5 Ways to Avoid Being Blacklisted
December 10, 2012 1 Comment
As the developer of popular mail software, we get a LOT of questions asking for tips and tricks on how to best manage mail servers. We are constantly getting questions on how to configure anti-spam, what anti-spam measures work best, how to set up a mail system for X users and/or Y domains. We even get some pretty off-the-wall tickets from potential administrators who tell us that they want to set up the next Gmail or Hotmail to give the world free email, then turn around and ask ”But, how do I do that?”
Most mail administrators realize that the configuration of a mail server, much less the business rules around how email is managed, is really up to them – there’s only so much we can offer in terms of how to best manage and maintain a mail server. What we CAN do, however, is provide email administrators with a number of tools to help ease the entire process. This post will focus on a few of the features and tools within SmarterMail that can both ease an administrator’s management tasks as well as give them peace of mind when it comes to preventing their mail servers from becoming blacklisted.
Lock down users and mailboxes
Users. If they’re not using “abc123” for their passwords, they’re mass emailing cat videos to their friends and family. There are several things mail administrators can do to keep users from abusing their email privileges, not to mention keeping mailboxes, and entire mail servers, secured. SmarterTools makes these things extremely easy:
- Set up password policy and perform password audits
Administrators should set some guidelines for users so that they don’t gravitate towards the most commonly used passwords. In addition, periodical audits should be run and users notified if their passwords don’t meet requirements.
- Require SMTP authentication and sender match authentication
Spoofed emails can be a real problem, and now some compliancy agencies require mail servers to ensure emails can’t be spoofed. Therefore, mail admins should be sure to enforce SMTP authentication and then take the extra step of enabling sender match authentication, so that the mail server will ensure the sending address matches the SMTP authenticated address. Doing this will greatly reduce, if not totally eliminate, senders spoofing mail accounts.
- Throttle outgoing email
Set up some simple throttling rules, either for users, for entire domains or even for particular features, like mailing lists. Throttling allows administrators to manage the amount of email that flows out of mail servers. Couple throttling rules with spam checks to achieve even better results.
- Spam check outgoing email
In addition to throttling, spam checking outbound mail can help keep mail servers running and can help prevent a single user from getting your entire server blacklisted. Administrators can spam check outgoing messages against any of the included spam lists that come with SmarterMail. Couple this with usage reports and system events to stay on top of potential issues.
- Throttle outgoing email
Set up Abuse Detection
On top creating guidelines for users, mail administrators also have tools at their disposal that will alert them to potential issues way before they become problems. Two tools come to mind for keeping the mail server secured and off of blacklists:
- Internal Spammer Notification- There are times that, no matter what other preventative measures an admin has in place, users try sending out mass emails. Most of the time these are legitimate attempts, but there are the occasional users who simply want to spam. Setting up a notification to fire off when a sender reaches a certain number of the same sized emails in a given time frame can help prevent a user from spamming, regardless of their intent.
- Bad SMTP Sessions - Keeping on top of bad SMTP sessions assists mail administrators with preventing email harvesting attacks against a mail server. Harvesting attacks can open a mail server up for address harvesting, and that can lead to your users getting spammed or even accounts getting hacked. Neither result is good for mail admins.
Use System Events!
System events are a great way for administrators to be notified when something happens on the server. Below are a few examples of the types of events that an admin can create. In terms of notifications, an email can be sent or a SMS can be sent as well so that admins are aware of issues almost immediately.
- Be notified when any abuse detection rules are tripped
- Keep an eye on system memory or spool count -
- Receive a notice if a message over a certain size is being sent
- Tie into throttling and get a notice when a user’s email is throttled
Lock down mailing lists
Mailing lists can be a big problem, especially if they’re set up improperly. As an example, recently New York University had an issue with a mailing list that was incorrectly set up and that allowed every NYU student – all 26,000 of them – to post replies to the entire list. Lovingly labeled the “Reply-allpocalypse”, imagine the headaches had several hundred students reported the list to SORBs or SpamHaus? Therefore, it’s best to use these simple rules of thumb for mailing lists
- Only allow moderators to post to a list, unless the list is very small and/or very well managed
- Set mailing list email to lower priority
- Throttle your outgoing messages
Keep an eye on your reports
SmarterMail has a number or reports that admins can use to keep an eye on their server, their traffic, the spam that’s being caught and much more. Reports are a great way to spot trends and even identify the potential for trends, so that admins can head off issues well before they become full-scale problems. Some reports of particular interest are:
- SMTP Out usage
- SMTP Out Connections
- Outgoing spam reports
- Abuse Detection
So there you go. While we can’t set up your mail server for you, we can certainly provide the tools you need in order to ensure you’re running a safe, secure and reliable system once you DO get it up and running.
That being said, there is zero guarantee your servers won’t get blacklisted at some point. Therefore, one final piece of advice: use separate IP addresses for SMTP, so that you can change it from time-to-time. This gives you the ability to change IPs in the off chance one gets blacklisted, so that your mail server can quickly get back up and running while you work with the blacklist organization to resolve the issues.
So, do we have any email admins out there? What tips and tricks do you have for keeping your email systems, and your users, secure?