Email Blacklisting – what it is and how to prevent it

November 19, 2008 | By Damon Armour, IT Security Officer

 

There truly is a world of black and white when it comes to email. A blacklist is a list of addresses or domains, such as aug.edu, that is denied delivery by another user. In other words, if a site is blacklisted, its email will not be accepted at another site. A whitelist, on the other hand, is the opposite, in which the sender's domain is allowed to send messages. In most cases, ASU's email domain is allowed to connect to other providers and reach the intended recipient. Yet for many reasons, an email provider can blacklist an email domain to prevent email from reaching its intended recipients. The primary reason for this blacklisting is spam.

Email providers spend countless hours and effort fighting off spam for their users. One of the tools they utilize is email domain blacklisting. The concept is very similar to using your client's junk mail filters. This is a more localized version of blacklisting. So how does this apply to Augusta State University, since the school does not participate in spam? We do participate, but in most cases not on purpose.

The ITS article in June's ASU Report, "Email - A commodity not without risks," deals with providing email credentials (username, password, etc.) to an email message requesting them. This type of action is commonly referred to as a phishing attempt. The spammer defrauds the user by making what appears to be a legitimate request for user account information. If the user submits the requested information, the spammer is then armed with the email credentials to create messages and send them out through our email system to the world. Thus, through this devious use of our email system, other email providers can blacklist our email domain.

Once Augusta State is blacklisted by another email provider, ITS has to work with the provider to have our domain removed from the list. In most cases, the initial contact is time consuming, but results in successful removal. Yet, if there are multiple offenses, we could face situations where we are left on the list for an extended period of time. To put this in perspective, there was a recent blacklisting of our email domain by AT&T. Anyone trying to send an email from *@aug.edu to AT&T networks was blocked. This included BellSouth and other sites that use AT&T as their email provider. In this case, no Columbia County offices were able to receive our messages.

This is an example of the global and local effects of spam-related blacklisting. Surprisingly, prevention is not difficult. Any email message that requests a reply to change credentials or update personal information should be viewed with caution. In some cases, a web address or URL is provided for changes online. Again, if there is no expectation of a need to change credentials or personal information, a cautious eye should be applied. There will be instances where an individual will not be sure if the message is legitimate or not. In these cases, contacting the vendor who appears to have provided the message or the ITS Help Desk (706-737-1482) is appropriate. Either can assist in identifying the legitimacy of the message. Most vendors, especially financial firms, encourage notification of potentially fraudulent emails.
Spread the word on the need to be cautious with phishing emails today. These messages only need to fool one individual to have an effect on the entire campus. Questions or comments can be directed to me at darmour@aug.edu.