centre{source}

If you thought that anti-spam protection for your incoming mail would alleviate your e-mail problems forever, think again – another issue that can cause more than a few headaches are DNS BlackLists (DNSBLs), sometimes also called RBLs (Realtime Black List). DNSBLs are not a new idea, but their usage is increasing rapidly. In short, a DNSBL is an innovative use of DNS to provide access to lists of IP addresses (or other info). These lists are created on varying criteria -- for example, the IP address was caught sending spam, or it's owned by a company known for supporting/sending spam. Or perhaps the IP address hosts a mailserver not following the rules, or a web/proxy server that has been compromised in such a way that it could be used to send spam. In this way, common sources of spam can be compiled into these lists and checked by a mailserver before accepting mail. If you show up in the blacklist, your mail is rejected.

As the spam-war has escalated, DNSBLs have become a double-edged sword. They have probably saved SMTP from being utterly inundated with spam to the point that it's useless. However, blacklists have also been forced to get increasingly aggressive. It's not uncommon for an organization to find itself blacklisted, even if it didn't overtly send spam (that it knows of). If your organization becomes the unlucky member of a DNSBL, you'll find that most (if not all) of your email is rejected by the outside world because you're now considered a spammer. The worst part is that you may have no idea why you were blacklisted and no idea how to get de-listed!

DNSBLs play a central role in most email protection software. There are many popular blacklists and each has its own personality and aggressiveness factor. One well-known, aggressive DNSBL is SpamCop. This service is considered very aggressive since they make it so easy to report someone as a spammer. While it's easy to get on the list, SpamCop also makes it easy to get off the list on their website. Other blacklists require substantial proof to add you to their list – but they also require substantial proof to remove you.

Here's the problem: If everyone is using spam protection with DNSBLs and your organization is reported as a spammer… everyone blocks your email. DNSBLs have become so powerful that they can literally stop all email communications from your organization.

Take heart! There are things you can do to protect yourself from finding yourself on a blacklist. Here are some basic rules that should minimize your chances:

• Do not spam – While this seems obvious, it is the most important advice. Don't add people to your mailing list just because you picked up their business card… this is spamming. Don't email blast everyone in your address book with something they don't necessarily want… this is also spamming.
• Educate your employees – While an organizational policy not to spam is a given, it is equally important that you convey this to your employees. They must understand what spam is and how to interact on the Internet properly. It only takes one person on a mailserver or a domain to get your entire organization blacklisted.
• Use Virus and Spyware protection – Today's worst viruses no longer destroy your computer. Instead, they operate in the background and send spam on behalf of their creator. This can make your network or server into a participant in a spam/virus botnet. This is probably the number one reason that otherwise innocent parties wind up on a DNSBL. If you wind up on a blacklist, make this the first thing you check.
• Check your mail server – One of the fastest ways to get on an RBL is to have a misconfigured mail server. If your server is not properly configured to only allow your users to send mail, it could be used by a spammer (Such servers are called an open relay, and will be blacklisted instantly).
• Check miscellaneous webservers and/or proxies. Believe it or not, even a misconfigured webserver or web proxy -- something unrelated to e-mail itself -- can be used to send spam! You can find a list of services that will check your server for open proxies here.
• Use a 3rd party email marketing service – If you're going to send e-mail to a large amount of recipients at a time, you should outsource your email marketing. Not all e-mail marketing firms are created equally (some are a thin veil for spammers or actually are spammers) -- but the good ones take great pains to follow the rules and ensure that the recipients have all opted-in and are voluntary recipients of your mail. They will bear the onus of ensuring your mail gets to its recipients. In addition, because the service is hosted separately, your actual business-operations e-mail will be isolated and protected from being blacklisted as a result of the bulk e-mail.
• Have an expert on call – If you get on a blacklist, talk to your IT professional. Most will know the necessary steps for getting off the list. You can also check OpenRBL to see which blacklist(s) your IP may be on, along with links to information about the listing. Once you identify them, you'll need to go through their steps to get off.

In summary, finding yourself on a RBL can be devastating for your organization. By following the steps outlined above, you greatly decrease your chances of inadvertently getting blacklisted.