Hotmail / MSN blacklisting policies.

The IP address of our mail server was recently blacklisted by MSN/Hotmail. When I went through their steps for delisting, it was denied based on "reputation". AFAIK, we have not had a spam problem for several months. When we did it was due to a few accounts having been successfully phished. Since then our customers have been far more savvy and I have not seen the problem. I manually delisted us from all the known BLs back then and all has been ok.

A current multi DNSBL lookup only shows 3 out of a couple hundred BLs listing us. You may be familiar with the ones that did (blackholes.five-ten-sg.com for example). No major, reputable, widely used DNSBL lists the IP.

I have been doing this for 16 years. It has always been SOP to provide an offending email, with full headers to the complaint recipient, if not in advance of such blacklisting, then at least upon request. They sure require it of me when I report abuse of their servers. They flat out refuse to do this, claiming they have no access to this. I had this same issue with Cloudmark's BL a couple of months ago (which Comcast and other major providers use), so I suspect this is some kind of outsourced blacklist that does a poor job of updating their listings or one of my regular customers is sending out emails that are being incorrectly reported as spam. I have seen the latter happen several times with other servers I've worked with that auto generate legitimate emails of reports that customers pay for, but aggressive filters such as AOL's auto-report as spam (to be fair, AOL is excellent at resolving these).

We do have SPF records for our main domains, but no DKIM or other whitelisting/authentication mechanisms. Is this sort of thing going to be widely required?

Yes.

Also make sure your reverse dns doesn't look like
XXX.XXX.XXX.XXX.mydomain.com. (where XXX is the reverse IP, that gives
you a bad score.)

This are the steps I went thought for Hotmail:

Publish SPF and DKIM records
Open a hotmail account
login
https://support.msn.com/
Register with the following "Programs"

SenderID - Register you SPF records
Sender Information for Hotmail Delivery - Tell them you want to send
them emails
Junk Mail Reporting Partner Program - Register an address that
complaints about your emails will go to.

#Register your IP address at
https://postmaster.live.com/snds/index.aspx
Then view data about your IP address at
https://postmaster.live.com/snds/data.aspx

I have been doing this for 16 years. It has always been SOP to provide an offending email, with full headers to the complaint recipient, if not in advance of such blacklisting, then at least upon request.

There are/have been a number of well respected (not to mention most of the private ones) anti-spam BLs that either don't always or never provide "offending email" evidence to support listings, and I'm not aware of any that ever made it SOP to provide such evidence in advance of listing an
IP.

Hotmail listing one of your servers for no obvious reason is certainly the pot calling the kettle black. I get a pretty regular stream of pills spam from hotmail servers, most of which should trivially be blocked by the sender if they gave even the slightest damn about their outgoing spam.

They flat out refuse to do this, claiming they have no access to this.

With an org the size of hotmail, it's quite conceivable that the people dealing with you don't have access to the information you seek, assuming such information was even kept.

First, this should probably be on mailop instead of here.

Second, given the unceasing torrent of spam emitted by Hotmail/MSN
on a systemic, chronic basis, it's ironic that they'd block *anyone*.

---rsk