michael orlitzky

So you're blacklisted…

now what?

The Short Version

Why was my email rejected?

Your message was rejected because you have been sending spam. Probably not you personally, but someone with whom you share a mail server has been sending spam, and we can't tell you apart (background).

But I can send to everyone else!

No you can't. There are many ways that people choose to deal with spam. Our mail server is nice and lets you know that your message was not received. Other people will accept the message and silently “junk” it.

If you're on a blacklist, you can be sure that we are not the only ones who have noticed.

Ok, what can I do about it?

Before you can be removed from a blacklist, the spam must stop.

Do you (or your company) run your own mail server? If so, a machine within your organization is sending spam. This is most likely due to a virus on one of your computers. If more scientific methods fail, you can run a full virus scan on every machine to catch the culprit. Once the virus has been found and removed, your server may be de-listed through the blacklist's website. Contact your IT people.

Are you on shared hosting through a company like GoDaddy or Network Solutions? In that case, you must contact that company to let them know about the problem. They need to track down the culprit, eliminate him, and then de-list themselves. If your hosting company is not responsive, you may ultimately want to switch providers.

Are you using a free email provider like Yahoo, Gmail, Hotmail, or AOL? Then you get what you pay for. You'll just have to wait until they fix it. See our list of responsible hosting companies.

That sounds hard, can't you just whitelist me?

No, sorry. We can't whitelist your server, because your server is sending spam. We can't whitelist your domain, because the blacklist rejection happens before we know the sender's domain. That brings us to,

The Long Version

Background

Email is sent across the internet from one person (the sender) to another (the recipient) through a series of relays, called hops. Suppose you send me a message; a typical scenario looks like,

  1. The message originates on your PC.
  2. Your PC hands off the message to your company's or your ISP's mail server (first hop).
  3. Your mail server delivers the message to my mail server (second hop).
  4. When I next check my mail, your message is downloaded onto my computer where I can read it (third hop).

There are often more hops in the middle, but the simplified scenario suffices to undertand what's going on.

At any given point, some machine, somewhere on the internet, “has” the message. That machine knows the next hop, because that's where he needs to send the message next. He also knows the previous hop, because that's who gave him the message. But this is all he knows. The server with the message can't “see” where the message came from; nor can he “see” where it will ultimately wind up.

Why is this important? Because mail servers build a reputation over time. Mail servers that send spam and viruses build a bad reputation, while everyone else generally builds up a good reputation. But as a recipient, the only server we meet is the previous hop—the guy who hands us the message! Therefore “your” reputation is really the reputation of the server that hands us your messages.

This matters to you because, if you share a mail server with a spammer, we are unable to tell you two apart. The bad reputation that the spammer builds, is, for all intents and purposes, your reputation as well.

Keeping that in mind, we can group mail providers into a few different types:

  1. Run your own. You or your company have a dedicated server that only sends mail for your organization. It almost always has a fixed IP address. The reputation of that server is your reputation, and so you share a reputation with your coworkers.

    Examples include corporate Exchange servers and colocation plans.

  2. Shared hosting with a fixed IP address. You share a mail server with other people, but you (and they) always send from the same server. That one server has a single, fixed IP address. You share a reputation with everyone else who uses that same server.

    Our email hosting is an example of this, and some of the smaller more-reputable retail hosts do it as well.

  3. Shared hosting with a pool of IP addresses. When you send a message, it is relayed from a server chosen “at random” from a pool of available servers. That pool is shared by every customer of the hosting company. You therefore share a reputation with all of its customers.

    The important feature of this scheme is that problems are spread out, like with snowshoes, over the pool of addresses. So problems are harder to notice (the hosting company considers this a good thing!), and take longer to fix.

  4. Bundled with internet access. When you sign up for home/business internet, you often receive a set of “free” email accounts. These accounts send through servers controlled by the ISP, and everyone who obtains internet access from that company can use them. You therefore share a reputation with everyone who obtains internet access from the same company in your area.

    Familiar examples are Comcast, Verizon, Earthlink, and—once upon a time—AOL.

  5. Freemail. You have a free email account through some website. You share your mail server and thus your reputation with every asshole who can operate a web browser.

    These are an extreme(ly bad) case of the shared hosting with a pool of IP addresses mentioned above.

    Examples: Yahoo, Gmail, AOL, Hotmail, …

Getting De-listed

Once you've figured out which type of mail server you have, here's how you can get de-listed.

