Frequent Web Server Blacklisting - What to do?
For at least a couple of years now, on and off, our supported dedicated web server has been frequently added to a handful of blacklists (UCEPROTECTL1, SPAMCOP etc) and suffered, during that blacklisting, a Poor reputation on senderbase.org.
The result is a series of calls and emails from upset clients who host with us complaining that their outbound email is bouncing and that some inbound is not reaching them. Lasts for 7 to 10 days or so. Bit of a drag all round then.
The cause invariably is one our client's web hosting accounts being compromised and sending out thousands of emails.
When we discover we are blackisted - several hours after the problem first occurred - we change the passwords and gradually recover our reputation and are removed from blacklists. Until the next incident.....
There are, I'm afraid, rather a lot of accounts set up on the server - 283 in total.
And rather a mixed bag in terms of 'quality' - some tech savvy clients and others who may be less than diligent with their own pc security.
When we have raised this problem with our server's support they have suggested that we are always likely to have problems with such a large number of accounts - some with weak passwords and security.
And the problems keep on coming. 1 to 2 incidents a month.
Given that we appear to have no end of client's whose account's can be compromised, either on, or off, the server does anybody have any suggestions for what can we do to prevent thousands of emails being sent out - both short and long term.
I'm thinking of:-
- ways to configure the server to prevent thousands of emails being sent.
- Services which alert us to blacklisting
- ways to manage clients email going forward
Just for your info the server is :-IntelTM Xeon Starlake E5205 1.86Ghz (Dual Core), 2GB DDR2 ECC SDRAM, 50gig Diskless Storage, Linux CentOS.