KB Article | Forcepoint Support
Support
  1. Home
  2. Knowledgebase

Avoid being blacklisted

  • Article Number: 000007317
  • Products: Forcepoint Email Security, Forcepoint Email Security Cloud, TRITON AP-EMAIL
  • Version: All Versions, 8.5, 8.4, 8.3
  • Last Published Date: February 16, 2021

Notes & Warnings

Please refer to Forcepoint Product Documentation for information on how to enable these configurations within your Forcepoint Email Security product.

Problem Description

My IP address / mail domain has been blacklisted and I am unable to send out mail to many providers. What steps can I take to resolve this, and how can I prevent this from happening again?

Resolution

In order to get removed from a public Realtime BlackList (RBL) you will need to contact the list provider to request de-listing.  You can find which RBL provider has listed you using this a third party site such as MX Toolbox.
Before you do this however, be sure to identify and resolve the problem that caused the blacklisting, or you will quickly be blacklisted again.  The non-delivery reports you receive in relation to your rejected messages should provide details on why your IP or domain is blacklisted.  For further details, you may need to contact the list provider.

Once you have resolved the cause of the blacklisting your IP address may be removed automatically from the list after a period of time. Other providers require you to actively request de-listing.
 
Common reasons for ending up on a public blacklist include:  
 
In order to prevent blacklisting, consider the following:
 
Cause: Sending out spam or virus messages (knowingly or unknowingly)
Prevention :
  • Perform Spam and Virus scanning on inbound and outbound mail.  This applies to all MX records, not just the primary.*
  • Purchase and enable Websense File Sandboxing technology (also known as Threatscope) to add zero day protection against phishing emails, malicious URLs and malicious file attachments.*
  • Ensure your MTA is not an open relay. (Open relays allow unauthenticated logins to send from and to any domain)  *
 
Cause: Sending out large volumes of mail (e.g. bulk mailshots or marketing campaigns)
Prevention :
  • Follow industry and regional guidelines on sending commercial bulk email,  for example the CAN-SPAM Act.
  • Use a dedicated IP address for sending Marketing mail. *
  • Implement rate control on your outbound mail. *
  • Monitor volume of outbound mail per client or sender address and watch for outliers.*
 
Cause: Sending out backscatter
Prevention :
  • Quietly reject emails addressed to invalid recipients, don’t bounce by sending a Non Delivery Report.*
  • Avoid sending automatic notification messages to external addresses.*
 
Additional steps to protect your domain / IP address
  • To allow Reverse DNS lookup ensure your outbound IP address has a valid PTR record that matches your sending server’s FQDN.
  • Configure SPF records for your domain, to allow servers to check an IP is allowed to send “from” your domain name.*
  • Enable DKIM signing on outbound mail, to allow receiving servers to verify the digital signature via public DNS record.
  • Configure your firewall to only allow outbound smtp connections from authorized clients.
  • Regularly check your IP address blacklist status or subscribe to a blacklist monitoring service.
 
 


Keywords: spf check; email blocking; blacklist issues; phishing and spam email; email security settings; email stuck

Article Feedback



Thank you for the feedback and comments.

Want 24/7 Tech Support?

Learn more