate action we take when a customer’s server IP is blacklisted in Spamhaus SBL, is to find the source of spamming and to fix it.
We lookup the IP address at ‘https://www.spamhaus.org/lookup/’ to confirm if an IP address is in SBL and obtain the details of the block.
Spamhaus SBL lookup
“After addressing the issues mentioned in the SBL listing page, a request can be sent to Spamhaus to delist the IP address.”, as per Hamish. “We also adopt precautionary measures such as changing the mail server IP and updating the RDNS records, to ensure seamless email delivery, after gauging the depth of the issue”.
[ Running a hosting business doesn’t have to be hard, or costly. Get world class Hosting Support Specialists at $9.99/hour (bulk discounts available) ]
Preventing mail bounces due to SpamHaus SBL listing
Caution has to be exercised to prevent an IP address from blacklisted repeatedly, as it can lead to non-removal of your IP address from the SBL for a longer period of time.
That’s why we take preventive measures to secure our customers’ mail servers from sending out spam and getting blacklisted. Our engineers adopt these best practices while managing our customers’ mail servers.
- Preventing users from sending out spam using anti-spam mail queue scanners.
- Limiting the number of emails users can send out from the server.
- Securing the mail server to prevent open relays and restricting access to only valid users.
- Scanning and disabling malicious scripts from sending mails from the servers.
- Configuring anti-spam records such as RDNS, SPF and DKIM for the user domains
“We’re always focused on pro-active actions,” says Dileep. “With our custom log monitoring scripts and alerts, we detect and prevent spamming in our customers servers. That’s how we ensure that they don’t get blacklisted or mail delivery failures never happen. “
0 Comments