QUICK LOOK • Blacklists, also called 'blocklists', are lists of servers or domains that have been identified by a provider as being a source of spam. • There are dozens of blacklists across the Internet; however, only a handful are considered reliable enough for widespread usage. • The criteria for appearing on blacklists are different for each list, and may be factbased or completely arbitrary, making it sometimes challenging to get removed from blacklists. • Given the unique nature of each blacklist, appearance on a blacklist may or may not present meaningful deliverability challenges.

OVERVIEW A blacklist is a list of mail servers (or domains) that have been identified by an individual or group as senders of spam. Some lists are compiled automatically, while others are manually compiled by individuals. Blacklist services range from respected and formalized groups to one-man operations, sometimes self-appointed vigilantes of the world. Both methods can be extremely arbitrary and often result in "false positives" (e.g. email desired by the recipient that does not get delivered due to filtering or blocking). There is no single reason a sender may get listed on a blacklist. In general, blacklisting services target companies perceived to be sending spam. Typically, this is because the group or individual maintaining the blacklist has received unsolicited email from the listed server. Some public groups, such as SpamCop, base their listings on the number of complaints issued from consumers. Even one complaint can cause a block to be issued. There also is no one single source for blacklists, making it difficult if not impossible to identify every blacklist currently active. Some public blacklists are utilized by a significant number of ISPs and corporations but most do not seriously impact overall deliverability. The important thing to remember is that a public blacklist can only affect an email marketer if that mailer delivers to a domain that uses the blacklist to filter incoming email. A blacklisting service does not have the ability to block your email without the full cooperation of the administrator that manages incoming email for those recipients. Senders should keep this in mind if they find they are listed on a smaller blacklist, in particular. In these instances, it is most likely that only very few (or zero) members of a contacts list will be impacted by the blacklisting. Many less recognized blacklisting services do not have a mechanism for resolving email block disputes. Even services that are more widely recognized and used by large companies have limited resources to respond to challenges from legitimate email marketers. This makes getting removed from a blacklist a slow and resource-intensive process for everyone concerned.

Disclaimer: This document is for informational purposes. It is not a commitment to deliver any material, code, or functionality, and should not be relied upo in making purchasing decisions. The development, release, timing, and pricing of any features or functionality described in this document may change and remains at the sole discretion of Oracle Corporation.

1 BRIEF / Blacklists Deliverability Intelligence

PRIVATE AND PUBLIC BLACKLISTS There are over 200 publicly available lists currently being used by smaller ISPs and corporations to protect their systems and their users from unsolicited bulk email (spam). Being listed in one of these lists will prevent email from being delivered from any listed servers to the users of these blacklists. Private email blocking systems are those developed and maintained internally by corporations or ISPs such as AOL, RoadRunner and CriticalPath, whereby they create their own rule set or list of IP addresses or servers they choose to block. ISPs such as Hotmail and Earthlink/Mindspring use both their own home- grown blacklists/filtering methods and a 3rd party company for their customers.

SPAMHAUS Spamhaus operates lists which have the biggest deliverability impact on most senders. It runs the Spamhaus Block List (SBL) and the Exploits Block List (XBL), and maintains the Register of Known Operations (ROKSO). A team of volunteers located all over the world maintains the Spamhaus Project. The SBL is widely used and protects as many as 40 million mailboxes. SBL The SBL is a real-time database of IP addresses of verified spam sources (including spammers, spam gangs and spam support services), maintained by the Spamhaus Project team and supplied as a free service to help email administrators better manage incoming email streams. This is one of the more respected blacklists and a listing on the SBL can significantly impact deliverability. XBL The XBL is a database of IP addresses of exploited machines. It is currently a mirror of the data from another blacklist (the Composite Block List (CBL) from http://cbl.abuseat.org). This list is a technical list designed to catch and stop infected or compromised servers from sending spam. ROKSO The Register of Known Spamming Operations lists hard-core spammers who have been kicked off 3 or more Internet Service Providers.

MINOR BLACKLISTS

Many blacklists are privately run, and are much smaller in scope than Spamhaus. As a result, they will have little to no impact on overall deliverability, but are essential to providing senders with warning signs for their mailing practices. Often, this type of listing is a precursor to more problems to come. SpamCop SpamCop lists spam sources based on reports from users of the SpamCop reporting system. SpamCop attempts to estimate the level of spam/legitimate traffic from each address reported. SpamCop is highly aggressive, and their processes result in numerous false positives, typically legitimate list traffic running COI (confirmed opt-in). Because of this, SpamCop is not widely used at major ISPs, and a listing does not have a large impact on the average mailing list. SORBS The Spam and Open Relay Blocking System (SORBS) was started in 2002 and lists servers that have been compromised. Over the years SORBS has expanded over time to include hacked and hijacked servers, formmail scripts, trojan infestations (particularly those with backdoors), and has more recently made the move to preemptively list blocks of dynamically allocated IP address space. More information is available at http://www.us.sorbs.net/faq/

Copyright © 2020, Oracle and/or its affiliates. All rights reserved.

2 BRIEF / Blacklists Deliverability Intelligence

ORACLE IMPACT Oracle is a devoted practitioner of permission-based marketing, utilizing industry best practices for all clients. With false positives and the arbitrary nature of some small, independent blacklisting services, keeping off 100% of all available blacklists may not be possible. Our goal is to minimize email blocking for all our clients, and our entire staff is dedicated to that goal. Oracle has developed a blacklist monitoring tool that regularly checks each client’s IP address and then sends out an email alert to our deliverability monitoring team with the status. The lists that Oracle monitors can be changed or adjusted at any time. We developed the current list by determining which blacklists have the most market share and are mostly widely used. It is typically only these blacklists that could have a significant impact on a client’s overall email deliverability. We take blacklisting very seriously and work with our clients to ensure that they stay off blacklists. Oracle has an internal team devoted to deliverability and ISP relations, which includes relationships with the better-recognized email blocking groups and blacklists. We also utilize external resources, including email industry associations such as the ESPC and other professionals, to resolve blacklist-related issues. Although Oracle can help clients improve email deliverability, eliminating false positives is an ongoing challenge for all email including legitimate email marketers and ESPs.

Copyright © 2020, Oracle and/or its affiliates. All rights reserved.

3 BRIEF / Blacklists Deliverability Intelligence