IMPLEMENTATION DATE: 1st February 2021
Over the past few months, we have noticed a large increase in outbound SPAM activity, which has unfortunately led to a number of our IP addresses and subnets getting listed on RBL's.
As you are aware, we do provide the MailChannels service free of charge with each and every account which in most cases, prevents blacklists from affecting our email relays / delivery. However, due to the scale of those blacklists our IP address reputation has started to impact email delivery for some users which we needed to remediate with immediate effect.
After a detailed audit of our servers, we found the issue to have been caused by a common malware exploit, which has varying signatures (making it significantly more difficult to tackle). The role of those malware files, is to send bulk mail from within the account via PHP mail, with links to malicious and illegal content, such as externally hosted phishing sites.
Given the significant nature and impact of this, we had to take immediate action. So far, we have added over 450 new malware signatures manually through our BitNinja security suite, and have so far removed over 120,000 instances of those files from our servers, without any impact on service, and with a near 0% false positive rate.
Unfortunately though, this hasn't stopped the issue entirely. As such, we have made the decision to disable PHPMail() entirely across our network, limiting relays via SMTP only.
From what we have seen so far, most of you have already configured an SMTP plugin in your WordPress sites, and if this is the case, this change doesn't impact you at all.
For those of you who are using PHP applications to relay messages, or have WordPress installations using the default 'phpmail()' method, we would require you to configure a plugin to relay your messages via SMTP. We have written a quick guide on how to do this here...
|How to enable SMTP on WordPress|
This ensures that your messages are relayed through our premium delivery solution, MailChannels without any additional cost. This ensures your mail reaches the recipient, without risk of the messages being rejected on the basis of the RBL listings / IP blacklists.
This change has been made effective immediately, and was essential for us to improve our overall network IP reputation.
Since implementing this change, we have reduced our RBL rate by around 75%, and this process is still ongoing. The results of which, will be a completely clean slate in terms of RBL and IP address reputation and us being back in a position where we can assure near 100% delivery rates as part of the MailChannels service included with your account.