IT Guy / IT Gal series – Dealing with a Blacklisted email server

  • Article
  • Do you work in a small IT shop or are you the only IT resource that your company has?
  • Are you the "go to" guy/gal for anything to do with technology?
  • Do you (or others) consider yourself a "jack of all trades"?
  • Do you work in a small company with less than 250 PCs?
  • do you spend most of your day reactively fixing and addressing issues that come up and feel like you can't proactively plan to get ahead?

If you answered yes to any of these questions this blog post and series is for you.

This is the second post in a series of blog articles aimed at sharing solutions to issues facing IT Professionals working in this type of environment. We’re taking articles from YOU on how you’ve overcome issues in the past with innovative solutions to get the job done. Maybe it’s using Microsoft technology – maybe it is not – what matters is that it addresses a problem, allowing you to get on with your day.

Let me introduce you to Sean Kearney, Network Administrator at McKesson Canada.  He’s a devoted and passionate computer enthusiast from the early 80’s to the present day, having used just about every microcomputer ever. He’s self taught in computer programming with 65xx machine code, working with many technologies – but primarily Microsoft. He deals with “anything thrown at him” from gnawed keyboards to recovery of Exchange servers, to networking setups and isolating the realm of the unknown.  Occasionally he lets loose with song unfortunately…

When I reached out to the blog readers as well as some of my contacts from over the years looking for people to share their solutions in this series – Sean’s post made it’s way through my filters to my inbox. I know that troubleshooting blacklisting of mail servers was a pain when I was a mail administrator and lead to a lot of frustration both from my users AND from myself – trying to get the company unblocked! Sean has some good resources and insight – have a read below!

Rick
IT Pro Team Blog | IT Managers Blog |Twitter | Facebook | LinkedIn
My Shared Bookmarks

p.s: Are YOU up for the challenge of contributing your thoughts, ideas and solutions to “The IT Guy / IT Gal” series? Contact me directly or use the email link at the top of the blog with draft stories AND/OR suggested topics. Let's ramp up the noise and start giving back!!!

-+-+-+-+-+-+-+-+-+-+-

Well what a fine how do ya do.

You've been blacklisted on the internet.   Something slipped by security and a worm blasted it's way out.  (And blast it did!)

You've isolated and cleared out the problem but now you have to deal with the mess.

The Blacklisting.  The inability to send out e-mail because your public IP address is being rejected by every client.

So how can you confirm this?

A quick search of the internet on your choice of search engine will yield several results.

What do you need to know?   You need to know the public Internet IP address your MX record, your mail server that is sending mail.

I found a very effective site www.mxtoolbox.com

Choose their tab "Blacklists" and type in the suspect DNS name or IP address.

If you're on the "HOTLIST" it will show up as a "RED" on their particular site (Other sites may show it up as "LISTED" or "BAD" or "MOST EVIL MAIL SERVER ON THE PLANET" (Haven't seen that particular one)

Most of the sites will have a hyperlink to the particular provider.   Most of the particular providers will have a fairly easy method to remove your address from the list.  (Some others bill and 'Express fee') to remove it immediately.

In some cases you will have clients that reject you simply based upon mail flow.  TrustedSource.org is one such provider.   They actually track the flow of email on the internet and web access and track 'Naughty sources'.  Some clients subscribe to this particular type of service to determine who to reject mail from.  Government of Ontario is one such place I have heard of using this service.

Dealing with trustedsource.org is not a pain either.  A quick email to trustedsource@securecomputing.com with Domain and IP address details from a NON blacklisted email address will resolve the blacklisting from their system.

Take note, in most cases, the removal will take time.  Your network goofed, it is YOUR problem and you cannot rush any of this.

So how do you avoid this from happening in the first place? 

Yes obvious.  Security.   Keep your patches up to date, keep your antivirus and malware up to spec, make sure your firewall is as restrictive as possible to keep potential problems from flowing out.

And diligence above all, will keep you protected.  

Remember, almost any problem can be solved.   Just about every problem can be prevented.

 

img036

 

 

Sean
The Energized Tech
Dedication and Inspiration creating the new Generation