Outbound abuse from ISP networks can cause IP blacklists to categorize networks as bad. Once your clients are on an IP blacklist they are unable to communicate with their own customers via email – and then it becomes the problem of your ISP’s network abuse team.
Prevention is always better than cure, so here is a checklist of some best practices to help reduce outbound abuse and keep your customers off those blacklists!
1. Spam Check Outgoing Emails
Today, nearly 85% of all emails are spam. Surveys have found that spam has led to decreased public confidence and trust in email.
Spam costs businesses around $20.5 billion annually in decreased productivity as well as in technical expense. So as an ISP, it is imperative that you do your best to prevent it from happening with your customers.
Several vendors provide solutions for Hosting Providers and ISPs to filter outbound customer e-mail traffic – and drop spam messages to reduce their impact. Several solutions allow you to report messages detected as spam to your abuse desk management solution.
2. Throttle Outgoing Email
It’s important to set up simple throttling rules either for your customers’ emails or for entire domains. Throttling will ensure that your network abuse team stays on top of the emails that are flowing out of your servers as you do your spam checks.
3. Set up SMTP Authentication
Reducing the amount of abuse through outbound platforms is a question of raising the bar. Have your customers authenticate with your SMTP servers to provide accountability for traffic and straightforward enforcement options when credentials are compromised or abused.
4. Strengthen Customer Passwords
Customers should use complex passwords and ISP’s should offer two-factor authentication. Passwords should be set to expire regularly. Maintain a password policy history for each client to ensure absolute control.
5. Enforce Policies and Standards with Bulk Senders
As a provider to customers who send large amounts of email, it is important to ensure that your customers are following the MAAWG Sender Best Current Practices, which are the best common practices for electronic communications to reduce messaging abuse.
6. Contract With Your Customers to Help Prevent Spam
ISP clients should be required to maintain a secure environment on their networks and within the services they offer. These requirements should be outlined in the client’s contractual obligations, and clients must be legally obliged to notify the provider immediately if they receive reports of spam or any other issues.
7. Use Tiered Rights for Valued Customers
It makes sense to restrict the rights of new customers to your network. Only trusted accounts should be granted wider access as your trust in them grows. Restrictions can include:
- Server creation
- New domain creation
- Bandwidth increases
- API access
8. Use Best Practices on IPv6 Networks
IPv6 provides so many addresses, there is no reason to share a single IP address with multiple customers. Each customer and each website should have their own unique address. This makes it far easier to track the source of abuse and makes it possible to block the offending customer, without blocking everyone else on the same host.
9. Stay on Top of IP Blacklisting
In order to track whether your clients are ending up on IP blacklists, it’s important to subscribe to as many relevant Feedback Loop reports as it is possible to process. Signing up for Feedback Loops will help avoid Domain Name System Blacklist (DNSBL) listings and will limit any reputational damage for your customers. It will also allow your staff to proactively deal with any compromised clients.
Using a blocklist like Abusix Mail Intelligence as your first line of defense for your mail servers is one of the most cost-effective ways to stop all kinds of email-borne threats. Start your free 14-days trial today to protect your mail server and your user’s inboxes.
To find out more about proactively protecting your ISP for cyberattacks, download our free e-book: An Abuse Agent’s Guide: Some Tips and Tricks for Every Abuse Desk.