Scammers send out dubious e-mails attempting to obtain sensitive data from internet users every day. This is known as phishing and isn’t just annoying; fraudulent e-mails cost millions each year as internet users fall victim to them. We reveal how to identify phishing e-mails and how to render your inbox harmless.How to recognize phishing e-mails and protect your data
Spam is not only annoying but also dangerous. Around 85 percent of emails are classified as spam. So how do you get rid of it? Sophisticated artificial intelligence used by Internet providers and external spam services can recognize recurring patterns in spam and generate filters. These filters are then used to put senders on a blocklist and protect users from unwelcome content.
The term “blacklist” is now considered racist by many people. Like many other terms, it equates “black” with bad and “white” with good. A number of alternative terms have cropped up to replace it - “blocklist” has become the most popular, but you might also see “denylist”. In this guide we’ll work exclusively with the term “blocklist”.
Hosting with IONOS — Fast, Flexible, Secure
Discover fast and secure hosting for any project.
We've got your code covered, whether you're on the backend, frontend, or the frontlines.
What is blocklisting?
The term “blocklisting” (formerly known as “blacklisting”) refers to the process by which senders of spam are identified and blocked from delivering information. The spam sender is automatically entered into a spam blocklist. The blocklist consists of email addresses, domain names, and IP addresses. Senders on the blocklist won’t be able to place any more data in the recipient’s inbox, either via email or using a contact form. Spam blocklists are managed in real time. The opposite of blocklisting is allowlisting (formerly referred to as “whitelisting”). Another effective method for fighting spam is greylisting.
Get your own email address for your company or for personal use. IONOS’s email package includes forwarding, spam protection, and virus security.
How does blocklisting work?
A blocklist is a kind of a negative list: Everything is allowed, except what has been explicitly added to the list. That way certain senders or apps can be forbidden in a targeted way. Think of it like a screen or sieve: Big pieces get stuck, and anything that’s small enough will make it through. Of course, the technical details are much more complex than this. Blocklists make use of an extensive set of tools to sort out unwelcome character strings. The lists contain the IP address of a provider or individual computer, the domain name and even programs or file endings that have been classified as suspect.
However, for all the security that they bring, blocklists also have disadvantages. They only offer reliable protection if the unwelcome contents are already known and on the list. Threats can only be prevented if the list is up to date. Unlike automatic recognition patterns for spam email, this comes with maintenance work for the administrators.
The technical basis of all blocklisting is the Internet Protocol (IP).
Who creates and maintains blocklists?
Most providers create their own blocklists. If you have your own domain, most providers will give you the chance to create and maintain your own email blocklists. In the administration area of your email account, you can add unwelcome senders to a blocklist. These emails will then be automatically sent to the spam folder.
Emails having to do with creating a new password often end up in the spam folder. Attentive providers will point this out to you.
Firewalls and antivirus programs on your computer also use this principle to protect end devices from unwanted or dangerous requests. To this end, patterns of harmful information are compared with incoming data. The system then comes to a decision about whether the information will be forwarded or rejected. Known malware is sent into a quarantine area by antivirus programs, where it won’t be able to do any damage.
In addition to proprietary mechanisms and services, there are a number of public providers that function as “spam police”. They maintain spam filters and blocklists. If an email is rejected altogether, the sender will receive an error message from the receiving server with content such as the following:
- Remote host said: 554 Transaction Failed Spam Message not queued.
- Client host [184.108.40.206] blocked using (“suspicious contents”).spamhaus.com; www.spamhaus.com/query/bl
This establishes that the sender’s IP address is on a blocklist. Some popular spam service providers are The Spamhaus Block List and Domain Block List, The SpamCop Block List, and The Passive Spam Block List.
How do companies assemble their blocklists?
As a technical process, blocklists are usually put together faster than you’d think. A spam filter will evaluate incoming contents using a point system. A certain number of points will mean that the sender lands on the blocklist. Here are some common reasons for ending up on a blocklist:
- Unexpectedly sending emails to recipients who have been inactive for a long time or to recipients who have marked the sender’s emails as spam. The same is true if the email bounces back.
