Digital Ocean IP's being blacklisted by more and more ESP's

https://accounts.mxroute.com/index.php?/news/view/10/digitalocean-ips-blacklisted/

News: DigitalOcean IPs Blacklisted

Published: 2021-10-30

It is with a heavy heart that I add all of DigitalOcean’s IP address space to our in-house RBL, MXRBL. The spam from their network has ramped up within the last 24 hours to a degree that can only reasonably be called a DDOS attack against our mail servers. The amount of legitimate mail from their network no longer comes close to outweighing the attacks of pure spam. Because users can spin up a server, hammer out spam, and then simply spin up another, and another, and another with no end means that there is no reasonable way to target this but to target the problem: Their network.

If you are sending emails from a DigitalOcean droplet to yourself, you need to use SMTP authentication to send email THROUGH our service, rather than running your own DO-based email server to send mail TO our service.

No request to delist a DigitalOcean IP address will be accepted unless it comes from DigitalOcean staff, and even then only when their staff indicates that they have actually made a successful effort to halt the spam. Please direct all complaints to the problem, DigitalOcean, and not to us. Together we can make the internet a better place, and sometimes that means taking a hard stance against a problem. No one can be allowed to seek profit without accountability, with impunity. You deserve better, and you shouldn’t be supporting that behavior.

This should not stop DigitalOcean customers on our platform from receiving account emails from DO. Not even DigitalOcean themselves dare to use their IP addresses to send mail.

===========================================================
We really should consider removing DigitalOcean from the set up guide as a recommended VPS provider and replace it with Linode based on the comment in another topic here:

Or as @openletter indicates below … we should look at the threads that have been posted for recommendations of good VPS providers.

4 Likes

My original reason for not using Linode was a 39 KB/s connection rate. They have other issues.

EEK!!! So maybe I should retract the last part of my message, eh?

I think I’m really saying to provide a list of possible ISPs.

1 Like

Yes, good idea … there are a couple of threads already on the subject. It is too late for me tonight to locate those threads and include links here though.

Wow, that’s going to be a lot of IP addresses.

I tried setting up a mail server on DO droplet a couple of years ago, and gave it up and moved to another server pretty quickly, it was already blacklisted all over the place back then. Most of them would delist it when asked but 48 hours later it was listed again, it was just going to be a never ending task.

1 Like

FWIW, I have no issues with Linode, servers located in Asia.

I’m pretty sure they wouldn’t be in business if everyone had that issue. My actual bigger problem with them was after troubleshooting it with tech support they told me it isn’t their responsibility to make sure my ISP can get a good connection to them. I’m like, isn’t that what you do?

I wonder if they block all locations, I’ve never had any issues using DO in their AMX datacenter (Amsterdam, Europe).

Digitalocean, Linode, Vultr… you name it, most of the VPS providers ip ranges are already blocked. If you even find clean one it means spammers also will find soon and no guarantee their ips stay clean.

Emails from these providers cant even make it to the spam, directly rejected from some email providers such as icloud.

You can check if your ip blocked from icloud. No chance if you use vps from those providers.
https://ipcheck.proofpoint.com/

Another place to check if your ip blocked:

Even you don’t care if your emails are spammed / blocked, your online accounts also in danger of getting blocked if you use these emails with blocked ips.

My gumroad account blocked because my email for this account was from my mailinabox instance from digitalocean. I’m told my email address ip previously used for mass spam attack (my account reactivated after my support ticket). Here is the respond from gumroad support:

Teams of spammers based in Ukraine and Vietnam have been using VPNs to “spoof” different IP addresses to create Gumroad accounts. They then use these Gumroad accounts to post spammy links to pirated music and movies, or phishing websites. They’ve created around 750,000 accounts in the past year doing this.

My alternative solution is using paid smtp relay services such as aws ses or sendgrid. But not sure using another services aligns with mailinabox intention.

If anyone else have another workarounds looking forward to hear.

Thanks.

Edit 1:
Let’s say a VPS provider has ip ranges 0 to 10 and you got 3 as your ip 5 years ago, all clean, no issues. Then spammers started using this VPS company’s ips 1,2,4,6,10 for spamming. As far as I know reputation companies don’t bother with the individual ips and blacklist whole ranges 0 to 10 form this VPS provider. Doesn’t matter how good reputation you have on the 3.

