Why do IP addresses get blacklisted?

Whether you’re a small business or a large company, being able to email your customers when you need to is essential. However, this vital capability can be compromised due to many reasons. This includes malicious hackers gaining unauthorised access to mailboxes or vulnerable websites to send spam.

The more spam that gets sent, the more likely your email address, domain or even your ISP's mail server will be placed on any number of IP blacklists. But what does IP blacklisting mean, why does it happen, and how can you avoid it? Find out more below.

What is an IP address?

Devices use IP addresses to communicate with each other and make connections. Each device on a network has its own IP address so it can connect and communicate with other devices, and all websites also have their own IP addresses so they can be found (although these IP addresses map onto easy-to-remember domain names so that users can access them).

There are two main types of IP address: static and dynamic IP addresses. A static IP address never changes, whereas a dynamic IP address is assigned by the network when a device connects and can change over time. Your ISP (internet service provider) will likely have a small pool of allocable IP addresses that it rotates around each device and assigns through the Dynamic Host Configuration Protocol (DHCP).

What does 'blacklisted' mean?

Blacklists are most commonly a collection of emails or IP addresses which have been flagged for sending spam. Many email hosting providers will use these public blacklists as part of their overall efforts to limit the spam they receive to their network. They regularly undertake an IP blacklist check and block communications from IP addresses that are suspected of malicious activities. The blacklist itself is a list containing ranges of IP addresses that are blocked.

The purpose of this is to guard the web and other internet servers from attack. This is achieved by setting rules within the host’s server software or hardware routers about what is treated as an attack and then stopping the computers from connecting to that traffic again.

This isn’t just emails being redirected to an inbox’s spam folder, however. When an IP address is blacklisted, all emails sent will instead be bounced back until the IP address is removed from the blacklist.

Why does blacklisting happen?

Being blacklisted is triggered by a variety of set criteria. For example, if a certain amount of spam traps are hit or suspected mail spam is received from a particular email/IP address within a certain time frame, an email provider like Google or Hotmail will realise the IP address it comes from. In response to this, they’ll blacklist the IP address and any email sent from it will bounce back.

As the spammer shares the host, and therefore the IP address, of hundreds of people, innocent users will be included in the blacklist and be unable to send emails through no fault of their own. This is why it’s so important that the host is able to prevent or quickly remedy the situation and process IP blacklist removal as soon as possible.

How does blacklisting affect me?

If your host’s IP address gets blacklisted, any email that you or your company sends will get bounced back by the recipient’s email provider if they’re using the same blacklist.

For an individual, this can be highly irritating. For a company’s marketing department that relies on email marketing to reach a huge volume of customers, this can be much worse. Having your IP address blacklisted can reduce your fancy new online marketing campaign to tatters.

At Fasthosts, we understand just how important it is that the emails of our customers work smoothly without interruption. With our dedicated specialist team, we work proactively to prevent IP blacklisting.

Is my IP or email address blacklisted?

If you're worried that your IP address or email might be blacklisted, there are easy ways to check for certain.

A popular tool for checking if your IP address or email is blacklisted is MXToolBox. It checks 100+ blacklists to see if your email address or IP is on any of them. If your address is found on any of them, IP blacklist removal is possible. Usually this is by resolving the issue that caused your IP to get blacklisted, then requesting to be taken off the blacklist, or 'delisted'.

You can also use the Fasthosts blacklist lookup tool. We constantly monitor the type and quantity of emails sent to our servers, and we block the IP addresses of mail servers that send large quantities of emails we categorise as spam. Simply enter the IP address of your email server into the search bar to discover if you’ve been blacklisted.

Why is my IP blacklisted?

You might be asking 'Why is my IP address blacklisted?'. There can be many reasons and we've taken a look at a few below.

1. Compromised hosting services

It may seem harsh to blame legitimate customers but a large portion of all global spam is caused by the compromise of existing hosting services. For example, a compromised mailbox password or a website vulnerability caused by not updating a third-party WordPress app can lead to exploitation. Once a hacker has achieved this, they are free to send spam on their behalf, often in the form of a phishing attack. In many cases, the owner of these services is completely unaware that their services have been used to send spam.

2. Unwitting marketers

Another cause of IP address blacklisting is when a genuine email marketer gets wrongfully judged as a spammer. A large proportion of marketing emails are flagged as spam because the senders don’t follow so-called ‘best practice’. Examples of best practice include having unsubscribe links on emails or ensuring that all recipients have signed up using a ‘Confirmed Opt-in Process’.

3. Professional spammers

Nonetheless, the primary reason that IP blacklisting occurs is because of malicious parties who knowingly sign up for hosting services with the sole intention of using a platform to spam. Their usual aim is to send emails that look like they are from another party or organisation in order to harvest personal data or even infect other networks with viruses or malware.

If hundreds of other blameless people are operating from the same server as the professional spammer, they unfortunately have to suffer the fallout when the IP address they share is blacklisted.

To prevent this, at Fasthosts we have a dedicated team with a number of measures in place to ensure that our customers’ emails are always working as they should. The first action performed by the team is initiating a pending signup process so they can check on new accounts that have been opened. This can identify any trends and traits of previous offenders to pre-emptively prevent any issues.

All customers that do sign up are also tracked so that any unusual behaviour is detected so that fraudulent actions are stopped. By sensing any issue early, the Fasthosts team can act to prevent it quickly.

4. Dynamic IP addresses

If your device uses a dynamic DHCP address, you could be blacklisted through no fault of your own. For example, if you’re assigned an IP address previously used by a spammer, this could put you on the blacklist. Many users are added to blacklists unnecessarily through the addition of a whole host of DHCP addresses, so if this happens to you, make sure you send a removal request as soon as you notice your IP on a blacklist.

If you own a business, it may make more sense for you to get a static IP address to avoid this potential issue. This will help ensure that you aren’t banned due to someone else’s actions.

What to do if your IP address has been blacklisted

Often, IP addresses can be blocked temporarily (such as if you enter your login details incorrectly too many times), so all you have to do is wait for the ban to be lifted. However, if your ban isn’t temporary, this could be very disruptive to your day-to-day life – especially if you have a business to run.

If you’ve found your IP address on a blacklist, you first need to ensure that your network is clean before you send a removal request to the blacklist site. Your removal request won’t be approved if your devices are infected with malware, and even if you did secure a removal, this would only allow the virus to spread.

Another option is to change your IP address to circumvent the blacklisting. If you can’t get your removal request approved, even after removing all viruses from your devices, this may be the best way to get your full email abilities back if you need them for your business.

Fighting spam works both ways

Preventing spam is more than just the problem of your particular email host – it’s an issue across the industry. Because of this, companies try to help each other by communicating. If our infrastructure is being used to send spam, we at Fasthosts need to quickly work out where it’s coming from so it can be dealt with quickly. The longer the spam activity occurs, the more this has a negative impact on our server IP reputations, which will ultimately lead to blacklistings.

To help us achieve this, we use a number of spam feedback loops from a variety of major email providers, such as Microsoft. These feedback loops provide Realtime notifications when Microsoft recipients mark any email received from our servers as spam. As for protecting our own network for inbound spam, Fasthosts also uses Realtime Blacklists to help us verify that mail received to our network is from a legitimate source, rather than spam.

A key part of how the Fasthosts team reacts so speedily to threats is by listening carefully to our customers. Similarly, the education of our customers on how to adopt security-conscious processes, such as looking after their login information, is vitally important for our team.


If after reading our post, you're asking 'is my IP blacklisted?', don't hesitate to find out. Get in touch or find out for yourself if your domain has been blocked by someone else.