Monitoring my IP for inclusion on SPAM Blacklists

My linode hosts websites that allow my users to send email to their site's registered users.

Obviously I'd like as many of my users emails to get through as possible; and I'd like to be proactively monitoring which emails don't get through so I can do something about it.

I know that eventually my IP will make its way onto a spam blacklist (RBL).

How do you professional SysAdmins go about proactively monitoring the email deliverability status / RBL listing status of your IPs?

What do you do when you discover you are listed on an RBL? How do you know which ones you should care about?

Thanks

David

PS: This is quite a nice intro do the subject - http://www.linuxmagic.com/powerofip_reputation

6 Replies

I have a script that tests my IP against a range of known RBLs, and runs from cron. Otherwise, it's usually a matter on following up on user complaints about bounces and taking a look at the bounce messages.

> I know that eventually my IP will make its way onto a spam blacklist (RBL).

Maybe you're looking at this from the wrong perspective. If you know you're going to end up on an RBL, take preventative measures before hand. Don't allow the behaviour that will get you onto an RBL.

By the way, running automated queries against most of the blacklists is against their TOS. CBL even says that they'll take action if it doesn't stop.

@dcelasun:

By the way, running automated queries against most of the blacklists is against their TOS. CBL even says that they'll take action if it doesn't stop.

If I am understanding correctly, you must be referring to automated queries using the web interface. If automated queries using DNS lookups is against their TOS, then any mail system that blocks spam based on the IP being listed in a DNSBL would be in violation.

@mrdavidlaing:

How do you professional SysAdmins go about proactively monitoring the email deliverability status / RBL listing status of your IPs?

I wrote a PHP script that is run from cron that does automated lookups of some common blacklists. I have an occasional false positive, but they are obvious because I receive a text message stating the server is "listed in No error code exists." It's pretty obvious.

All of our e-mail is sent to/from the same anti-spam devices. SO, what my script does is do a DNS lookup for all MX records for each domain in an array. It then looks up the IP address for each of those MX records. Lastly, it does a DNS lookup of the IP address on the appropriate DNSBL. I have to program in the expected responses so that I receive a humanly understandable message.

If you want a copy, let me know and I'll post it.

That sounds great, carmp3fan. Could you please post it here for others to check out?

You'll need to know the servers to query, but if you're on Ubuntu or Debian you can use rblcheck to do the RBL lookups. It might be good for scripting use.

I like using DNSStuff's RBL query tool as well as their automated RBL reporting service. Unfortunately, they charge for these.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct