How to Delist from Abusix Mail Intelligence

First of all, Abusix are not evil masterminds, they are not interested in you being stuck on their blacklist for all eternity. On the contrary, they encourage everyone to resolve the issue as soon as possible and provide you with explanations and support (including an online chat). Now let’s get down to business.

What is Abusix Mail Intelligence?

Abusix Mail Intelligence is a service created specifically for email providers. It collects and groups data from different providers, analyzes threats from IPs, domains, and URLs.

Abusix also provides whitelisting. Since there are large email providers like Gmail or Yahoo! that are not immune to spammers, Abusix makes sure thousands of legitimate senders are not being blocked as well.

Commonly an IP ends up on the Abusix blacklist after an email sent from it hits one of their spam traps, but it is not always the case. So, to answer the question “Why am I blacklisted?” it is essential to find out what blacklist you are on.

What Abusix Blacklist am I on?

Abusix has four different types (or zones) of blacklists: Domain, Policy, Spam, and Exploit.

Usually, when you get on one or several of these blacklists, you receive a bounce email with a clickable link in it, for example, https://www.abusix.ai/search?q=x.x.x.x. This link will take you to the blacklist you are on.

I am listed on the Policy Blacklist

Policy Blacklist is aimed to catch spam spread by botnets, detect compromised IPs, and hosts. It lists IP addresses that should normally be using their mailbox providers or Internet Service Providers to relay emails with SMTP authentication, but instead, they are connecting straight to the external SMTP server.

Note that the Abusix Policy blacklist is a preventive tool, so it blacklists a potentially compromised or hijacked IP address before spam trap hits start coming in.

When talking about a legitimate sender, one should:

Use static IP address;
Non-generic rDNS record;
rDNS record that matches the returned name A record;
rDNS record that reflects the hostname of the email server (and your domain).

Delisting from the Policy blacklist works as a permanent exception for every IP address. Once it has been delisted, it stays delisted until the IP rDNS record is updated. In this case, Abusix may ask to test it again and re-confirm the exception once a year to keep their data up to date. Removing an IP from the Policy blacklist doesn’t take longer than a couple of minutes.

I am listed on the Spam Blacklist

The spam blacklist is a classic. Abusix blacklist traces the IP address that was responsible for sending spam emails to one of their spam traps. It is important to understand that Abusix never uses typo spam traps (like @gnail instead of @gmail) or recycled spam traps (that used to be owned by a real person).

That narrows down blacklisting reasons to compromise/infection or email malpractices of the sender, such as using rented or bought email lists, scraping email addresses, or lack of double opt-in.

To delist from the Abusix Spam Blacklist you have to file a standard request, but don’t rush. First, you must find the reason for your spam trap hits and do your best to resolve it, or you will be relisted shortly.

I am listed on the Exploit Blacklist

This blacklist is all about IP behavior: Abusix monitors IP traffic and connection to their traps and mail services that partner with Abusix. When this behavior is irregular and does not at all resemble the behavior of a normal SMTP client, Abusix adds it to its exploit zone.

Usually, IPs on this list are compromised, infected with botnets, viruses, worms, NAT addresses (with a compromised or infected host), and compromised IoT devices.

Before filing a delisting request, you should find and resolve the issue, check the firewall configurations; if needed, contact the device manufacturer and reflash it. Of course, if you don’t eliminate the issue, IP will be relisted again – that much is true.

I am listed on the Domain Blacklist

A listing on Abusix Domain Blacklist occurs when their spam trap received an email that contains a link to your domain or IP in a message body. If the email contains a short link, both the destination and intermediary domains will be blacklisted.

The delisting request differs from others: Abusix asks to contact them via live chat on their website, not via the standard request form. In the chat, you will be asked to provide the bounce message you received, and the domain name and support will take it from there.

Abusix Mail Intelligence Delisting Details

Login. To request delisting, Abusix will ask you to create a free account and confirm your email address. They have a couple of reasons for doing so, like for tracking the requestee identity, contacting for details when necessary, as well as re-confirming exceptions (for Policy blacklisting).
Delisting time. Usually, delisting takes a couple of minutes. The Abusix lists rebuild every minute, so if you request a blacklist removal directly from their website, the maximum time is 5 minutes. Some services copy lists for local usage – in this case, the process will take a little longer – up to 15 minutes. If nothing is happening within the given timeframe, Abusix recommends contacting their live support via chat on their website.
Relisting. The delisting process is simple and straightforward, but so is the relisting one. Abusix is not an exception to ask you to remove the reason that caused the blacklisting in the first place. If you request an IP removal before dealing with the issue, spam will continue hitting the Abusix spam traps and the IP will be immediately relisted.

Now you know pretty much everything you need to understand the Abusix Mail Intelligence and start your delisting process. To do so follow the link https://lookup.abusix.com/.

Additional Resources:

IP Blacklist Removal – How To Fix a Blacklisted IP Address
How To Remove Your IP From Yahoo Blacklist
How to Remove Your IP Address from Gmail’s Blacklist
How to Remove Your IP Address from the Hotmail/Outlook’s Blacklist