I’ve been using Vultr for I think 5 years or so and no issues.

I inbox everywhere.

My response would have been “So, what does that have to do with my email provider? Nothing!”

Might I suggest AnyMXRelay - AnyMXRelay - AnyDomain LLC

Quite honestly, due to spammers, in most cases you really should use a SMTP relay to a reliable provider. Sadly, the few bad actors spoil everything for the rest of us. :frowning:

The problem quite frankly is that these providers do not care so much about their IP reputation as they do about making a fast buck.

They could easily kick these spammers off their network at the first sign of trouble - but that costs money.

1 Like

Hi,

I use DO to run MIAB. My box is hosted in their Amsterdam, NL center.

I run this box for over 8 years now and I must say that I have few problems with being seen as a spammer. My IP address in not blacklisted if I check on mxtoolbox. ipcheck on proofpoint.com also says it is not blocked. Only mail addresses to mailservers hosted by Microsoft are problematic, but for those I have setup a relay via Sendgrid. As we do not have too many of those, it is even free (less than 100 mails per day).

I have setup MIAB both as a mailserver and a nameserver for a dozen of domains, and I am very pleased with the way it works and can be administered.

When setting up a mail server on a new IP address, you don’t have a reputation, and it is true that most addresses are blocked in blocks. But please do not give up too early and try to convince those who block you that you are not a spammer. In the 8 years that I run MIAB, I have done so on several occasions, and aside from M*soft I have succeeded each time.

If we all give up and start using only the big players to run our mailservers, they win. And that is not what we (for sure not me) want.

One important thing to do is that you must configure your box to play by the rules a much as possible. I know that MIAB already gives you a lot, but sometimes it is that extra bit that really makes the difference. And it is als very important that the mails you send comply to the rules!

Some tools I use to check the mails we send and the reputation of our server are:

mxtoolbox.com (they have several tools you can use, like blacklists, DMARC, SMTP, etc…)
mail-tester.com (try to get a score of at least 9 but aim for the 10)
Good luck!

Hein

1 Like

Also to say that specifically for gmail, it’s not all about IP reputation, but also domain reputation.

The concept is that if the domain was registered very recently, gmail will be very suspicious and send it to spam. I have moved my MIAB onto another address (though, it was the same ISP/provider) and after that period of having to wait until DNS settles down it began inboxing on gmail right away.

Ironically my old IP is listed on proofpoint, but not the new one. May or may not be related to the fact that the new IP is assigned to dedicated servers?

I first set up on DO last winter. It was a US center, but I don’t remember which one. I had a number of problems. Most were relatively easy to remedy with a delisting request. However, I was never able to get any email to a Microsoft family address (hotmail, msn etc). My range was always on the uceprotectl3 list with very high incident numbers for the range.

I finally switched to Linode. I looked at Vultur, but I think there was an issue with DNS that made Linode a better fit for me. I now have two domains there on different boxes. One was moved from Bluehost and boy was that a pleasant change. That was late spring. Since then I have had little issue with being blocked. I was on uceprotectl3 for about a week, but it didn’t seem to affect anything. I was also recently blocked by Microsoft but I was finally able to get that mitigated.

Linode support has been very responsive. If you let them know you are running a mail server they can tweak IP stuff to be less likely to be blocked. I Had an issue where Zenbl was listing my IPV6 range. Linode support was very helpful by giving me a more private IPV6 range for each box. They were also very patient and helpful walking me through how to work with IPV6 addresses—I had never really done that before. They had lots of really good documentation too.

I think that anywhere you go, without paying a lot of money, there will be issues. It just seems like they were easier to resolve with Linode.

Thanks for input, it seems if you create dedicated droplet it assigns a clean ip. They are expensive but good to know that we can get clean ip that way.

I’m using Vultr, and it took them 2 days to open port 25.
They ask what is the intend to create a mail server, it’s almost intrusive, here are the questions:

*Thank you for contacting us. We have received your SMTP Unblock request. However before we can remove this block, we must verify additional information. *

Please reply to this ticket with the following information:
1. The business name and organization URL(s) under which you offer services.
2. Describe, in as much detail as possible, the nature of the emails you intend to send.
3. The volume of email that you plan to deliver on a daily/monthly basis.

We need to know this information to make an informed decision regarding your account settings.

I think they are doing it right…

Agreed.

UpCloud ask a very similar set of questions.