Spamhause has marked all digitalocean ip range

Posted September 3, 2017 13.4k views
Arch LinuxEmail

Spamhaus has marked all Digitalocean IP range as spam, which causes my emails to bounce.

so if your email server is in the range:

you are marked as spammer.

in order to whitelist any IP in this range, they want digital ocean representative to talk with them, but DigitalOcean support is doing nothing about it.

your support timing is intolerable, more than 5 hrs since I’d sent you a request about it, and no answer, this problem affects THOUSANDS of your customers!!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
9 answers

I bet many people came into this topic from google to find out CDIR of Digital Ocean to block them all.
here is the list
enjoy the speed improvement after blocking Digital Ocean.

Why are you sending emails from shared IP space if you care about deliverability?

  • Are serious?
    What is shared about DigitalOcean IP?

    I am having a dedicated email VPS with dedicated IP.
    everything works fine in the last 3 years, this is not a shared hosting.

    Are you suggesting that in order to have a mail server I can’t have a VPS?

    • You’re in shared IP space. If you care about deliverability, use something like Sendgrid.

    • Whether it’s a shared or a dedicated IP address, Spamhaus listing can happen at both. Definitely in shared the chances will be much higher. I would recommend two best practices to this forum:

      1. Prior to choosing any email sending server, use tools like GradeMyEmail or Multirbl to check the reputation of a sending IP address.
      2. Listing can happen anytime - so schedule Weekly Alerts for IP reputation monitoring.

And if I want to have my own server?

Any IP space is by definition shared, it just makes no sense to block an entire space!

Digital Ocean has a hacker that they refuse to drop as a customer. I have complained about “stretchoid” for months. Unfortunately the is down, but here is a typical complaint about “stretchoid” using Google archive:

Can Spamhaus block an entire IP space. Yes they can. If they feel the vendor is doing nothing to control spam and hacking, they block the entire range with the assumption that the hacker will just get a new IP in that range.

I posted a rant on this very topic a few days ago with little response.

I use FreeBSD, otherwise I would have left Digital Ocean a few months ago.

  • I am fighting with DigitalOcean support team for just send an email to Spamhause and ask them to whitelist the domain.

    DigitalOcean is having very bad service regarding this issue.
    Three days had passed and they haven’t take care of this problem, I had emailed Spamhause several times and Spamhause claim that DO never tried to reach them in order to fix this problem.

    • Well it is a holiday weekend in the US.

      I can tell you that DO support will do their best not to contact Spamhaus. When I had trouble with SpamRL, DO supported suggesting I move my Droplet to a range that SpamRL didn’t consider toxic. That really doesn’t solve the problem.

      They probably need a directive from the top. I see is working again. I plan on sending the CEO a packet of documented spam coming from his company. I suggest you snail mail the CEO with the Spamhaus report.

      This is the only “192” from DO that has hacked me. Most of mine start with 45.

      Now that I have read the Spamhaus link, I see it is a freakin’ botnet controller. I should think shutting down a botnet controller would be job number one. This falls under being a good “netizen”.

      For the most part, I just block hackers where appropriate. The only circumstance where I bother to waste my time ridding the world of a compromised server is when it comes from critical infrastructure or a financial server. It takes considerable work to find a person in charge that actually believes you, some random person on the internet, that their server is compromised. I will spare you the stories, interesting that they are.

      In the meantime, I’m adding all those IPs to my blocked addresses once I can figure out how to scrape them.

    • Yes, I have same experience with DO support team, I think DO support team is suck !!!

      The reason always that they have a lot of tickets queuing so it’s take some days to reply the ticket.

Just purchased a droplet to try it and seen i cant send email. I thought it was just ISP but until I found this. Now, I am worried how can I send if spamhaus declining my outgoing mails.

This is very understandable result and I also blocked all Digital Ocean IPs to protect our customer.
I guess most of service providers who has brain would do the same.

also firewalls automatically share the scanner IPs and no.1 will be Digital Ocean. and they do not seem to care as long as the IPs are not UK and IE.

I am also having the same issue. I guess I am just one of the many of thousands of Digital Oceans customers that are also experiencing the same issue.

What the??????? This needs to be resolved ASAP!!!!

This has happened once again apparently due to a “credit card fraud gang” hosting fake sites on the DigitalOcean system:

I’ve asked Spamhaus to remove our IP address from the block list. REALLY annoying!

Hello all,

In our public community, we aim to answer open questions about anything SysAdmin, DigitalOcean and beyond. However, we make every attempt to keep personal information safe and so don’t ever access personal account information here. This means we can’t provide help with any account or billing-related issues.

Please reach out to our amazing support team who will be more than happy to assist you.

Hope that helps!