News Stay informed about the latest enterprise technology news and product updates.

Part 3: How to remove your Exchange server from spam blacklists

Tutorial: How to protect Exchange Server from spam blacklists, part 3 of 4.

How do you get yourself taken off of a blacklist? Unfortunately, there is no easy solution, because there are a number of antispam companies that maintain independent blacklists.

If many of the dynamic IP addresses your ISP assigns have been blacklisted, the best thing you can do is to change ISPs. For everyone else though, figure out which blacklists your IP address or domain name are on. This could potentially turn into a big job, because there are many different antispam blacklists out there.

I have found a Web site that will query the different blacklists on your behalf. It doesn't check all spam blacklists, but it's a good starting point.

Once you've figured out which spam blacklists your mail server, domain or IP address is listed on, then you have to get in touch with the company that maintains that blacklist and follow its instructions to get removed.

I can't possibly talk about every existing blacklist on the Internet, but below I describe the removal process for some of the more common ones.


The Spamcop blacklist is based on a complicated system that takes into account the current complaints against an IP address and the addresses long-term reputation.

If two complaints are made against an IP address, Spamcop will blacklist it for a maximum of 12 hours from the time the more recent complaint was received. If no complaints have been made against an IP address for 24 hours, it is removed from the Spamcop blacklist.

As long as a spammer doesn't decide to permanently spoof your IP address, you should eventually be removed from the Spamcop blacklist automatically.

The blacklist is a little tougher to get removed from than the Spamcop blacklist. The company maintains a Web page that will allow you to remove an IP address that was previously an open relay, proxy, or an open formmail IP.

Unfortunately, these are the only circumstances for which will allow you to be removed from its blacklist. The Web page indicates in bold print that you cannot remove IP addresses associated with direct spam sources, dial-up ranges, or multi-stage open relays. Furthermore, it will not remove any dynamic IP addresses.

If your IP address does qualify for removal, you must be able to prove that you own the address (through a WhoIs query), and there must be a valid, non-script-generated, rDNS record for the address that you're removing.


Spamhaus operates two of the most commonly used blacklists; the Spamhaus Blacklist and the Exploits Blacklist. Removal procedure depends on which blacklist your IP address is listed on.

If you want to remove your IP address from the primary Spamhaus blacklist, just go to and use the form at the top of the page to run a query against your IP address. When you do, you will be taken to a page explaining why your IP address was blacklisted. The bottom of the page contains a removal procedure, a reference number, and an e-mail address. You must then send a message to the provided e-mail address citing the reference number you're given.

The Spamhaus Exploits Blacklist is a blacklist of IP addresses that are direct sources of spam. Usually, an IP address is added to this blacklist if it is associated with an open relay e-mail server, or if the computer is running a Trojan that allows spammers to send from that machine. To be removed from this blacklist, you must fix your breaches, go to, look up your IP address, and then use the automatic removal link.


The ORDB blacklist is a blacklist of e-mail servers with an open relay. To be removed from this blacklist, you must close the open relay and then go to

Once on this page, you must submit a valid e-mail address and the IP address that you want to remove from the blacklist. The site will send you an e-mail message that you must reply to in order to prove that you are a real person and not a script.

When your e-mail address has been confirmed, the ORDB Web site will test the IP address you submitted to make sure it's no longer an open relay. Assuming everything checks out, your IP address will be removed from the blacklist.

The entire process can take up to 72 hours to complete.


 Home: Introduction
 Part 1: How your Exchange server can get blacklisted
 Part 2: How to keep your Exchange server off spam blacklists
 Part 3: How to remove your Exchange server from spam blacklists
 Part 4: Related links on spam prevention and management


Brien M. Posey, MCSE
Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Exchange Server, and has previously received Microsoft's MVP award for Windows Server and Internet Information Server (IIS). Brien has served as CIO for a nationwide chain of hospitals and was once responsible for the Department of Information Management at Fort Knox. As a freelance technical writer, Brien has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies. You can visit Brien's personal Web site at

Dig Deeper on Exchange Server setup and troubleshooting

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.