Steps to prevent server blacklisting

I am wanting to create a checklist/set-up document for configuring exchange servers to prevent them from being blacklisted. Here is what I have so far:

Close SMTP relay
prevent unneccesary outgoing port 25
correctly configure masquerade domain
correctly configure reverse DNS
subscribe to a spam filtering service/configure accepting email only from that service
anti-virus sw throughout the network
configure SPF records if available

What else should we be looking at?



Work In Progress: BSCI, Sharepoint


  • astorrsastorrs Member Posts: 3,139 ■■■■■■□□□□
    make sure your not using an IP address from a range defined by your ISP as not allowed to send SMTP mail from - sorry I don't remember the list name (royal, HeroPsycho?) Basically anyone who has a cable type connection is at risk of this.
  • TechnowizTechnowiz Member Posts: 211
    Hey astorrs is that avatar a reference to Animal Farm?
  • astorrsastorrs Member Posts: 3,139 ■■■■■■□□□□
    Technowiz wrote:
    Hey astorrs is that avatar a reference to Animal Farm?
  • HeroPsychoHeroPsycho Inactive Imported Users Posts: 1,940
    I would suggest a few more things.

    If you have additional public IP's, have your outbound email systems route out via a different pub IP than clients, especially if blocking outbound SMTP from anything other than your outbound gateways is not possible.

    This is especially important if you use a hosted antispam filtering solution like Postini...

    Use antispam filtering for YOUR outbound mail. You'd be surprised how many places don't do this.

    Speaking of hosted antispam solutions, if you use one, configure your Exchange servers and firewall devices (BOTH!) to restrict incoming and outgoing email to work only to/from your hosted filtering providers' servers.

    Ensure your Exchange servers also have Exchange specific AV agents AND OS level agents installed and updated!

    Ensure your email system conforms to SMTP RFC's, things like their helo greetings, etc.

    Finally, invest in a robust monitoring product, and setup monitoring and alerts for things that may indicate your servers are spamming.
    Good luck to all!
Sign In or Register to comment.