Monthly Archives: March 2010

What does the Warning – Reverse DNS does not match SMTP Banner mean? – SMTP Diagnostic Tool

7 Replies

We wanted to give a bit more insight into the Warning from our SMTP Diagnostic tool about ‘Reverse DNS does not match SMTP Banner’.

The short answer is that the reverse IP address name is not contained in the server HELO or EHLO banner. In the example below, the string “someotherdomain.com” is not found anywhere in the server banner, which is reporting “example.com“. This is only a warning, and in some cases you may have no control over this. However, if you have the ability to make these match, you should. Some mail servers look for this and use it to mark messages you send as questionable. Most mail systems will not reject your messages outright, but this may effect your spam score increasing the likelihood your messages will be marked as spam.

In other words, it is a best-practice you should endeavor to follow. It doesn’t mean you are a bad person or won’t be able to send email.

220 mx.example.com StrongMail SMTP Service at Wed, 09 Sep 2009 17:00:01 -0700

Not an open relay.
0 seconds – Good on Connection time
0.156 seconds – Good on Transaction time
OK – 1.2.3.4 resolves to mail.someotherdomain.com

If you are not sure where to access your SMTP banner in your mail server, read below for some helpful hints. We do not advise making ANY changes to your mail server if you are not the system administrator or confident in making these changes.

Configure SMTP banner Exchange 2003

  1. Open Exchange system manager.
  2. Expand your administrative group (”First administrative group” by default).
  3. Expand Servers.
  4. Expand “YourServersName”.
  5. Expand Protocals container.
  6. Select SMTP container.
  7. On the right window, right click the Default SMTP virtual Server (Or the name you set your SMTP Server) and select Properties.
  8. Select the Delivery Tab.
  9. Click the Advanced button.
  10. Under the Fully Qualified Domain Name (FQDN) type mail.yourdomain.com (The A/Host record you created in DNS for your mail server)
  11. Click Apply and OK again to accept the changes

Configure SMTP banner Exchange 2007/2010

  1. Open the Exchange management console.
  2. Select the Organisation Configuration container.
  3. Select Hub Transport container.
  4. On the right select the Send Connectors tab.
  5. Right click your send connector and select properties.
  6. On the General tab under the Set the Fully Qualified Domain Name (FQDN) this connector will… type the A record domain name you created. Which in our case is mail.yourdomain.com. Click OK.
  7. Under the Server Configuration container click the Hub Transport container.
  8. In the Right window Select the properties of the Receive Connector under Receive Connectors tab.
  9. On the General tab under the Set the Fully Qualified Domain Name (FQDN) this connector will… type the A record domain name you created. Which in our case is mail.yourdomain.com. Click OK.

To verify these changes we would recommend using our SMTP Diagnostic Tool again.

Web Security Breaches Rock Hotmail Users

2 Replies

Users of Microsoft’s free email service Hotmail are reeling this week after a huge web security breach last month. All Hotmail users are encouraged to change their passwords and be vigilant as an increase in spam activity on the site has led to web security breaches.

Individual accounts have been hacked in recent weeks, and then the hacked accounts are then used to send spam to the entire contact list of the user. Victims have also reported that their email filter settings and other custom account features were changed following the breach.

“Hotmail is seeing instances of accounts being ‘hijacked’ by spammers who send emails out advertising an electronics website. The spam mails usually have subjects like ‘Good shopping good mood’ and may go to your contact list in addition to a random list of emails,” Rob Margel of Microsoft wrote on his blog.

The cyber criminals are not typically worried about changing the password as they only intend to use the account once or twice. They move quickly so that they can do as much damage as possible but want to jump around to avoid being caught. Changing the password is the only way to prevent further damage, passwords should be changed on a frequent basis to avoid problems such as this.

The origin of the malware is unknown, but the results are similar to phishing attacks that took place on Twitter a few months ago. The popular social networking site recently announced phishing attacks have become so frequent that it will now scan every link posted to the site for malware.

March 2010 – MxToolBox Supertool (DNS tool)

1 Reply

MxToolBox has provided many free tools over the years and we are pleased to announce our newest tool, the SuperTool! This tool gives users the ability to do different types of lookups from one common location. To use the new tool, simply go to MxToolBox.com and input a domain name, IP Address or Host Name. To give you an example, I looked up the MX records for crawfordbowling.com:

Included in the results box are links to related tests you might want to run based on the lookup you just performed. Or if you want to go in a different direction you can run any other lookups by typing the command in the box like blacklist:208.65.144.12 a:google.com, or smtp:208.65.144.12 .

Next, I ran an email diagnostic on the server by clicking on SMTP Test: 

Then the last test I did was a reverse lookup: 

A really cool feature that you may not have noticed is that the page adds the results from your latest test on top of your previous tests. This helps keep track of all the tests you have run.


Recently we added even more DNS lookups to the SuperTool and we are adding new tools as fast as we can to make sure we stay on top. If you have any tool additions that you would like to see, please let us know. We are also very interested in how these tools are being used out in the wild so we can better tailor them to your needs.

command explanation
blacklist: Check IP or host for reputation
smtp: Test mail server SMTP (port 25)
mx: DNS MX records for domain
a: DNS A record IP address for host name
spf: Check SPF records on a domain
txt: Check TXT records on a domain
ptr: DNS PTR record for host name
cname: DNS canonical host name to IP address
scan: Perform a port scan on the host   New!
whois: Get domain registration information    New!
arin: Get IP address block information    New!
soa: Get Start of Authority record for a domain    New!
Other tools coming soon
http: Get web page at URL
https: Get web page at URL using SSL encryption
ping: Perform a standard ICMP ping
trace: Perform a standard ICMP trace route

 

The SuperTool is the culmination of our firm’s six year track record of providing Free tools for system administrators to assist in Network troubleshooting. This one-of-a-kind tool gives users the ability to do different types of lookups from one common location. Since many DNS tool providers have chosen to provide paid only services, we are proud to continue hosting these free tools on our site.

You might be thinking, what’s the big deal about this new tool? Great question. Let me begin by saying that we’re just as skeptical as you are when people throw around words like one-of-a-kind, revolutionary, groundbreaking, etc. When we say that the SuperTool is one-of-a-kind, we can prove it. Try it out for yourself and you will see that you can look up all of your MX records, DNS, Blacklist and SMTP diagnostics in one integrated tool. It is amazing.

 

Forums Find updates on our BLOG
Twitter Join us on our FORUMS
Blog Follow us on TWITTER Facebook Become our fan on FACEBOOK