Abusix FAQs

No, we don’t provide a Feedback Loop.

We offer discounts to non-profit, non-political, non-lobbying organizations that can supply proof of their non-profit status. Please get in touch via our live chat or send us an email at [email protected].

Yes, we support Subscriber’s Right to Data Access and Subscriber’s Right To Be Forgotten which are GDPR requirements.

Most likely, yes. Abusix Mail Intelligence works as a pre-filter and can be added on top of  lot of different MTAs (mail transfer agents) and other 3rd party email spam filter solutions.

Here are a few examples that Abusix Mail Intelligence can be integrated with:

Check out our docs page for more set-up instructions.

If you need help or assistance on configuring Abusix Mail Intelligence, please get in touch with our support team through email or via chat.

  1. Don’t panic and don’t take it personally, everybody has issues at some point – we’re not interested in penalizing you, we just want to get the problem fixed and to get you delisted ASAP.

    If you have received a “bounce message” stating that your message has been rejected by Abusix Mail Intelligence, then this will usually include a clickable link e.g. https://lookup.abusix.com/search?q=x.x.x.x – so click this link which will then show you which lists you are listed on.

  2. Either click the link in your bounce message or go directly to our Lookup and Delisting page
  3. Enter the listed IP/domain.
  4. If the IP/domain shows as being listed hit the red button: “Remove from list”
  5. You’ll get either forwarded to your existing Abusix account or you’ll get asked to create a free account on our portal
  6. Confirm your email address and log into your account (if you use this service for the first time)
  7. Follow the instructions within the portal to remove your IP/domain from the blocklists.

Do you need help? Get in touch with our team via chat or send us an email at [email protected]

You can only be listed on the domain blocklist if we have seen messages to traps containing links to your domain name.

You can request a delisting, but please reach out via the chat and provide us with the bounce message and your domain name and we will investigate further.

You can only be listed on the Exploit Blocklist if we have seen traffic that would indicate that the IP address is infected or compromised or is a NAT address and one of the hosts behind the NAT is either infected or compromised.

If the IP address is a genuine email server, then check for firewall misconfigurations e.g. the IP address being used as part of a NAT pool (email servers should NEVER share addresses with other hosts).

If the IP address is part of a NAT pool make sure that port 25 is firewalled and that outbound port 25/tcp is blocked by default, then look at the firewall logs to determine the internal IP address(es) that are trying to connect outbound on 25/tcp and you’ll find your compromised/infected hosts.

If the IP address is a router or IoT device, then it is likely compromised in some way.

Check with the manufacturer of the device and reflash it with the latest firmware and bootloader.

Please don’t request a delist until you’ve identified and fixed the issue first, otherwise you’re going to emit spam in large volumes and get immediately relisted

The policy blocklist is a preemptive blocklist to combat botnet spam which can appear suddenly on any IP address, so the Policy blacklist lists ranges of IP addresses based on their rDNS that would not normally send email directly to MX but instead should use their ISP provided mail relay to send mail.

It’s a generally accepted practice that hosts that send email should have a non-generic reverse DNS that ideally matches the A record of the returned name (FCrDNS) and that should also reflect the hostname of the email server and your domain name (rather than the ISP/hosters domain name). Doing this will ensure better deliverability of your email than not doing so and is required for certain forms of whitelisting based on hostname.

Having said all that – this is a relatively common misconfiguration for small businesses or for admins that are not email savvy and it is not our intention to cause you issues or to force you to change your rDNS (although for the reasons above, you really should!), so you can request an immediate delist and we will make a permanent exception in the Policy blocklist for your IP address and you can start sending email again within a few minutes.

You can only be listed on the Spam Blocklist if you have sent email to our spam traps.

This can be caused by compromised accounts, compromised hosts, or if you sent a mailing that contained trap addresses.

Please try and ascertain which of these caused the listing and fix any issues before you request a delisting, otherwise, you’ll emit spam and be immediately relisted.

If you send email marketing, then you should follow the best practices for senders which are published by M3AAWG.

You can change your plan within our platform app.abusix.com.

Navigate to “Email Protection”  in the left sidebar and hit the blue “Upgrade Subscription” Button.

Select the new plan you’d like to go with and proceed with the check-out.

Do you need help? Talk to our team via email or chat.

 

If you want to benefit from an additional email protection layer by using a set of blocklists like Abusix Mail Intelligence, you need to do configure your email server to query our service. We put a documentation page together for the most popular email servers.

You can check out more 3rd party integration here.

Our support team can help if you have any questions or use a system that isn’t covered in our documentation.

When you request a delist, we process the delist immediately by removing the offending item from the relevant list(s).

  1. Don’t panic!

    Don’t take it personally, everybody has issues at some point – we’re not interested in penalizing you, we just want to get the problem fixed and to get you delisted ASAP.

    If you have received a “bounce message” stating that your message has been rejected by Abusix Mail Intelligence, then this will usually include a clickable link e.g. https://lookup.abusix.com/search?q=x.x.x.x – so click this link which will then show you which lists you are listed on.

  2. Either click this link in your bounce message or go directly to our Lookup and Delisting page
  3. Enter the listed IP/domain.
  4. If the IP/domain shows as being listed hit the red button: “Remove from list”
  5. You’ll get either forwarded to your existing Abusix account or you’ll get asked to create a free account on our portal
  6. Confirm your email address and log into your account (if you use this service for the first time)
  7. Follow the instructions within the portal to remove your IP/domain from the blocklists.

Do you need help? Get in touch with our team via chat or send us an email at [email protected]

For all blocklists, except for our Policy blocklist, we remove the listing entry immediately, but you will be immediately relisted should we see any further traffic exhibiting the same behavior that caused the listing in the first place.

