What are Blacklists, Blocklists, and RBLs?

Root Folder
What are they?

A DNS Blacklist is a list of IP address that are known for sending spam. They are called DNS Blacklists because the information is hosted by DNS servers and retrieved with DNS queries.

Who controls them?

DNS Blacklists are set up by companies trying to provide a free or paid service to customers who are trying to block spam. You decide if you want to put your trust in that company's blacklist by deciding to query it for spam senders.

Who gets blocked?

One way spammers get caught is by sending a spam message to a spam trap. A spam trap is basically a honeypot for spam that immediately causes the sender to be blacklisted. Another way senders get blocked is by recipients marking messages as spam on mail systems that contribute information to blacklists.

How do legitimate senders get blacklisted?

There are several ways for a sender to get blacklisted. Here are the main ones:
  • Open Relay: The main reason for a sender to get blacklisted is if their company mail server is an open relay and being used by spammers to send out message. This is usually the case and can be easily identified by checking the mail server logs for outgoing messages. This happens when a server is configured to accept mail from anyone to be relayed to another user on the internet.
  • Virus Attack: Some viruses/trojans that infect computers turn them into spam sending zombies that get instructions from a master server and perform the required tasks. In small offices that use a single router with a single IP address, all internal traffic comes from the same external/public IP address. This results in your IP getting blacklisted so that message from any system, even your server, get blocked.
  • NDR Spam: Microsoft Exchange servers are famout for sending out NDR spam due to their default recipient filtering settings. Exchange server accept mail to any address to prevent directory harvesting attacks. They then send a NDR message to the sender stating that the message did not reach its intended recipient. If the sender's e-mail was spoofed and happened to the be address of a spam trap then your server just send an e-mail directly to the spam trap. It is always a good idea to turn on recipient filtering out Exchange.

Add Feedback