4 Causes of email blacklisting and how to fix it (part 1)

Jailbreak-Bug-Fixed

blacklistHave you been blacklisted? Want to avoid it? Read below for advice on what causes it and how you can distance your company from it.

Over the years, we’ve had clients get “blacklisted” which means they can no longer send emails out freely. This is normally caused by viruses, trojans or both, but there are other causes. This blog outlines four common causes to blacklisting and gives a broad framework of policies and technology to minimise your risk.

(If you’ve been blacklisted, read this first: 5 steps to take when your email is blacklisted.)

Why did I get blacklisted?

Your domain name appears on a “blacklist” if spam or viruses are originating from your email. The most common root causes:

  • Mistake. An errant marketing campaign that did not follow procedures and is sending out spam directly from your servers. Marketing should know how to avoid this by using purpose built email and list services. (In general, sending out email to existing clients or employees is not a source for blacklisting.)
  • Trojan. Someone in the office clicked on a file from a source that looked reputable (aka see article on phishing). A program (aka executable file, .exe) gains access to your server via a Trojan method. The program takes control of part of your email and sends out spam or viruses from your email.
  • Virus infection. Similar to above, but instead of a Trojan, the attachment puts a virus on the computer which spreads to the network and begins infecting files that you send out via email.
  • Hacking. Someone hacks your servers or website by getting through the filters/routers. This results in your email being used for non-intended purposes which look suspicious.

How can I avoid getting blacklisted?

In short, you can establish security policies, keep your spam filters and virus protection software updated and improve your security architecture.

1) Establish security policies

Establishing security policies involves educating your staff and getting them into a habit on best practices. Why put security policies in place? Security policies give your staff guidelines to follow for passwords, tells them how to handle unsolicited email (spam) and restricts them on the type of websites they should visit.

  • Password policies for staff. Ensure all passwords are at least 10 characters and have a combination of numbers, capital letters and small letters. The better security around passwords, the less often you need to change them. For more information on best passwords, go here.
  • Password policies for devices and generic accounts. Most people are either unaware or forget about email accounts that are not attached to staff. Trojans look for weak links in your email passwords. And since there are often generic emails for printers, phone systems,  websites and admin roles, Trojan know to check these as they are often forgotten. Similar to user passwords, device and generic account passwords need to be difficult for hackers and trojans to decipher.
  • Opening emails and visiting websites.  In short, if you do not know what it is or were not expecting it, don’t click.

2) Keep your spam filters and virus protection up to date

Most spam filters can be optimised to ensure you do not get much spam. If you make the rules too lax, you’ll get 100’s of unwanted mail. Make it to rigid and some of your best clients will go into the spam folder. Not all spam filters are equal so get your managed services provider to recommend what works best for you.

Viruses are constantly being written and released in the web. Good virus protection software is regularly updated based on the latest threats appearing across the internet. Keeping your virus protection updated and ensuring they are running regular scans will minimise your chances of getting infected.

Don’t set and forget.  Keep your Spam and Virus protection updated.

3) Upgrade your security architecture

Have you outgrown your current virus and spam filter software?  See part 2.   In part 2 of this article, we’ll look at best security practices for small to medium businesses and go through what to do if you get blacklisted.

Having issues with your blacklisted emails? Chat with a consultant today.

References: