How to check if your IP has been blacklisted

If you’re sending emails but having low open rates than usual, it’s a good idea to check if your sender domain or IP have been blacklisted. So how can you do that? Read this article and find out.

Types of Blacklists

First, you need to understand that not all blacklists are the same. There are three types of blacklists. They are:

  1. Private or ISP Blacklists
  2. Public Blacklists
  3. Enterprise SPAM Firewalls

Since major ISPs keep their own blacklists and you often can’t query them to see if a domain or IP address have actually been blacklisted, I’ll skip these and focus more on explaining public blacklists and enterprise SPAM firewalls.

Suffice to say that you’ll need to keep an eye on your email server logs here.

Okay, now what about the other two blacklist types? When it comes to public blacklists, there are more than 120 of them registered out there. You don’t need to concern with them all though. There are solutions that help you scan those 120 blacklist databases and give you valuable reports. A couple that you should pay attention to include;

MXToolbox

MXToolbox is free blacklist monitor software that allows you to check over 40 blacklists by entering the IP address or domain name. It doesn’t provide you historial data or detailed reports.

Hetrix Tools

With HetrixTools you can do a quick RBL check straight from the home page that will show you if your domain has been blacklisted on either of 38 blacklists. Besides a free version HetrixTools also offers Personal ($9.95), Professional ($19.95), Business ($39.95) and Enterprise ($99.95) versions, depending on your blacklist monitor service needs.

IPMonitor – Blacklist monitoring software

Of course, there is also our own blacklist monitor software IPMonitor. This is an automated IP blacklist checker that allows you to monitor over 100 blacklists, Microsoft SNDS reputation data, SenderScore reputation score, track host name changes and provides historical data reports, as well as daily or weekly reports to your email.

The other type of blacklist checker that I’d like to get into here is enterprise SPAM firewalls and blacklists. Some of the more prominent ones include Proofpoint, McAfee, Cisco, Baracuda and Watchguard. These typically check IP addresses, although a few of them also do a domain check and a URL checks, namely history based on sending email addresses and sending domain. Enterprise SPAM firewalls are also useful in that they keep their own network that they use to share valuable SPAM information.

How Does a Blacklist Monitor Software Check IP or Domain Reputation?

Now that you understand the different types of blacklist checkers, the question is, how does a blacklist monitor software like IPMonitor or some other checks domain or IP reputation?

Typically, blacklists keep an eye on the reputation of the email server IP address, but also the sender’s reputation by DKIM identity and sending domain.

IPMonitor and other blacklist monitoring softwares query more than a hundred blacklist databases for each IP address you submit and wait for their responses. If the response is positive, it means that the entered IP address or domain name is blacklisted.

Advanced blacklist monitoring softwares such as IPMonitor, has capability to monitor hundred thousands of IP addresses every hour and keep a history of results.

Why Your Server Might be Blacklisted?

Okay, that’s types of blacklists and how blacklist monitor software checks IP or domain reputation explained. Now, on to the reason, namely why a server your domain is on could end up on a blacklist.

The important thing to keep in mind here is that, even though you never sent a spam message from your IP address, if you forwarded a spam from a mail server that did, this might still put you on an email blacklist.

Another way to end up on the blacklist is if you’re using a shared server. If there are already messages that include spam there, you might find your domain on a public blacklist even though you weren’t the perpetrator of spam yourself.

How to Get off the Blacklist?

Now you’re probably asking, great, but how do I get off the blacklist? Is a blacklisted domain doomed? Do I have to start a new one?

Since the criteria different blacklist databases flag domains and IPs varies, there’s no single answer to this. The most common criteria used are:

  1. Evidence-based listing, where the monitor has received evidence that the IP has been sending spam emails.
  2. Policy listing, in which case the operator blocks emails from certain countries (for instance Nigeria or Serbia).
  3. Technical listing, which happens if the server is running suspicious IP addresses or if there is a wrong or missing banner greeting or DNS record.

So what to do to get de-listed from blacklists?

The first thing you should do is check if your network hasn’t been infected by malware or virus. Depending on how many computers there are in your network, this might take a while.

Make sure that your email servers follow the guidelines of email service providers such as Gmail.

Another important technical detail is, you must follow email standards such as SPF, DKIM and DMARC policy setups. You must authorize your email server IP addresses to send emails for your sender domains.

If everything is okay here, you can proceed to submit de-list request form on blacklist websites which you are blacklisted. Usually, they de-list IP addresses within 24 hours but make sure that you have solved your technical problems and 100% sure that no spam emails are sent through your email servers.

That’s it. Hopefully you are now better prepared to stay off a blacklist and if you need to check if you are on one, be sure to use IPMonitor as it monitors over 100 blacklists, more than most checkers.