Policy blocklist

Any delists on the Policy Blocklist are effectively permanent exceptions – you won’t ever be relisted and the exception will remain until we notice that the rDNS has been updated for your IP address (at which point we will re-test it and remove it if it isn’t required anymore).

Check out more videos on delisting:

“Why Are My Delisting Requests Limited?”

“I am an Abusix Customer – Why Am I Still Getting Listed on your Blocklists?”

“Why Are My Delistings Limited, Although I am an Abusix Customer?”

 

Delists are processed immediately and we rebuild the DNS zone files every minute, so including the time it takes to reload the DNS zones, it can take up to 5 minutes before the item is delisted.

Where our customers synchronize a copy of our data that they serve locally to their mail systems instead of querying our service directly, it might take up to 15 minutes for the item to be delisted depending on their configuration.

If you find it is taking more than 15 minutes, then please click the chat button and send us a message along with the bounce message that you are receiving and we will investigate.

Compromised accounts are one of the biggest issues today.  These accounts are often used to send spam, phishing, and malware, which results in endless problems on several levels.

We create daily summaries of all the compromised accounts we’ve observed over the previous 24 hours add necessary metadata and send it to the affected Postmasters and Abuse Desks once per day. This service is free of charge.

We answered the most frequently asked questions on our internal docs page.
If you have any more questions, feedback, or suggestions, please feel free to reach out to us via [email protected] or use the live chat that is available on all of our sites.

 

No, these are all free services, so you don’t need to upgrade to a plan.

Generally – the answer is no. Neither service allows for the addition of 3rd party DNS reputation lists like our Abusix Mail Intelligence blocklists.

But if you are running email gateways in front of either Google Workspace or Microsoft 365 with your domain MX records pointing to these instead, using Abusix Mail Intelligence blocklists as an additional spam filter is indeed possible.   

The email gateways can then be configured to use Abusix Mail Intelligence blocklists to reject messages prior to sending them onwards to Google or Microsoft.

You are not sure if Abusix Mail Intelligence can be used in your case? Get in touch with our team – they are happy to help!

Yes, however, we only provide this for large providers.
If you are interested in using RSYNC, please contact us through the live chat on either our website or on app.abusix.com

We provide more than 10 different blocklists, such as IP addresses, domain datasets, hashed datasets for short URLs, drive URLs, bitcoin wallet addresses, and email addresses.

Most of our customers use our combined list, which combines our IP, exploit and policy list.

For additional filtering, we provide datasets like newly observed domains or newly observed mail IPs.

If you want to prevent compromised accounts within your network from sending outbound spam, you might want to check out our authentication blocklist.

An overview of all our different sets of blocklists can be found here.

Abusix Mail Intelligence protects you from all kinds of email-borne threats, such as spam, malware, phishing emails and compromised accounts.

Our blocklists (RBL/DNSBL) can be used as an inbound and outbound protection layer for your email security.

We provide both live chat and email support to customers and those with listing issues.

For customers using Abusix Mail Intelligence to reject mail, we ask that any rejection uses the text we provide, including the delisting URL.

If you find yourself listed on one of our blocklists, you can directly go to our lookup page and follow the instructions there.

Abusix uses industry-standard practices for its security controls; including, but not limited to firewalls, intrusion detection, change management, and written security policies.

Security at Abusix follows the ISO/IEC 27002:2013 standard.

For Abusix Mail Intelligence, there are three different tiers.

In order to calculate the most accurate price for you, we need to see how many queries you’re doing on a 10-day average.
That’s why all our tiers start out with a free 14-day trial, which lets you and us know how many queries you’re going to need to properly protect your mail servers.
It roughly equals the number of messages received per day but can be more, depending on the content and the lists you’re querying. You can jump on a quick call with our team if you need more info or send us an email at [email protected]

 

AbuseHQ employs a public cloud deployment model using virtualized resources, as a software-as-a-service (SaaS) solution. AbuseHQ is hosted at Amazon Web Services in Germany or the USA; which operates as ISO Certified Data Centers under German and US Privacy Laws respectively.

The most common causes are: compromised accounts, compromised WordPress servers, abused webforms, and abused sign-up forms.

Check out our #askabusix session on YouTube on how to best stay off email blocklists for more information.

Unfortunately, we’ve seen that anonymous delistings attracted a lot of abuse. Therefore,  you’ll need to confirm your email in order to use our delisting services.
Watch this video for more information.

If your IP/domain is listed, you will receive a “bounce” message telling you that your message could not be delivered.

You will be seeing a link to our Lookup and Delist service page where you’ll be able to see the listings. Once you have fixed the issue you can request a delist /removal. You’ll then get forwarded to our portal, where you’ll need to set up a free account (if you delist for the first time).

For more info on bounce messages, read this blog post. Wonder why you need an account?  This has been covered in this FAQ.

The only emails we send are to customers that opted-in to receive communications (e.g. newsletter).
Have you received a “Potentially Compromised account” email? Read here for more information

Adding blocklists as an additional email spam filter to your existing mail protection lets you save resources, speed up mail delivery, and protect your users’ inboxes from any email-borne threats.

Abusix Mail Intelligence can be seen as the first layer of defense for your mail servers that catches more than 99% of the incoming malicious traffic in less than 1 second.
This will free up your resources for your existing in-depth spam analysis and for your team.

Start your free 14-day trial today to see what Absuix Mail Intelligence can do for you!

Get in Touch

Talk to us

Do you want to remove your IP/domain from one of our blocklists?
Please use our lookup-service and follow the instructions there in order to get that resolved.