What is blacklisting?

Blacklisting is a process of actively monitoring the Internet for reports of email traffic fro a variety of sources sending unsolicited commercial email (SPAM) and then publicly listing that known information on Internet sites for others to reference as a measure to fight SPAM. Many ISP's and independent organizations then use these blacklist databases as a reference filter applied to their inbound mail servers to aid in preventing SPAM and to encourage internet security.

There are many types of lists, but the most prevalent are the open-relay / open proxy lists, and "guilt by association" lists.

Open-relay/Proxy server blacklists are based on open ports through which unauthorized network traffic is allowed to flow. The open-relay/proxy lists are the most definite and widely used since they are based on the presumption that a "spammer" found you and likely had relayed a high volume of SPAM through your Message Transfer Agent (MTA), causing your MTA's IP address to be reported to the list by recipients of that SPAM. Many of the better blacklists will run an automated script to verify that the evidence against you is genuine before blacklisting your server. Many blacklists will quickly de-list you if you submit a request to retest your "repaired" mail server. Of course, there will be propagation time after you are de-listed (sometimes as long as a week), because the destination mail server administrators pull the updated lists at times they prefer.

Another method blacklist sites use to produce listings is that of "guilt by association". A blacklist site will list much larger blocks of IP addresses than those owned by the suspected abuser. For example, if you are provided with an IP address and the "spammer" owns an address that is close in range to yours and the spammer gets listed on this type of blacklist, your IP block might be listed as well. Usually the reasoning behind this practice is that, by punishing innocent parties, the blacklister is putting more pressure on the ISP to disconnect the suspected spammer's Internet access. SBCIS can only take action against a customer in violation of our AUP and direct evidence must be provided to substantiate the violation (email headers or other evidence of abuse). A blacklist site's evaluation of someone as a "known spammer" or having a "history of spam" is NOT acceptable evidence of violation of our AUP, and does not warrant the termination of service.