Outbound abuse from ISP networks can cause IP blacklists to categorize networks as bad. Once your clients are on an IP blacklist they are unable to communicate with their own customers via email – and then it becomes the problem of your ISP’s network abuse team. Prevention is always better than cure, so here are some best practices to reduce outbound abuse (and keep your customers off those blacklists):
Spam check outgoing emails
Today, spam accounts for up to 60% of all emails. Surveys have found that spam has led to decreased public confidence and trust in email.
According to a study done by the Radicati Research Group Inc., spam costs businesses $20.5 billion annually in decreased productivity as well as in technical expense. So as an ISP, it is imperative that you do your best to prevent it from happening with your customers.
Several vendors provide solutions for Hosting Providers and ISPs to filter outbound customer e-mail traffic – and drop spam messages to reduce their impact. Several solutions allow you to report messages detected as spam to your abuse desk management solution.
Throttle outgoing email
It’s important to set up simple throttling rules either for your customers’ emails or for entire domains. Throttling will ensure that your network abuse team stays on top of the emails that are flowing out of your servers as you do your spam checks.
Set up SMTP authentication
Reducing the amount of abuse through outbound platforms is a question of raising the bar. Have your customers authenticate with your SMTP servers to provide accountability for traffic and straightforward enforcement options when credentials are compromised or abused.
Strengthen customer passwords
As an ISP, you should demand that your customers use complex passwords and should offer two-factor authentication. Passwords should be set to expire regularly. Maintain a password policy history for each client to ensure absolute control.
Enforce Policies and Standards with Bulk Senders
The first thing to do as a provider to customers who send large amounts of email is to ensure your customers are following the MAAWG Sender Best Current Practices, which are the best common practices for electronic communications to reduce messaging abuse.
Contract with your customers to help prevent spam
ISPs should require that all their clients maintain a secure environment on their networks and within the services they offer. These should be outlined in the client’s contractual obligations, and clients must be legally obliged to notify the provider immediately if they receive reports of spam or any other issues.
Use tiered rights for valued customers
It makes sense to restrict the rights of new customers to your network. Only trusted accounts should be granted wider access as your trust in them grows. Restrictions can include:
- Server creation
- New domain creation
- Bandwidth increases
- API access
Use best practices on IPv6 networks
IPv6 provides so many addresses, there is no reason to share a single IP address with multiple customers. Each customer and each website should have its own unique address. This makes it far easier to track the source of abuse and makes it possible to block the offending customer, without blocking everyone else on the same host.
Stay on top of IP blacklisting
In order to track whether your clients are ending up on IP blacklists, it’s important to subscribe to as many relevant Feedback Loop reports as it is possible to process. Signing up for Feedback Loops will help avoid Domain Name System Blacklist (DNSBL) listings and will limit any reputational damage for your customers. It will also allow your staff to proactively deal with any compromised clients.
Companies like Abusix have specialist products like AbuseHQ, which quickly reveal insights that are buried with your noisy network abuse reports and security alerts. Forewarning signals ensure that you can quickly stop systems that cause blacklistings – allowing you to take real-time decisive action to improve your clients’ security and safety.
To find out more about proactively protecting your ISP from cyber attacks, talk to our team to discuss possible solutions.