Having Problems Sending Email Because Your ISP is Blacklisted?

October 9th, 2013

It happens over and over — users trying to send legitimate email messages are blocked from sending because the IP address that they are getting from their Internet Service Provider (ISP) for their personal computer (or small office) is on some major blacklist, like SpamHaus.  Comcast, for example, has been the focus of many of these issues. This message blocking often happens even if a user is sending outbound email through a legitimate email provider like LuxSci.

Users invariably ask:

  • Why is the mail blocked even though I am sending through LuxSci or some other email provider and not directly from my ISP?
  • What can I do about it?

Fortunately, there is a good reason why the blocks occur and an easy solution to them … anonymous SMTP service to hide your IP address.

Why are so many ISPs commonly on Blacklists?

Well, its not actually the ISP itself that is on a blacklist (generally), it is certain IP addresses or ranges of IP addresses that the ISP gives to its customers.

ISPs really have a choice and do one of two things regarding outbound email:

  1. Do not allow customers to send outbound email except using the ISP’s own email servers.  I.e. they block port 25 (the standard SMTP port that all email servers use to communicate with each other) outbound, so that spammers cannot use their services to send spam as easily.
  2. They are more permissive and allow anyone to connect to any server on port 25 so that they can send email messages.

Choice 1: Block SMTP

The ISP really cuts down on the amount of spam that can be sent from its networks and has much less blacklisting.  However, this really hurts customers who have email services with third party providers, like LuxSci, as they cannot send email using the “standard port” of 25.  Many email providers have no alternative ports and this results in the customers of the ISP not being able to use its Internet service to do their jobs or send and receive email with the company they desire.

Other email providers, like LuxSci, provide alternate “ports” that customers can use to send outbound email in the case that, for example, port 25 is blocked like this.  This permits “business as usual” even in this scenario where things are blocked by the ISP.  ISPs actually like this, as it allows these customers to get the service they need (authenticated SMTP with a real provider) while the ISPs can still stomp out the SPAM.

Choice 2: Allow SMTP

By allowing outbound connections on port 25, ISPs are “nice” to their users and also allow spammers to send spam email from their network.  The best they can do is to take action and disable spammer accounts if there are complaints.  However, by that time it’s is already too late and the IP address(es) used by the spammers are already blocked by many places.  The unfortunate thing is that, given the way that ISPs hand out IP addresses, anyone could be assigned this blocked IP address later on…. resulting in that unfortunate user being suddenly blocked when they did nothing wrong themselves and when everything was previously working fine!

These blocks on IP addresses last from hours to months to forever, depending upon the blacklist in question and the severity of the spam transgression.  Most of the major ones will de-list IP addresses after a few days or weeks if there has been no serious continuing activity.  On the other hand, some blacklists will block not just the single problem IP address, but all 255 IP addresses that are “near to it” in one fell swoop.  So, your IP could be blocked merely as a “side effect” of someone else’s malicious efforts on a similar IP address. Oh the pain.

OK, but if I am sending through a reputable company, like LuxSci, how can the sent email still be blacklisted?

Good question!  You would think that if you send mail through a respected email company whose servers are not themselves on any blacklists, that there would not be any chance that your email would be blocked.  That used to be the case years ago, but blacklists have become smarter.

When you send an email message, part of the message is the so-called “email header” that contains information about the message such as the subject, sender, recipients, etc.,  plus a bunch of “Received” lines that document the path the message took through the Internet. Every computer that touches the message, as it transits from you to your recipients, puts its own two cents there describing from what server it received the message, when it got the message, and other statistics.

This set of “Received” header lines provides a kind of “audit trail” that allows anyone to look and see where the message traveled and also to see where any delays occurred.  The first “Received” header line will generally be made by  the outgoing email server to which the email program on your computer connects; it records that it got the message from you and what time it did so.  That line will contain the IP address of your computer as granted to your by your ISP (or hotel, or office, etc.)!

Spam blocking services have gotten smarter in that they no longer just look at the servers talking directly to them to see if they are to be blocked.  Now-a-days, they also look at several or all of the Received lines to see if any of the machines along the way should not be trusted.  If your mobile phone or personal computer’s IP address is on a blacklist and that IP address is recorded anywhere in the message headers, then the spam blacklist analysis can see that and block the message!

Example bounce due to this situation:

Here is an example bounce message that came in to a LuxSci user because his/her Comcast IP address was on the SpamHaus blacklist (the information in this example has been modified to be generic):

The original message was received at Wed, 18 Oct 2013 04:46:12 -0600 from something.comcast.net [44.44.44.44]

—– The following addresses had permanent fatal errors —– <someguy@somedomain.com>
(reason: 554 Service unavailable; Client host [rsXX.luxsci.com] blocked by zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=44.44.44.44)

—– Transcript of session follows —– … while talking to mx.some-other-domain.com.:
>>> DATA
<<< 554 Service unavailable; Client host [rsXX.luxsci.com] blocked by zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=44.44.44.44
554 5.0.0 Service unavailable

The message is a little bit misleading.  At first glance, it looks like the server “rsXX.luxsci.com” is blocked by SpamHaus.org.  But that is not actually the case.  What is blocked is the IP address “44.44.44.44“, which is not a LuxSci server at all and which actually belonged to Comcast (well, the actual IP did … 44.44.44.44 doesn’t).  You can always look up information about an IP address by using a service like this one.

So, even though this user was sending outbound email through LuxSci, the message was blocked by SpamHaus because his/her Comcast the IP address was blacklisted and that IP was recorded in the email message headers.

What’s the Solution?

WebMail: One solution is to send outbound email via a WebMail service, like LuxSci’s WebMail portal.  WebMail services are accessed by a web browser (like Chrome, FireFox, or Internet Explorer) will not generally include your computer’s IP address in the message header (LuxSci’s won’t) and thus any blacklisting of your IP address will not be an issue.

OK, what about sending via SMTP with your favorite Outlook or Thunderbird program?

LuxSci has had a solution to this issue for a very long time — our “Anonymous SMTP Service“.  With this approach, the user configures his/her email program to send outbound email via a special alternate port (either 587, 6025, or 6465, which we use for all sorts of things related to special care and handling of outbound email for customers).  When sent via an anonymous SMTP port, all kinds of unneeded information is removed from the message headers such as:

  • What email program you are using
  • What operating system you are using
  • Any custom information and comments added by your email program
  • The IP address that your computer is using

Thus, with anonymization enabled, there is no way for the spam filters to associate the message with your blocked ISP IP address … they can only track it back to LuxSci’s servers.  It also means that no one can tell from where in the world you are actually sending email or what software you are using.

So, if you are having problems with sending email … consider LuxSci’s anonymous SMTP services; they are included free with any account that has regular SMTP service (even our high volume bulk email service) at no additional cost.