- A sudden increase in the number of emails sent, especially if they overlap with regular events such as Black Friday, end-of-summer sales, and holidays.
- A drastic increase in sending frequency without any notice. A large number of spam complaints will almost certainly land the sender on a blocklist.
- Sending an unexpectedly large email marketing list - the spam filter will assume it’s a purchased list. Good lists grow steadily, not all at once.
- Manipulated entries in email headers, especially the “From” and “Return path” lines, which can be used to create false identities for the sender.
If your email marketing is done with a service provider, you’ll most likely be contacted if there is any suspicion of spam.
How can you avoid landing on a blocklist?
You can avoid getting on a blocklist if you pay attention to a few rules when sending emails. The “spam police” has their eye on mass email senders such as newsletter services. So when it comes to sending out emails to large numbers of people, you should be especially careful about suspicious contents.
Here are some practical tips for staying off of blocklists:
- Be sure to generate varied content. Using the same formulations over and over again can make you look like a spam bot.
- When generating contacts, get the explicit consent of the recipient.
- Send your marketing emails using a secure server from a certified provider and use professional software.
- Use your company or brand email, not your personal email address. There shouldn’t be a person’s name in front of the @ sign - instead it should be shop@, newsletter@, contact@, or something similar.
- Get on allowlists - the opposite of blocklists - e.g. by asking users to save your address in their contact list.
- Emails that only contain graphics are read as empty by spam filters and put on the blocklist.
- Writing in all caps will almost certainly land you on a blocklist. Excessive exclamation points, content related to sweepstakes, and references to medications also tend to indicate spam.
- Professional email services and senders should be sure to check the potential spam status of an email before sending it.
Commercial providers have to pay attention to certain legal requirements when sending emails. For example, users need to have a clear way of opting out of the email list.
What should you do if you’re on a blocklist?
First of all: Don’t panic. Entries on blocklists aren’t set in stone. There are so many lists, which means that landing on one at some point is quite likely. But getting on a blocklist can indicate that your email marketing is need of some attention. And if you land on the larger lists run by Internet providers, it can have a serious effect on your sending activity. So what should you do if you land on a blocklist?
The first step is to check which blocklist you’re on (if any). There are a number of tools for this:
- mxtoolbox.com/SuperTool/ – checks the MX record of a given domain; offers “blacklist check”, “test email server”, “domain health”, and other checks; also offers monitoring (with a paid plan)
- check.spamhaus.org/ – checks domain names and IPs
- blacklistalert.org/ – checks IP or domain
- multirbl.valli.org – checks IP or domain against almost 350 lists
- dnsbl.info – only checks IP addresses
- whatismyipaddress.com/blacklist-check – only accepts IP addresses and checks against over 60 blocklists
- projecthoneypot.org/ – in addition to the listing, also shows the reasons for it and neighboring IP addresses
If you only have a few blocklist entries for your domain, your email activity won’t be significantly affected. If your domain is on a number of blocklists, you’ll need to take action. If your domain or IP address is on a blocklist, you can usually find a link to the provider, who can tell you how to get off the list.
Problems with blocklisting
Blocklisting gives rise to a lot of work and means that you’ll have to pay extra attention when planning and sending email campaigns and newsletters. If you find yourself on spam blocklists, IP blocklists, email blocklists, or domain blocklists, you’ll encounter serious difficulties with email marketing that can even affect your profits. It’s highly advisable to check your status from time to time. If you’re on many blocklists, this will also lead to a bad reputation for your domain and the company associated with it, which can also lead to listings with other “spam police”.
A short example can illustrate the kinds of problems that can land you on a blocklist: Imagine an email includes a sentence about “next quarter’s expectations” - normally a totally normal phrase, but this time due to a typo it appears as “next quarter SEXpectations”. The presence of the word “sex” sets off alarm bells and causes the company to be blocked by some of the recipients. It will take some effort to resolve the situation, so the moral of the story is - always check your email content for anything that could unintentionally cause you problems.