On the Record: Spamhaus and Informational SBLs

Last week, I sat down with Matthew Stith, industry liaison at Spamhaus, to discuss the recent uptick in informational SBLs. My mission was to find out what’s going on, why the recent change, and what it means for the future of email service providers (ESPs) and senders alike.  

I’ve structured this as simply and as helpfully as possible in a Q&A format, so you don’t need to go digging for the gold nuggets we all know you’re here for. Let’s jump in. 

Table of Contents 

DEALING WITH INFORMATIONAL LISTINGS 

AVOIDING FUTURE LISTINGS 

DEALING WITH INFORMATIONAL LISTINGS

What’s triggering these informational SBL listings?  

Spamhaus laid it out very quickly and clearly: Bad. Sending. Practices. Really, you can read all about it here.  

Per Matthew, “It’s not who you are, it’s what you do.”

These are important principles to share with your customers: Your brand may be entirely legitimate and even a household name, but if you’re engaging in spammy email practices, you will be treated as a spammer until you improve your list collection and hygiene practices. For instance, if you continue to send to a mailbox that hasn’t received email from you in months, you have bad sending practices. If you’re emailing addresses who never opted-in to your mail, you have bad sending practices. If you’re bouncing left and right and not managing them properly…guess what, you have bad sending practices. 

Not sure if your domains or IPs are listed? Use their lookup tool.   

My customers’ sending practices haven’t changed recently. Why are the listings only appearing now? 

Spamhaus is constantly evolving their tools. As Matthew explained to me, they’re now using better, wider-reaching technology to detect bad actors (as well as good-faith actors who simply engage in bad behaviors). Then, they’ve also implemented better processes for actually delivering informational SBLs instead of live listings. Live listings would immediately block mail, so informational SBLs are somewhat of a fire drill for deliverability and compliance folks. After all, wouldn’t you rather have a drill than a full-blown, 5-alarm inferno? 

Plus…It’s possible they’ve been using poor sending practices for a long time. It’s just now catching up to them. 

Are spam trap hits causing these listings? 

This question isn’t as straightforward as it might seem. Before we can answer how traps affect blocklistings and deliverability, it’s important to understand what spam traps are and what they do.  

Spam traps are email addresses designed to sniff out senders who are emailing people who haven’t provided consent. Since they do not belong to real people, they should never receive email.  

  • They could be “pristine”, which is an address specifically created not by people but entities like Spamhaus to catch spammers. These addresses never belonged to a person, and they do not sign up for anything—no email newsletters, user accounts, nada. 
  • “Recycled” traps DID belong to a person once, but there’s been no activity from that person for long enough (years, usually) that the address no longer belongs to them. The inactive address starts sending hard bounces back to the sender indicating something along the lines of “this address is invalid” for at least 12 months (if not longer). So, anyone sending regularly to the recipients on their list would receive notice of the bounce and remove that recipient from future mailings. Similar to pristine traps, hitting recycled traps indicates issues with list hygiene. 
  • Finally, a “typo” trap is an address where a person did attempt to provide their consent to receive emails, but they mistyped their username or the destination address to use a lookalike domain, like “gmaal”, in error. Hitting this type of trap uncovers some bad practices on the sender side. 

So, the trap doesn’t cause damage…it’s caused by the bad behavior leading to the hit.  

“A spam trap is a problem with list hygiene most of the time. We have traps that behave in all kinds of ways: some accept mail, reject, defer, open, click,” Matthew shared. 

His message to ESPs was clear: “Stop worrying about what the trap is doing. Worry about what the sender is doing instead.” 

Calling back to Spamhaus’ blog post explaining what triggered the recent uptick in informational SBLs. Three words: Poor. Sending. Practices.   

How can I help my customers get de-listed? What is the process for delisting?  

Your customers got listed for a reason, so your first step is to find the root cause. Like Matthew mentioned, poor sending practices are overwhelmingly the reason for the uptick of informational SBLs, but here are a few ideas to troubleshoot delivery issues if you’re not completely sure of the issue. 

Once you find the offending behavior, have an honest talk with your senders. They’ll need to understand what went wrong and how it needs to be addressed. Agree on an action plan and get going! 

Spamhaus can provide guidance if you feel stumped. Prepare a summary of what happened and what you believe caused it, then reach out. They have a really handy resource for senders looking to remedy and get de-listed.   

What happens if we ignore informational SBL listings? 

Bad things. If you ignore an informational listing, it will be bumped to a live listing, which means the mail will actively be blocked. This is not the time to wait! Take advantage of this generous grace period Spamhaus is giving you to deal with the problem before it becomes an urgent, blazing ball of stress and distraction. 

AVOIDING FUTURE LISTINGS

My company only offers shared IP pools for sending. How do I avoid having all of my customers impacted due to one bad sender’s actions? 

“We prefer not to list your shared pools,” said Matthew. He also shared a recommendation for ESPs with shared pool environments: “Make sure you have indicators in place for what is shared space so we can avoid creating live listings for them. Informational SBLs can, and likely will, still happen.”  

If you make it easy for Spamhaus to understand what parts of your infrastructure are used for shared vs dedicated sending, it’s easier for them to list offending domains instead of the entire IP.  

There are also a couple of important things to note for you as an ESP. It is absolutely critical to implement and enforce a strict acceptable use policy (AUP) and terms of service (TOS) to ensure you’re not allowing customers to send spam. Additionally, you need proper detection and mitigation infrastructure management tools in place to protect your network from reputation issues and reduce the amount of spam leaving your network. 

How can I help my customers avoid getting on informational SBLs? 

Remember the major reason we’re even talking about this? 

Bad sending practices. 

The most valuable service you can provide to your customers right now is to educate them. Get to know them, their business models, and their email goals. Start with a conversation to stress to them which email best practices are absolutely must-do so they understand how significantly using them (or not) can affect their success. 

If you’re aware of customers with issues, take action before they get listed. It doesn’t matter how long they’ve been your customer, how big or well-recognized they are, or how much volume they send… If you’re aware they aren’t applying suppressions or are sending to customers who haven’t engaged in years because they don’t have a sunset policy in place, talk to them. Get them working on it NOW.

How can I help my customers avoid getting re-listed? 

On top of the education layer, make sure the root cause of the original listing is fully resolved. Clean the list triggering the current listing AND fix the core of the problem. It’s tempting to let the customer simply clean the list and move on, but they’ll find themselves in the same situation again. And, as much as we all loved Bill Murray in Groundhog Day, the Spamhaus version will not be nearly as enjoyable. 

That being said, we all know reconfirming a list by asking every recipient to confirm they still want to hear from the sender (even highly engaged recipients) can be a death sentence. Even Spamhaus knows this, which is why it’s considered an end-of-the-line recommendation on their part. Most senders should be able to solve their issue before it comes to that, so if Spamhaus has recommended a reconfirmation, realize it’s time to roll up your sleeves because the list is actually that bad. 

Conclusion 

If you’re facing an informational listing (or many), take a deep breath. Thank your lucky stars it’s not a live listing, then follow the process outlined (and refined) by Spamhaus to identify next steps in dealing with it. 

You’re in control. Make sure your customers know it and respect it, and everyone will be much happier at the end of the day.

Want more help? Let us know! 

  

 

 

Table of Contents