Technology Training

Is My IP Addresses Blacklisted?

What is an IP address?

The “IP” part of IP address stands for “Internet Protocol.” The “address” part refers to a unique number that gets linked to all online activity you do…somewhat like a return address on a letter you’d send out. (All this happens in milliseconds.) Your computer is hooked up to the Internet, one way or the other. When you go online for email, to shop or chat, your request has to be sent out to the right destination, and the responses and information you want need to come back directly to you. An IP address plays a significant role in that.

For instance if you type in www.google.com in your browser a service called DNS converts this into an IP address that the computer understands. The same goes for every website. This is how computers communicate over the internet network.

How do I know if my IP is blacklisted?

Maybe you’ve been notified by a friend that your emails were blocked. Or maybe you’ve run your IP address through a blacklist assessment tool and found out the awful truth: you have been blacklisted! What now? Having your emails blocked makes it hard to communicate with your friends and, if you run a business – your customers. Are you doomed to be labeled as a spammer forever? – No, help is at hand. First, find out if you are actually blacklisted.

Before you go into full panic mode, if you haven’t check already, make sure you’re really on a blacklist. Use a tool like Spiceworks Blacklist Check and IP Reputation or http://whatismyipaddress.com/blacklist-check.  to confirm that your IP address or domain has been flagged as a spammer, malware distributor, or some other sort of bad guy. Blacklist check tools like these compare your IP address or hostname against known blacklists and let you know if you appear on them.

Why is my IP address blacklisted?

Your IP address may be blacklisted for several reasons. Your IP may only be listed on a single blacklist, or it could be listed on multiple blacklists. Each IP blacklist is maintained separately and not governed by a central source. Each may have different standards for listing/delisting IP addresses.

Well, maybe a computer on your network has a virus and is behaving in a suspicious way. Or maybe some overzealous email administrator on your network just sent out a massive number of emails to sales prospects. These types of behaviors can get you flagged as a spammer or malicious IP.

If your IP address is blacklisted, this doesn’t necessarily mean there is cause for concern. Some blacklists automatically add any IP address that is assigned via DHCP from the ISP. DHCP IP addresses are mainly how almost all residential connections connect to the Internet. Business accounts are more likely to be assigned static IP addresses.

We don’t maintain a blacklist, but here are the main reasons why your IP could end up being listed. Virus/Malware or spam. If you’ve got a virus or malware and your computer is constantly pinging or attempting to communicate with other computers, you’re bound to hit a computer where the admin will see your ‘attack’, block your IP address, and report it accordingly. If you send spam or run a mail server that is not properly configured and it allows spam to be sent, that IP address will get blacklisted.

If you have a DHCP IP address and you’re not a spammer and don’t have a virus, it’s possible that the person who had your IP address before you was, or the person who had it before them, or the person who had it before them. Only the ISP knows who had the IP address prior to assigning it to you. You may have done nothing wrong.

 

What makes someone decide to flag me?

You might wind up on a blacklist for a variety of reasons. Each blacklist database chooses its own criteria for deciding which IP addresses are suspicious, including things like:

  • Mail server configuration issues, like incorrect reverse DNS records, missing banner greets, or mail servers that operate inside a range of IP addresses that has been marked as suspicious
  • Operator policies that block email from particular countries or ISPs
  • Unsolicited email originating from a particular IP address

 

How do I get my IP address off of a blacklist?

First, you should make sure that all devices on your network are not infected. After you’ve determined your network is clean and that no unauthorized traffic is going out, find where your IP address is blacklisted and contact them for removal. Each blacklist will have different ways of requesting an IP removal. And just because you’ve made the removal request, doesn’t mean they’ll honour your request.

Once you know who has blocked you, then you can start the process of clearing your good name. Email service providers, like Google, AOL, Yahoo, and Microsoft, might block your email because of the high volume of messages you sent. To make amends, you need to contact them directly on their website. Once on the website, most services will provide specific instructions for getting off their blacklist. Some blacklists will allow self-service removal, which means you basically remove your IP address from their list without any fuss. However, be sure you fix the problem that landed you on their list in the first place, because next time around they may not be so nice about it. Some blacklist databases automatically remove you within a set time, like several weeks. The more often you offend them (by sending out huge unsolicited mailings for example) the longer they’ll keep you on the list.

If you’ve been flagged because of a poorly configured reverse DNS, you may need to reconfigure both forward and reverse DNS records as well as your SMTP banners.

Can I fix the problem myself?

Yes, There is no sense getting yourself removed from blacklists if the problem is still ongoing inside your organization. Here are some things to look for:

  • Did a Trojan somehow make its way on to your network? Be sure to do a thorough scan of your network resources.
  • Check that none of the workstations behind your IP address are infected with a virus. Even if they haven’t sent a single spam email, a bot virus might contact a spammer’s server to get its marching orders, flagging it.
  • Go through your message tracking logs to figure out where the spam is coming from. Once you have identified the offending computer, you can fix the issue.
  • In a worst case scenario, you might need to get a brand spanking new external IP address, at least until you can rehabilitate the reputation of your old IP address.

How long will it take to be removed from the blacklist?

Once you’ve figured out the contact point and procedure for requesting your IP address be delisted from the various blacklists, how long does it take? Unfortunately, results can vary widely. Sometimes it happens quickly, sometimes it can take days to even a week.

However, getting yourself removed from the list is only half the battle. Some of your clients might subscribe to bigger lists that don’t update frequently or remove addresses that have been cleared. In these cases, you may have to request to be added to whitelists or ask someone to remove you from the blacklist manually.

The process is frustrating, but try to stay calm. Getting your dander up will only make the process take longer. The best policy is to play nicely and cooperate. Blacklists are not trying to make your life a nightmare, they are designed to prevent fraud and deal with spam, in the name of the greater good.

 

What if my IP address remains on a blacklist?

That depends. If you’re an average home user, having your IP address on a blacklist probably won’t make a difference with your daily surfing agenda. However, if you’re a business and run your own mail server, you may have issues getting unlisted. You’ll need to make sure each device on your network is clean and make sure your mail server is configured correctly and locked down so it’s not allowed to send messages from unauthenticated users.

 

How can I prevent my IP from being blacklisted?

An ounce of prevention is worth days of pain, or something like that. Here are a few tips to help keep your IP address from winding up on a blacklist:

  • Run a scan to make sure that your SMTP server isn’t an open relay
  • Make a firewall rule that only allows certain machines to send outbound email to prevent infected workstations from sending email
  • Log your firewall rule and set up a notification to alert you if it detects a possible infection
Published
Categorized as Blog

Leave a comment

Your email address will not be published. Required fields are marked *