Have you ever been blacklisted?

It can happen to the best. Whether you have your own mail server, your own website, or use services like Office 365, anyone can be hacked. If you get hacked, thousands of spam mails are sent from your address, and you will be registered on one of the lists of Spamhaus or Barracuda in no time.
That’s good, right? Without these lists, email traffic around the world would be a mess, and finding out if you’ve been hacked would be a nightmare. But what if you weren't hacked, but you're still on a blacklist? How is that even possible?

To understand why you're blacklisted, you first need to understand exactly what blacklists are, and what function they serve.

Types of blacklists

There are many different types of blacklists, and that can create confusion. One focuses on detecting and blocking compromised addresses, while the other focuses on minimizing non-deliverables and bounces. Some blacklists are meant to make money, where you have to pay to be taken off the list, while the best, like the blacklists of non-profit organization Spamhaus, try to make the internet a bit safer.
It is therefore important that you check which list you are on, and especially why. For example, if you use a third party mail filter in the cloud, you may be blocked by the Spam and Open-Relay Blocking System (SORBS). This DNS-based blacklist is used to track mail servers that send high volume spam and other dangerous emails. In practice, however, this means that third party mail filters, such as Kaspersky for Microsoft 365 and Forcepoint Cloud Email Security, about which millions of emails are sent every day, are registered as spam senders every day. And then, suddenly you can't send emails because someone else got hacked or isn’t following the rules.

How do you solve that?

In general, most people are never blacklisted, especially as a private individual. Only if your recipients use the specific blacklist in their mail filtering will you be blocked. You can do a few things: ask your recipient to whitelist your domain or stop using the blacklist, or make a de-listing request at the blacklist provider.

To remove your mail server, or address, from a blacklist, you generally need to make a "de-listing" request. Virtually every blacklist provider uses this process in one form or another. At SORBS, Spamhaus and Barracuda you can make a free request for removal. You will need to enter your IP addresses, domain name and identification, after which you will be removed from the list. But there are also blacklist providers that charge money for de-listing, which can be quite costly at times. I would recommend to avoid these companies, and only pay if you really don’t have other options and your recipients refuse to cooperate.
In the end it will always take some research to figure it out. Whether you're trying to avoid reputational damage, or just want to be able to send email again, being on a blacklist is painful. As such, I regularly receive requests for advice and help with the de-listing process. Hopefully this post answers some of your questions on blacklisting.


If you still have questions, or would you like help, our helpdesk is always there for you if you need us. Call us on +3120-6104888 or email us!