Digial Ocean Servers IP blacklisted

November 8, 2013 3.8k views
Hi. I have set up 2 droplets with Digital Ocean now and both have had IP addresses appear as blacklisted which has resulted in email not getting through to a clients email. I have raised ticket with Digital Ocean and on both occasions I have been informed I will need to generate another droplet Both instances are Ubuntu 12.10 x64 Has anyone else experienced any issues with blacklisting like this. That is 2 consecutive IP addresses that have been blacklisted and I am wondering whether there is a vulnerability or some issue in the set up of the sever. The Digital Ocean prices and ease of use are a big pull for me but I am loathed to spin up another VPS and disrupt a clients website for the 3rd time in 2 weeks if I am going to experience the same issue. At the moment I am considering cancelling my account and switching to another provider such as bytemark.
1 comment
  • Same here, a fresh droplet with a new IP is on the blacklist of t-online.de - I think the reason could be that the IP was belonging to another droplet in the past (1 droplet = 1 IP) and there was some heavy emailing going on. Or the other provided just blacklisted an entire range of IPs of Digital ocean.

2 Answers
IP addresses get blacklisted for a number of reasons, however the real challenge is getting off these blacklists. With a little effort, and patience it is however not impossible. Just find out who's blacklisting, and contact those providers to first identify the reason, and learn what you'll need to do in order to be removed.

You'll find most providers if approached correctly, will work with you to remove you from a blacklist, unless ofcourse you caused the IP to be blacklisted. Also make sure if you're letting clients use your droplet(s) for email, that they are not triggering the blacklisting.

It's also a good idea to subscribe to provider "Feedback Loops" so that you can track complaints, and address them accordingly.

I deal with blacklisting issues at least once every 3 - 4 months as a result of a server which sends out a large amount of email, though annoying to deal with, you learn a lot, and actually build good relations in the process when you're willing to take the time to deal with these matters.

"I am wondering whether there is a vulnerability..."

This could very well be.

"The Digital Ocean prices and ease of use are a big pull..."

For a segment of folks that have never tinkered with -- let alone managed -- a server before. In other words, DO's low price point will attract a lot of people that don't know what they're doing and/or people that casually employ lax security measures b/c a compromised server can be easily destroyed (at no additional cost) and a new server can be spun-up from a snapshot or backup (at no additional charge).

For example, a mail server can easily end up blacklisted if the /etc/hosts file is not properly set to reflect the server's Fully Qualified Domain Name. For instructions on how to properly configure the /etc/hosts file, check out Setting the Hostname & Fully Qualified Domain Name (FQDN) on Ubuntu 12.04 or CentOS 6.4 | GitHub.

As Peter noted, if you discern with whom your IPs are blacklisted, you can get things cleared up by contacting the company/service provider that maintains the blacklist, directly.
Have another answer? Share your knowledge.