How We Became Blacklisted by Spamhaus Without Doing Anything Wrong

More than a month ago, we have received an alert from Blacklist Monitor that our main server became blacklisted on Spamhaus SBL blacklist. This was a problem for us because we do have our own mail server that sends emails to our users and suddenly, our emails were silently blocked in many systems because of this listing. And we started our investigation. Why were we blacklisted if we did not send any spam?

The monitor told us that our listing details can be found on http://www.spamhaus.org/sbl/query/SBL245859, so this was the first information to read. The information on that page was very clear:


Spamhaus SBL Advisory

We did nothing wrong. It was just that some known spammer misused the hosting company that is hosting our primary server for about 4 times in last 12 months and because of that Spamhaus blocked 1024 IP addresses of our hosting including the IP address that we used. We had nothing to do with this, we have been using this hosting for several years, and we had actually no chance to foresee this problem. Yet still, we got blocked hard.

OK, so what you do if you are blocked? You simply ask for delisting and since you did nothing wrong, you should be delisted, right? Wrong! Look at the bottom of the screenshot above. The message is clear:

If you are unable to send email to someone due to this SBL listing, please contact your Internet Service Provider and show them this page – your Service Provider needs to contact the Spamhaus SBL team to resolve the issue (if you are not the Internet Service Provider, please do not contact us.)

And so we did inform our hosting about this listing. They responded quickly, terminated the account of the abuser and asked Spamhaus for delisting. We had to use a third party service to care about our outgoing emails temporarily. A week later, we were still blocked. And so we asked our hosting about it. We received an answer that they were asking Spamhaus for delisting, but without any luck. We have tried to contact Spamhaus ourselves and did not receive any response.

After more than a month, our hosting was still listed and so we asked our hosting to give us an IP address from different network. We had to switch our systems to the new IP address in order to be able to send our emails out again without problems.

We do understand that the job that Spamhaus does is important and we do understand that blocking spam is a hard task. However, to block 1000 IP addresses on a hosting that does not tolerate spammers and reacts immediately to such issues, is very questionable at least.

With such a policy, you can get blocked hard and do not even know about it. Only because we have blacklist monitoring setup for our servers, we were informed about this problem on the very first day. If we did not have the monitoring, we would just send our emails out and have no idea that they are being deleted silently. And the policy that Spamhaus will not talk to you unless you are the owner of the subnet, is also very poor from our point of view. We did nothing wrong, why do you punish us and refuse to talk to us? Why?

Finally, we have switched to a new IP address and we can serve our users using our own mail server. This problem is over for us, but for our hosting, there are still 1000 IP addresses that they have blocked and can hardly use for their business. We wish them that Spamhaus will unblock them soon. They are good guys and provide quality service to us.

Comments

  1. Mike

    Yes, switching to new IP can be a good alternative if you were unable to whitelist your existing IP. In case of Yahoo you get your Mailer IP blacklisted if you sent a couple of bounced mails. They looks quite strict in this matter.

Comments are closed.