I have a VPS in which I have about 40+ different domains. Our IP/VPS recently got "spoofed" by some foreign spammers and thousands of emails were apparently sent through our mail server. We were blacklisted about 1.5 weeks ago. We are told by our Hosts tech support that our IP is no longer blacklisted anywhere.
For ALL domains, emails being sent to gmail, aol, etc, continue to go directly to spam boxes
Our hosting provider has not had any recommendations/help to resolve this issue
Now I guess we have to consider a Hosting provider that has solutions for us.
Please help! If you are a provider with some knowledge on email security and can help us get out of this "spammer" label. We have hundreds of clients and people are pissed off now
Your IP is going to be blacked for many weeks unless you contact each email service directly, I would suggest you have your host change your IP or switch to host who monitors this type of activity, when running a VPS or dedicated you would eventually end up with spammers taking advantage of you and exploiting your server
You really should consider cleaning up the situation as the most effective and best way at resolving your issue. Changing your host and IP might only be a temporary fix for you.
It appears no one knows exactly What steps to take. Everyone says "contact gmail,aol, etc".. This appears to be minimal help as these service providers are huge and I don't know who specifically to reach out to.
I'd like to possibly keep my provider, but they've showed minimal recommendations on how to resolve this. Plus, The only reason we're at this point is because they did not protect our server from the bs
Two things that you should do is send email from a different IP with the same domains and send an email with a different domain from your current IPs. This will tell you whether your IP or domain(s) is the problem. You can take the necessary steps after that. If you're not sure, let me know.
Increase email deliverability and know who clicked and opened your emails.
www.senderbase.com will give you a list of multiple black lists --- however for the most part you are probably also getting plenty of email delayed / returned with 4xx / 5xx codes --- Scan your exim (or smtp server) log and look for these rejects / delays... Most of those will have a "refer to abuse.xxx.blah.com" type line in them that will lead you to a page that will let you fill out forms to get off the black list, they will usually ask you what actions you took to correct the problem.
The big issue is that this spoofing can be prevented on a decent scale with SPF records in your DNS entries --- This and keeping your IP clean by monitoring your email activity occasionally are essential for running so many clients on a single IP address --- I do this same line of work, and the work that you have ahead of you is no fun and very time consuming --- I've been there myself.
Best thing you can do now though is prevent further issues by ensuring your server IS secure and setup SPF records for your clients, ensure that your clients understand that if they send email using the domains you host they MUST use your server to do it once those records are in place. Watch your email logs as well to ensure that you are not getting excessive 5xx errors which is a good indication that a client is sending spam.