Blacklist Removal

Introduction

I have yet to find a quick easy to read document that details how to remove an IP from various blacklists. So, here is my attempt to correct all of that and provide a complete list of where to go and who to contact to take care of blacklist removal.

Instructions

First off, there are several items that may need to be addressed before attempting blacklist removal. In my experience the most common causes for being blacklisted, or having mail rejected, in the first place are: open relay, a virus on the network, and no PTR record.

You will need to ensure that any problems that probably resulted in your blacklisting are taken care of before requesting removal. If they are not, you will more than likely be listed again in the near future and the removal process may then get more complicated.

Typically, my first step is to check the results of the spam database check on DNSStuff.com. Simply go to their site and place the IP address of the mail server in your organization. If you are not sure what the outside IP address of your mail server is, then login to it and go to IPChicken.com. You will then see your IP address listed on the page. Copy and paste it in the “Spam Database Lookup” box under IP Tools and then select Lookup. You should then see the results begin to populate on the screen. Anything in red is bad and will need to be addressed. DNSStuff.com provides links to each of these “public” blacklists that contain removal instructions.

Reverse PTR

AOL and many other mail services require that the IP address of your mail server has a Reverse PTR record associated with it. It does not necessarily have to match the MX record of your mail server, but I recommend that it does.

To create a Reverse PTR record you must contact your ISP. Even though this is a DNS related change, it can only be made by your Internet Service Provider. You will need to contact them with a request associating your server IP address with a valid DNS name.

Example: 66.23.2.213 points to mail.yourdomain.com

Helpful Hint: If Qwest is your Internet Service Provider (ISP), I have found that sending this Reverse PTR request to dns-admin@qwest.ip.net from and email account of the domain that is being modified generally results in the quickest turnaround. If your company uses a different ISP you will need to contact them over the phone and make this request.

Manual Removal

Once the problem that originally got your IP listed has been corrected you will generally see the problems go away. However, I have seen lingering problems for weeks. To speed up this process you may want to visit or perform the following if you are having issues with the following companies. These companies may hold “private” blacklists that are not made available to the public.

AOL and CompuServe
This is not so much a “removal”, but an application to be whitelisted. You must meet all of the requirement to be accepted and send at least 100 messages per month to AOL recipients. Generally, once you have cleaned up the original blacklisting problem, this will not be necessary.
Web Page: http://postmaster.aol.com/whitelist/whitelist_guides.html

Yahoo!
You may go to the following web address or send an email to Yahoo! with your IP and the removal request.
Web Page: http://help.yahoo.com/l/us/yahoo/mail/original/abuse/index.html
Email: abuse-admin@cc.yahoo-inc.com

Road Runner
You may use this link to see if you are blocked. Enter in your IP address of your mail server and click submit.
Web Page: http://security.rr.com/amIBlockedByRR.htm
Email: removal@security.rr.com

NetZero, Juno, and Bluelight
Follow this link and fill out their form.
Web Page: http://www.unitedonline.net/postmaster/blocked.html

AT&T and SBC
Send an email to the following address with your IP address and your request.
Email: abuse_rbl@abuse-att.net

Comcast
Send an email to the following address with your IP address and your removal request.
Email: blacklist_comcastnet@cable.comcast.com

Cox
Send an email to the following address with your IP address and your removal request.
Email: unblock.requests@cox.net

Once you have followed these steps, you should begin to see your mail flow improve. If it doesn’t, you may want to check DNSStuff.com again to see if you are listed on any “public” blacklists. If you are listed, then follow their procedures to get yourself removed.

Conclusion

Blacklists are very useful when combating SPAM. However, if you find yourself on the wrong end of a blacklist it may take a great deal of effort and time to get off. Follow these procedures and monitor your IP address often. Ensure that your server is not set as an open relay, you have a valid PTR record, and that you have up-to-date antivirus on every computer that shares your internet connection.