Dec 24, 2018

IP Blacklist Problems and its solution

IP Blacklist:
-      Scan an IP address through multiple DNS-based blacklists (DNSBL) and IP reputation services, to facilitate the detection of IP addresses involved in malware incidents and spamming activities. This service checks in real-time an IP address through more than 80 IP reputation and DNSBL services.
Blacklist Resources
-        There are a lot of blacklists, but a good starting point is checking to see if your IPs or domains are on any of these popular lists:

1)      Barracuda Reputation Block List: BRBL is a free DNS blacklist (DNSBL) of IP addresses known to send spam.
2)      Invaluement: The Invaluement anti-spam DNSBL blocks elusive types of spam where the sender is sending unsolicited bulk email and escaping traditional detection methods.
3)      MXToolBox: MXToolbox shows you whether or not your domain or IP address is blacklisted and can perform checks on your DNS to see how it is configured.
4)      MultiRBL: This free multiple DNS blacklist service cross-references other blacklists by IPV4, IPV6, or by domain.
5)      Spamcop: The SpamCop Blocking List (SCBL) lists IP addresses that had mail reported as spam by SpamCop users.
6)      Spamhaus: The Spamhaus Project maintains a number of DNSBLs as part of their effort to identify and track spam sources, and provide anti-spam protection. To be removed from this list, visit their blocklist removal center.
7)      SURBL: Unlike most lists, SURBLs are not lists of message senders. SURBLs are lists of websites that have appeared in unsolicited messages.


-          “All blacklists have different ways of determining whether or not a sender should be listed. But almost all of them use some combination of spam traps and recipient feedback. Many blacklist operators manage large networks of spam traps (email addresses that are valid, but have never signed up to receive mail, or addresses that have been inactive for an extended period of time and should no longer be receiving email). The blacklist operators will monitor these addresses and blacklist any IPs or domains that send excessive amounts of mail to them.

-          Blacklist operators also work off of user feedback. A blacklist operator can trigger a listing if they receive an excessive amount of direct abuse complaints about mail coming from your IP or your domain. The key to avoiding blacklists is to make sure you are sending mail people want, removing non-engaged users from your mailing lists, not purchasing, renting, or sharing address lists, and using a confirmed opt-in strategy for collecting addresses.”

-          Staying on top of your reputation by regularly monitoring your presence on blacklists and analyzing your engagement metrics can help clear your path to the inbox. SendGrid knows how important your reputation is, so our technical account managers and delivery team help to monitor blacklists on behalf of our customers and our 24/7 global support team is always ready and willing to help with questions.

Composite Blocking List (CBL):
-          The Composite Blocking List is a DNS based blacklist primarily intended to be used by mail servers to block inbound undesirable email containing spam or malware that was emitted by a computer virus or some other infection.
-          CBL is a DNS-based Blackhole List of suspected E-mail spam sending computer infections.
Why IP listed in CBL?
-          Open proxies of various sorts (HTTP, socks, AnalogX, wingate etc.)
-          Worms/viruses/botnets that do their own direct mail transmission, or are otherwise participating in a botnet.
-          Trojan horse or "stealth" spamware.
-          The CBL attempts to avoid listing real mail servers, but certain misconfigurations of mail servers can make the system appear infected (for example, servers that send HELO with 'localhost' or a similar incorrect domain.)
-          Entries automatically expire after a period of time.
-          The CBL does not provide public access to gathered evidence.
-          CBL data are used in Spamhaus XBL list.
How to unlist from CBL?
-          Removal from The CBL is simple; go to The CBL IP address lookup page and request that your IP address be removed. If your IP address is listed, the returned result will have instructions that explain in some detail, why you were listed, and how to go about removal. In most cases, to be delisted, you will need to secure your machine, and ask The CBL system to test your IP address again through The CBL IP address lookup page.
 
-   The CBL intentionally discloses as little information as possible about their processes in an effort to keep spammers in the dark. That which spammers do not know, can not be used in an attempt to circumvent The CBL systems.
-  Please follow the following steps to unlist ip from CBL.

  •     Go to https://www.abuseat.org/lookup.cgi
  • Please inter your Public IP address with verified Captcha and lookup for the same.
  •      Here i have already delisted the CBL blacklist so the result as above. If you have listed then click on the removal.It may takes some time for removal.



No comments:

Popular Posts