There are only 3 ways for IP addresses to get listed in the njabl.org dnsbl.

1. Operating an open relay or proxy
   For the purposes of our dnsbl, an open relay is any system that will deliver email to any address from any source. Spammers tend to hunt for these systems, and then dump thousands, sometimes hundreds of thousands of emails into these servers, which they then spend hours or days trying to deliver to sites all over the world. In addition to insecurely configured mail servers, web servers with insecure HTML form to mail gateway CGI scripts can be used as "open relays", as can insecurely configured proxy servers. The bottom line is if a server can be used by any non-authenticated source to send email to any address on the Internet, it qualifies as an open relay and may be added to this dnsbl. See our Methodology page for more information on how we find and determine which systems are open relays.
   
   
2. Being a dial-up port IP or other dynamic address
   Rather than hunt for open relays, some spammers will send their email directly from a dial-up account. In general, there's no need for a dial-up user to talk directly to any SMTP server other than that of their own ISP. So we're compiling a list of dial-up port IP ranges, mostly at larger providers where the abuse seems to be the worst, and we add those to the list. We also include any other IP pools that appear to be dynamically assigned as well as NAT pools, since they are effectively dynamic. Open proxies and trojan proxies are so rampant now that a large percentage of 'open proxies' are actually dynamically assigned dial-up, DSL, or cable modem IPs. These users should all be using their own provider's SMTP servers rather than direct-to-MX as is often done with spam.
   
   
3. Operating a system that directly sends out spam (unsolicited, bulk email, usually of a commercial nature) or continually does so on behalf of customers ignoring abuse complaints
   You know who these people are...they're the big commercial spammers who swear they got your name from an affiliate or an associate who swears you visited their web site and opted into the "all the spam you can handle" service plan. I don't know where they really get their lists, but judging from the number of bounces generated by "no such user" errors, I'm guessing all these non-existent accounts didn't really opt-in. In extreme cases, when an ISP is hosting spamming customers and either ignoring abuse complaints or refuses to act on complaints, we'll resort to listing the ISP's servers. Occasionally, this is the only way to convince them that they have a problem.

So that's it. Those are the ways an IP or IP range may be listed. So now the big question is, "how does an IP get de-listed?"

1. If an IP is listed because it's an open relay, secure the relay such that it's not open.
   If you don't know how to do this, don't ask us. Check your documentation. Check with your vendor. Search the net for help. Other sites are almost certainly running whatever software you use (odds are, we're not) and have figured out how to secure it. The people at mail-abuse.org have compiled a fairly extensive list of mail server software and tips on how you can secure them. Once your relay has been secured, you can come back here and remove it. If you didn't really secure the relay, it'll end up back in the list.
   
   
2. If an IP is listed because we think it's in a dial-up range, show us that it not. If it really is a dial-up, it'll most likely remain in the list, but we may add non-dial-up range IP's to the list thinking they are dial-up range IP's. In these cases, we'll be happy to correct the error. Also note, if you're trying to get an IP removed from dynablock.njabl.org, please see the updated info on dynablock.
   
   
3. If an IP is listed as a spam source, that means we have spam on file that appears to have originated on that system, but we did not find it to be an open relay or proxy. If you want such a listing removed, please explain how the spam came from/through the IP and what has been done to prevent additional spam from transiting your system.
   
   
4. If you're a commercial spam provider, you're pretty much stuck until you convince us that you're not.

If you would like to get an IP removed according to the guidelines above, and cannot remove it via the removal form send an email to removals at mail.njabl.org. Be sure to include the IP address you want de-listed and the reason it should be removed. Also, your message must list the 4 byte dotted quad IP / network in the subject, or it won't make it through our filters.

If your IP is listed as a spam source, your request will be ignored unless you include how the spam originated from your IP and what has been done to prevent future abuse.

If your IP is listed as dynamic, please contact us from the RIR contact email address to inform us that it is not.

If none of this makes much sense to you, you should probably read our Information for End Users page.

Please note: If your IP is listed because it was found to be an open relay or proxy do not email asking for your server's IP to be removed if you have not already closed the relay or proxy and tried using the removal form.

If you cannot send us email because your outgoing email goes through a listed server, you can email removals via rt.njabl.org as removals at rt.njabl.org. However, you must put the IP address you're contacting us about in the subject of your message or it will not make it through our filters and will be discarded.