One of my friends came to me with a weird issue to which even I had no answer. I hope somebody could give a solution. He has a server in which he is hosting a few domains. Now there is one guy somewhere who is pointing domains to his server's IP though not hosted on his server and sending out spam emails from his local ISP's server. As a result, the server's IP is getting blacklisted though my friend has no role in sending spam. His server's IP is getting blacklisted only because the domain is resolving to his server's IP. The spammer is smart enough and would change the domain name if the domain name is blocked by either complaining to the registrar or the registry or ICANN itself.

I have never come across such an issue in my life, but am interested in finding a solution for it as it may be a great case study and could help a lot of hosters.

Can anybody suggest a solution?

Well not helping too much I know, but, you fiend could put a page up for the domain that simply explains what is happening, and more importantly putting down as much information as possible that they know, he seems to have found out the ISP that is allowing it etc.

Name and shame is always a good way to try and resolve it, then the more information you gain put up on the page.

I don't think it can be of any use. Besides the domain owner may point some other domain on the IP. Also, your solution suggest that my friend should put up a page defaming the domain on the server so that if anybody accesses the IP from the browser, he gets the defaming content. He is running multiple websites on the IP and hence this solution cannot work for him. There should be some other ways too.

I'm sorry, but what you describe is hardly possible.

When a spam mail is reported, steps are always taken based on the IP address in the header of the e-mail, hence the sender's IP address. Only if the sender spoofs the header, then your friend's server IP might get blocked.

So, the reason for being blacklisted is noy just because the domain owner points the domain to your friend's IP.

I can advice your friend to contact all organisations he is blacklisted with, provide some kind of proof that the domain isn't hosted on his server, explain the suspected spoofing, and ask to be whitelisted again.

Best of luck!

Tell your friend to contact his server people and tell them this issue. Better move away these domains from your DNS servers and put back to your domain manager..

Tell your friend to contact his server people and tell them this issue. Better move away these domains from your DNS servers and put back to your domain manager..

I agree to all the suggestions and myself had thought about them. However, there are glitches in them too.

1. If the host blocks him, then he will go to some other host. Also there are so many DNS services available.
2. If the domain is blocked, he may register another domain and do the same stuff again.

If that guys is up to some mischief, then he will find ways to trouble. All I think is of nabbing that guy and getting him punished. But that seems to be not to easy as he belongs to a different country. Is there any other way anybody can think of?

I suppose such client should be banned and removed from the server.
I suppose that is problem of web hosting company. They should remove him and delist the IP or provide new one.