Outbound abuse from ISP networks can cause IP blacklists to categorize networks as bad. Once your clients are on an IP blacklist they are unable to communicate with their own customers via email – and then it becomes the problem of your ISP’s network abuse team. Prevention is always better than cure, so here is a checklist of some best practices to help reduce outbound abuse and keep your customers off those blacklists!
1. Spam check outgoing emails
Today, spam accounts for up to 60% of all emails. Surveys have found that spam has led to decreased public confidence and trust in email.
According to a study done by the Radicati Research Group Inc., spam costs businesses $20.5 billion annually in decreased productivity as well as in technical expense. So as an ISP, it is imperative that you do your best to prevent it from happening with your customers.
Several vendors provide solutions for Hosting Providers and ISPs to filter outbound customer e-mail traffic - and drop spam messages to reduce their impact. Several solutions allow you to report messages detected as spam to your abuse desk management solution.
2. Throttle outgoing email
It’s important to set up simple throttling rules either for your customers’ emails or for entire domains. Throttling will ensure that your network abuse team stays on top of the emails that are flowing out of your servers as you do your spam checks.
3. Set up SMTP authentication
Reducing the amount of abuse through outbound platforms is a question of raising the bar. Have your customers authenticate with your SMTP servers to provide accountability for traffic, and straightforward enforcement options when credentials are compromised or abused.
4. Strengthen customer passwords
Customers should use complex passwords and ISP's should offer two-factor authentication. Passwords should be set to expire regularly. Maintain a password policy history for each client to ensure absolute control.
5. Enforce Policies and Standards with Bulk Senders
As a provider to customers who send large amounts of email, it is important to ensure that your customers are following the MAAWG Sender Best Current Practices, which are best common practices for electronic communications to reduce messaging abuse.
6. Contract with your customers to help prevent spam
ISP clients should be required to maintain a secure environment on their networks and within the services they offer. These requirements should be outlined in the client’s contractual obligations, and clients must be legally obliged to notify the provider immediately if they receive reports of spam or any other issues.
7. Use tiered rights for valued customers
It makes sense to restrict the rights of new customers to your network. Only trusted accounts should be granted wider access as your trust in them grows. Restrictions can include:
- Server creation
- New domain creation
- Bandwidth increases
- API access
8. Use best practices on IPv6 networks
IPv6 provides so many addresses, there is no reason to share a single IP address with multiple customers. Each customer and each website should have their own unique address. This makes it far easier to track the source of abuse and makes it possible to block the offending customer, without blocking everyone else on the same host.
9. Stay on top of IP blacklisting
In order to track whether your clients are ending up on IP blacklists, it’s important to subscribe to as many relevant Feedback Loop reports as it is possible to process. Signing up for Feedback Loops will help avoid Domain Name System Blacklist (DNSBL) listings and will limit any reputational damage for your customers. It will also allow your staff to proactively deal with any compromised clients.
Use Abusix Mail Intelligence, the most effective commercial blacklist in the market today, as your first line of defense for mail servers and user’s inboxes. AMI creates a seamless, hardened barrier between you and those who want to exploit your company, your employees and your customers. Contact Abusix for a free consultation or take AMI for a test drive and try it free for 30 days.
If you aren't ready for AMI, try AbuseHQ, which quickly reveal insights that are buried with your noisy network abuse reports and security alerts. Forewarning signals ensure that you can quickly stop systems that cause blacklistings – allowing you to take real-time decisive action to improve your clients' security and safety.
To find out more about proactively protecting your ISP for cyber attacks, download our free e-book: An Abuse Agent’s Guide: Some Tips and Tricks for Every Abuse Desk.