Monthly Archives: January 2012

American Airlines and UPS Spam Breaching Postini Filters – Automatic Updates to Filters Expected

If you have received either the UPS Confirmation email or the American Airlines Order ID messages, you are not alone. Currently spam filters across the world are frantically adjusting their heuristics to combat these spam messages. While the filters are being automatically updated, we would recommend enabling a attachment filter to block these messages

NOTE: If this filter is applied, it will block any legitimate message with a .zip attachment. See below for the steps to enable the recommended filter and the recommended settings:

Attachment Manager Filter Steps

  1. Access the customer’s Postini User Org (not MAIL or Email Config level) and enable the Inbound Attachment Manager.
  2. We highly recommend enabling ‘Scan inside compressed file types’ and ‘Enable binary scanning’ as this may also help with any future evolutions.
  3. To build a custom filter for blocking .zip attachments, select Filter and follow the image below:

  4. Be sure to add ‘zip’ under 2. Custom Filter Types to either User Quarantine (in case of false positives) or under Quarantine Redirect.
  5. Click Save and the filter is applied.

MxToolbox has partnered with WebRoot to offer Web Filtering to protect your network from attacks through the web browser. For more details on the protection that this program can offer, go here.


Notice: Due to (WSFF) enabling and disabling their RBL, our Blacklist Monitoring Service provided false results. From time to time list providers will enable their list (and list everyone) in an effort to  ensure that no one is using their list.

At this time we have removed this RBL from our list. Our Engineers are also conducting an audit of our current list to ensure that it is the most accurate it can be.

For more information on what Blacklists are and how MxToolBox can help, read this blog post.

MxToolBox is not affiliated with any Blacklists, we just provide a public tool that can be utilized to see if you are on a Blacklist. If you are on a Blacklist, rest assured as we do offer Blacklist Protection! For more information please feel free to visit our website or email us at

We’re always looking for new Blacklists to add, so if you want to suggest one to us, please send an email to

For information about other Blacklists that have shut down or Blacklists that are having problems, view this forum post.

January Newsletter – New Year’s Resolutions for Email and Network Infrastructure




In the spirit of our “Top Holiday Email Related Tools”, we thought we would start another list each January as our Resolution List.  However, this list won’t be your typical list that includes “drink less soda” or “run a marathon” (all good things!), but will be more along the lines of what you can do to further protect your Email and Network Infrastructure.

Open Relay / Lock Down
In the past it wasn’t such a big deal to have your server as an open relay, but these days even having it open for a few days will more than likely invite spammers to infiltrate your network. An open relay is when an SMTP server is configured to accept anonymous connections to your servers’ IP Address or allow anonymous servers to relay off your server. If you continue to operate with your server as an Open Relay, your server will more than likely end up on a Blacklist which will cause outbound delivery issues.

To ensure that your mail server is not an Open Relay, we recommend only allowing email delivery on your public IP address for email addresses you own. If you have people outside of your network that need SMTP service, employ VPN, SMTP Authentication, or have them use a 3rd party SMTP server.

Another step that we recommended is to block outbound port 25 traffic only to your email server. To do this, simply make a rule on your firewall that stops outbound port 25 connections. Make a single exception for your email server. Lastly, we highly recommend keeping your server secure and running Anti-Virus (don’t forget to run updates!).

Web Security – Locks on the doors, but not the windows?
Now that you have secured your network by closing that pesky Open Relay, you have essentially locked all the doors into your network.  But have you left a window open?  Online threats have shifted their attention from launching attacks through email systems and have begun targeting web browsers as an often unguarded entryway into your infrastructure.

The firewall that protects your business network is configured to stop connections that originate from the Internet. However connections that originate from within your network are automatically granted access. Without this ability your employees would not be able to access any online resources outside of your network. One of the greatest security concerns on the Internet today is malware. This malicious software is often distributed via web pages and is designed to infiltrate a computer system without the owner’s knowledge or consent. Currently 85% of dangerous web activity is attributed to malware which makes proactive
Web Security a necessity for every business. The most critical role of Web Security is to prevent malicious code from being brought in to the network; however, it can also be used to control access and generate reporting on your web usage if desired.

Blacklist Protection
One of the most common security challenges for companies is keeping their organization’s email off of Blacklists. When your company gets Blacklisted it will cause major trouble for your business and it will slow down your communication with current customers, prospects and in general the outside world. Email communication is a critical and profit dependent function of any business and this type of communication interruption is both time consuming, costly and completely 100% avoidable.

If you find that your company’s IP has been Blacklisted, what can you do? Well that is where MxToolBox can help! With Email Service through MxToolBox you won’t have to worry about Blacklists. Our highly trained IT professionals will not only help you find the root cause and eliminate your current Blacklist problems, but we can proactively implement solutions to keep your system protected and secure.  

We hope that you are able to check off most of what we have covered. If you haven’t and you have further questions or need further assistance, please contact us at (866)-698-6652 or and we’ll be happy to help!

Even if your company has not had its productivity hampered by any of the issues described above, now would be an ideal time to review what our Total Security Package which offers top-shelf Spam and Virus, Blacklist Protection and Web Security can do to further insulate and protect your company. With MxToolbox you can rest assured that  your company’s email and web browsing is safe and secure.   

Blog Email Security Blog Follow us on Twitter Twitter Become our fan on Facebook Facebook Forums Forums

Copyright 2011 MxToolbox Inc. 12710 Research Blvd. Austin, TX 78759