How to avoid IP Address being Blacklisted?
-
Posted at 2022-01-28 15:20:51
-
By Prefixx Team
.jpg)
When your email framework is not adequately secured, it may fall prey to malware attacks from spammers. This will result in your IP (Internet Protocol) address ending up on the blacklist.
Tips on how to avoid your IP address from getting blacklisted
1. Strong password
Strengthen your password with a combination of:
• Upper case letters
• Lower case letters
• Special characters
• Numbers
MDaemon Administration allows you to set strong passwords from the Passwords Menu found under Account Settings in Setup.
2. SMTP Authentication
In MDaemon, you can set up SMTP Authentication from the SMTP Authentication option available under Sender Authentication in Security.
You can then click the checkbox "Authentication is.............local accounts" and uncheck the box ".....unless message.........account".
In SecurityGateway, you can find SMTP Authentication under Anti-Abuse in Security.
3. Avoiding Relays
To prevent your server from relaying mails, in the MDaemon Administration, visit Relay Control under Security Settings in Security. Then, check the boxes - "........relaying", "......local domain", and "SMTP RCPT......local domain".
In SecurityGateway, you can find the Relay Control option under Anti-Abuse in Security.
4. Authentic PTR Record
Your PTR record should be valid and match the domain or the mail server name.
5. SPF Record
Create the SPF record to prevent spoofing. This feature enables you to verify the source of incoming mail.
6. IP Shield Configuration
For accepting emails coming from authorized sources in your internal domain, you need to customize the IP Shield. In the MDaemon Remote Administration, you can do this from IP Shield available under Sender Authentication in Security.
For users sending emails from outside your network, do the following:
• uncheck the box, "........sessions".
From SecurityGateway, you can activate this feature at IP Shielding located under Anti-Abuse in Security.
7. SSL Enablement
The SSL allows you to encode the link between the server and the mail client. You can enable SSL in the MDaemon Administration, from SSL and TLS under Security Settings in Security. You can then go to MDaemon and click the checkbox "Enable SSL......STLS".
For further information on how to enable SSL, click here.
In SecurityGateway, the Encryption option under System in Setup or Users allows you to do the same.
8. Detecting Hijack of Account
Activating this feature prevents any dubious account from sending unauthorized emails and putting your server in the embargo. You can find this feature in the MDaemon Administration, at Hijack Detection under Screening in Security.
In SecurityGateway, you can locate Hijack Detection under Anti-Abuse in Security.
9. SMTP Screening Enablement
Much like Hijack Detection, this feature too is used for blocking connections from unauthenticated IPs. In MDaemon Administration, you can enable this feature from SMTP Screening found under the Screening tab in Security.
SecurityGateway allows you to enable Dynamic Screening from Anti-Abuse in Security.
10. Signing with DKIM
DKIM protects email users from unauthorized intrusions into their accounts. This article will tell you how to sign in to DKIM in MDaemon Administration. In SecurityGateway, you can perform the same action from DKIM Signing under Anti-Spoofingin Security.
11. Reliable Hosts & IPs
The Trusted IPs and Trusted Hosts screens should only feature the IPs and hosts you trust. In MDaemon Administration, this functionality is available in Security Settings under Security.
12. Blocking outbound links on port number 25
The spam filter or the mail server should be the only two places on your system from which outbound links can be sent on port number 25. Set up your firewall for facilitating this.
13. Firewall Configuration
To detect any computer on your system suspected of relaying emails, you must:
• Set up your firewall and keep a tab on all outbound activities on port number 25 across all the computers on your system.
14. Static IP
Your mail server should have a Static IP instead of a dynamic one. In the case of a dynamic IP, if there is a power outage when the connection resumes, the IP address is changed. But your earlier IP address still reflects on your DNS records.
Conclusion:
If you adhere to these tips, you can ensure:
• Your server is not relaying emails
• All your mail communications are enciphered
• All your users are authorized
This will greatly reduce the chances of your IP address being blacklisted.
