Blacklist Monitoring
Automatically check whether your clients' domains appear on spam and malware blacklists — before it damages their email deliverability or SEO.
What is a blacklist?
Blacklists (also called RBLs — Real-time Blackhole Lists, or DNSBLs — DNS-based Blackhole Lists) are databases of domains and IP addresses that have been flagged for sending spam, hosting malware, or other malicious activity.
Email servers around the world query these lists to decide whether to accept or reject incoming mail. When a domain or its IP is blacklisted:
- Outgoing emails land in spam folders or are bounced entirely
- Google Safe Browsing may show a "Deceptive site ahead" warning
- Some corporate firewalls block access to the site
- SEO rankings can be impacted
How SiteBrief checks blacklists
SiteBrief checks the domain (and its resolved IP address) against major blacklist databases once per day. The check happens automatically in the background — you don't need to do anything.
| Status | Meaning |
|---|---|
| 🟢 Clean | Domain and IP are not on any checked blacklist |
| 🔴 Listed | Domain or IP appears on one or more blacklists — alert sent immediately |
| — | Blacklist monitoring is disabled for this site, or the check hasn't run yet |
ℹ️
Note:Blacklist monitoring must be enabled per-site. Go to the site's Settings panel and toggle "Blacklist monitoring" on.
Which blacklists are checked
SiteBrief checks against the most widely used RBLs, including:
- Spamhaus ZEN (SBL, XBL, PBL)
- Barracuda Reputation Block List (BRBL)
- SpamCop
- SURBL
- URIBL
- Invaluement ivmSIP
- Proofpoint Emerging Threats
- MX Toolbox common lists
What to do if your client is blacklisted
Getting delisted is a multi-step process. Here's what to do:
- 1.Find out which blacklist— the SiteBrief dashboard shows which specific list(s) the domain/IP appears on. Look at the "Blacklist listed on" field.
- 2.Find the root cause — common reasons: hacked website sending spam, compromised email account, shared hosting IP with a bad neighbor, or a misconfigured mail server.
- 3.Fix the underlying issue — clean the malware, secure the accounts, patch the vulnerability. Requesting delisting without fixing the cause will just get you relisted.
- 4.Request delisting— each blacklist has its own delisting process. Visit the blacklist's website and submit a delisting request. Spamhaus and Barracuda both have self-service delisting for legitimate domains.
- 5.Monitor for re-listing — the SiteBrief daily check will notify you if the domain is re-listed after removal.
🚨
Important:Never request delisting before fixing the root cause. Most blacklist operators will deny repeat requests and extend the listing period.
Common causes of blacklisting
| Cause | Solution |
|---|---|
| Hacked WordPress / CMS sending spam | Scan with Wordfence or Sucuri, remove malware, update all plugins |
| Compromised email account | Change all email passwords, enable 2FA, check mail logs |
| Shared hosting with bad neighbor | Ask host to move to a different IP, or switch to a dedicated IP |
| No SPF/DKIM/DMARC records | Set up proper email authentication records |
| Open mail relay | Configure server to only send authenticated mail |
| Purchased email list | Stop using purchased lists — use only opted-in subscribers |
Frequently asked questions
My client is listed — how long does delisting take?
It depends on the blacklist. Spamhaus usually processes delisting within 24 hours after fixing the issue. Barracuda can take 24–72 hours. Some smaller lists are manual and may take a week. SiteBrief will automatically show "Clean" once the listing is removed.
The domain is clean but email is still going to spam — why?
Blacklist removal doesn't instantly repair a domain's sending reputation. Email providers (Gmail, Outlook) maintain their own internal reputation scores. It can take 2–4 weeks of sending clean, engaged email to rebuild reputation after being blacklisted.
We're on shared hosting — does the blacklist affect the IP or just our domain?
Both can be listed separately. If the shared server's IP is blacklisted, all domains on that server are affected — even ones that did nothing wrong. Ask your host to move you to a clean IP, or switch hosts.
How often is the blacklist check run?
Once per day. If you need to verify manually after a delisting request, you can check with an external tool like mxtoolbox.com — SiteBrief will update automatically in its next daily check.