  1. If you run your own mail server, call your IT people. The most common cause of blacklisting is a virus on your network. The virus needs to be eliminated, and then your IT people can request de-listing via the web.

  2. If you have shared hosting and a fixed IP address, neither you nor anyone else on that server will be able to send any mail until the issue is resolved. Usually this makes people angry, and that makes the hosting company respond. Send them an email with evidence of the blacklisting, an then call to make sure they're paying attention.

  3. If you're sharing a pool of IP addresses, you still need to contact the hosting company. But your job will be harder, since it is unlikely that every IP address in the pool has become blacklisted at once. This makes the problem more difficult to isolate.

    The situation is made worse by the fact that the first level of hell support at these companies is laughable. You will need to harass them until they escalate the issue to someone who knows what he's doing and who has the ability to track down the spammers.

  4. If your ISP's servers are blacklisted, see the previous case. Call them and do your best to get past the guy whose job is to tell you to reboot the computer.

  5. If you're using free, web-based email, then there's nothing you can do. Sorry. You get what you pay for. Re-send your messages when they get rejected or find a better host.

Technical Justification for Blacklisting

The main practical reason for blacklisting is lack of resources.

When someone sends a message, he expects one of two things to happen. Either the message is delivered, or he is notified (along with an excuse) that the message was not delivered. To do this properly, messages must be scanned as they arrive, and not later at the recipient's leisure.

Spam scanning is an expensive operation. Suppose, at out busiest, we are receiving 100 messages concurrently. The previous paragraph implies that we need to have the resources available to scan all 100 messages at once. Almost all email is spam, so we can't afford to waste these expensive scans on messages that are “obviously spam.” Blacklist checks are the most reliable indicator of what is “obviously spam,” and they can be done cheaply, so they are ideal for pre-screening messages to keep resource usage down.

We receive millions of messages every day, and over 95% of them are rejected immediately by blacklisting. We therefore only do a full “spam scan” on about 5% of all email traffic. This requires a certain amount of resources, and our email hosting prices reflect that amount. If we were to perform a full scan on every message, the amount of work that we do would increase twenty-fold. As would the resources required. As would our hosting prices. No one is willing to pay that premium—that's why blacklisting is so widely used and accepted.

Obstacles to Whitelisting

Technical
  1. The first obstacle has already been mentioned. The blacklist rejections happen before we do a full scan; in fact, they occur before we even know who the sender is. So we can't whitelist your domain, because we don't know your domain when we reject you for being on a blacklist.

  2. We're not the only people who will reject you for being blacklisted. If you want to be able to send email freely, either one person has to deal with the problem (you), or a billion potential recipients need to whitelist you (impractical).

  3. In many cases, the blacklisting is merely a symptom of a virus infection. Most people don't want viruses on their network, so it's much better to eliminate the virus than it is to work around its symptoms.

Moral
  1. Blacklisting punishes the bad guys, while whitelisting punishes the good guys. Moreover, if everyone was willing to whitelist a spamming server, do you think that its owner would ever fix the problem? Not a chance. Whitelisting removes the penalty for spamming and therefore increases the amount of spam sent overall.

  2. You pay someone (your IT people or your hosting company) to make sure you can send email. They should be doing the work to make that happen, not us.

  3. Reductio ad absurdum: what happens if we whitelist everyone who asks? Well, we would have to whitelist everyone, and stop rejecting spam altogether. We currently reject almost 100% of incoming messages as spam. If we stopped, our customers would see a massive increase, to the point where email is useless as a communication medium. If a lot of whitelisting is bad, so is a little bit. Tragedy of the commons and all that.

  4. Every victory improves the ecosystem. Blacklisting encourages hosts to eliminate spammers, and if a hosting company fires one of its spamming customers, then that reduces the amount of spam that everyone in the world receives. You are conferred this same benefit when other people reject senders with poor reputations.

Conclusion

If you're on shared hosting, hassle the shit out of your provider. If you're using a “freemail” service, now would be a good time to stop. Otherwise, quit reading, go fix the spam problem, and de-list yourself.

Responsible Hosting Companies

Web and Email
  1. easyDNS
  2. Gandi
  3. Hover (Tucows)
  4. Nearly Free Speech
  5. Panix
Email Only
  1. FastMail
Web Only
  1. Sonic