What is an IP or Domain Blacklist and why do people use them?

Internet service providers use blacklists to protect their customers from receiving spam emails or malicious content in their inboxes. A blacklist will contain details of IP addresses or domains thought to be sending spam email, and will help the server to identify what mail should be allowed through to the users’ inbox.

Why is my website now on an IP or Domain Blacklist?

When used correctly, a blacklist is a great tool for keeping spam to a minimum; however, they don’t always get it right.If you find your website has been blacklisted, there are a couple of things that may have triggered it. The more common reason is that someone may have reported your email as spam. This can happen when people forget they may have opted in to receive communication from your company, for example in a survey, and see your incoming mail as unsolicited email. If you do a large-scale mail out to your customers this could also catch the eye of a blacklist, an increase in communication volume can often be a red flag.

Getting “Delisted” / The Blacklist-Removal Process

Most of the time being blacklisted is a temporary, which is just as well as there’s not a lot you can do about it in the meantime unless you call in the professionals. The majority of large internet service providers (ISP) have an automatic review process in place on their blacklists. They’ll keep an eye on your website and if they can see that you haven’t sent any spam emails after a week or two, they’ll automatically remove you. MySiteGuard offers blacklist delisting support as well as blacklist monitoring so your downtime can be kept to a minimum.

Common methods of spam filtering

Bayesian Filter -This content based filter works by scanning an email and checking the text it contains against a list of words found in legitimate emails, and list from known spam emails. Based on the amount of times a word appears in an email and which list it appears in, the filter calculates the probability of whether the email is spam. While regarded as an advanced method of spam filtering, it is time consuming initially as the user needs to manually flag each email as either spam or legitimate to begin with. The longer the Bayesian filter is used the more effective it becomes as the lists become more comprehensive.

SPF / DKIM – Sender Policy Framework (SPF) is designed to prevent spammers forging sender addresses from your domain, also known as “spoofing”. It works by creating an SPF record of the authorised sending hosts under a particular domain name, so the recipient of an email can check that the email sender is an authorised host.

DomainKeys Identified Mail (DKIM) means that the recipient of an email can check to see if it did really come from the domain it claims to have originated from. It does this by embedding a digital signature in email messages, which allows the recipient to verify the authenticity of an email sender by checking the signature against public keys in the domain name server (DNS). 

Sender Reputation – This filter uses reputation metrics to calculate a sites “reputation” in order to determine whether emails originating from that domain should be delivered or blocked. Reputations are calculated by considering factors such as how long an email sender has been communicating from a domain or IP address, the volume of mail generated, and whether any mail recipients have flagged emails from a particular domain or IP address as spam.

Spam methods and types

Spamvertising Sites – Most commonly touting commercial products like miracle weight loss pills and other pharmaceutical paraphernalia, spamvertising sites will generate spam emails with product links embedded in order to generate traffic to their site, and potentially boost search engine ratings.

Phishing – Phishing scams are designed to obtain your personal information (credit card details, pin codes, passwords etc.) by pretending to be a trustworthy organisation (such as your bank), and using a fake website.

Fraud (419 Scam) – Probably the type we are all most familiar with, these scams attempt to defraud victims of money. Commonly known as a “Nigerian scam” these emails usually promise a share in a large sum of money or shares in exchange for a small one-off or upfront payment.

How to report Spam

If you receive a spam email, you can report it to us and we’ll pass it on to our network of security partners!

MySiteGuard spam reporter: spam@mysiteguard.com