Author Archives: stephenmxtoolbox

What is DKIM?

DKIM, standing for DomainKeys Identified Mail, is a method where a sender (or forwarder) can take responsibility for the content of an email by digitally signing for the message.  A DKIM signature is added to the header of any outbound email message that a sender would like to vouch for.  The recipient can then compare this DKIM signature to a publicly available DKIM key that decodes it.  If successfully decoded, the message is authenticated as being from that sender.  Otherwise, the recipient can choose to run more intense checks on the email, quarantine or discard it.

A receiver using DKIM will be able to reduce inbox delivery of erroneously forwarded or spoofed email received.  This greatly reduces the potential for abuse as recipients now have more information on the sender.

Should I setup DKIM?

Absolutely!  Both email senders and receivers should be using DKIM on their email systems.  While DKIM does not itself filter email, the DKIM signature is important in your overall delivery/rejection process.  Regardless of the volumes of outbound email, a sending organization should use a DKIM key to sign for email.  This attaches your reputation to the email and makes it easier for customers to trust that email is coming from you.  If there isn’t a signature on email that looks like it comes from you, then it could be spoofed.  It’s better to stand behind what you send.

Similarly, if you aren’t scanning incoming email for DKIM signatures, you are opening yourself up to potential attacks.  At minimum, you are treating all email the same and need to run more checks on incoming email against blacklists, scan for viruses and malware, which can be more taxing than a simple DKIM check.

DKIM works hand-in-hand with SPF and DMarc to help senders and receivers better communicate on the quality of email being sent.  Overtime, these technologies will dramatically reduce spam, spoofing and other unsafe mail delivery.

How do I get a DKIM key?

We often refers customers to one of the many services that will generate a key for you.  Right now, we recommend letsencrypt.org.

MxToolbox Tools for DKIM

A DKIM sender may have several DKIM records, so MxToolbox DKIM Lookup searches the specific record selector you request (see below).  DKIM lookup results are parsed and compared to RFCs to alert you to issues.  The example below contains a very simple DKIM record.

dkim-lookup

MxToolbox provides a free DKIM lookup tool that provides a lookup of your DKIM records by selector.

 

dkim-results

Results of a typical DKIM record are parsed and explained.

Get Support!

As a paid MxToolbox.com user, you get access to our expert Support team.  Open a ticket to get access to the best advice on improving your email delivery including setting up SPF and implementing DKIM and Dmarc.

What is SPF?

Sender Policy Framework (SPF) is a type of DNS record that Mail Administrators use to delegate email delivery options to 3rd parties.  SPF allows the owner of a domain to set a range of IP addresses and domains that are authorized to send email on behalf of that domain.

spf-simple

A simple SPF record (Google.com)

For example, you might use a 3rd party bulk emailer like Mailchimps or MailGun to send a weekly newsletter.  You would want your SPF record to include IP addresses that would be sending for you.

spf-complex

A more complex SPF record with multiple sending IPs and 3rd party delivery services included (anonymous).

How does SPF work?

Essentially, you setup an SPF record to reflect any IP addresses that will be sending on behalf of your domain.  If you have an SPF DNS record, it is publicly discoverable. When an email is sent purporting to be from your domain the recipient server checks your SPF record to see if the sender is actually authorized to send on your behalf.  If so, the email recipient knows the email is from you or your delegates and will chose to accept based upon your email reputation.  If not, the email recipient can opt to scrutinize the email more carefully, quarantine it or outright reject the email.  In this way, SPF is a powerful tool in the ongoing battle against SPAM.

Who should have an SPF record?

Everyone should be using SPF, but particularly companies that utilize any 3rd party email services to send email.  Since many companies actively check SPF records now when processing email, a failure to have an SPF record may mean that your email, especially bulk email, maybe denied.

SPF is a key component to email security and reducing spam and as such, everyone should setup an SPF record to ensure the best possible delivery of their outbound email.  MxToolbox provides a free SPF checking tool (pictured below) where you can verify that your SPF record is publicly accessible that also checks your record against the RFCs for syntax and best practices.

spf-lookup

Results for Google’s SPF record lookup including our checks of record syntax and setup.

SPF is required for implementing Dmarc.  If you are interested in getting started with Dmarc, we suggest implementing SPF immediately or double-checking your SPF setup and then setting up a Dmarc record that points to our new Dmarc reporting tool.

As a paid MxToolbox.com user, you get access to our expert Support team.  Open a ticket to get access to the best advice on improving your email delivery including setting up SPF and implementing DKIM and Dmarc.

Talk to our experts – the MxToolbox Support Team

MxToolbox is proud to have one of the best support teams on the Internet.  Our dedicated group of experts has been the backbone of our success.  They listen to your issues, patiently work with you to get the best solution and help you use and understand our highly lauded tools.  Their decades of experience in Email, DNS, and Network technologies give them the best insight into your problems.

Our Experts can help you with a wide range of problems:

  • Blacklisting Causes and Reasons for Listing
  • Blacklist Delisting Support
  • Recommend Changes to reduce the possibility of Blacklisting
  • Email Deliverability issues
  • Recommend Monitors for
  • Network troubleshooting
  • Recommend Email Server settings
  • Troubleshooting assistance
  • And more…

Open a ticket to get started!

MxToolbox support is included with every account, starting from our Basic Plan and up.

We’re Secure – SSL that is…

As of today, all URLs on MxToolbox are now using SSL (Secure Socket Layer) or HTTPS.  HTTPS provides an additional layer of security in your web communications with MxToolbox by encrypting all communications between you and MxToolbox.

What does the change mean?

Links – If you have a static link to our site, you should be redirected to the HTTPS version of the page.  However, you may want to update your bookmark to the HTTPS version to make things simpler.

API Customers – Make sure you are using HTTPS when connecting to the API.  Our documents already suggest HTTPS but it might be a good idea to look at your implementation just in case.

 

Have questions or need assistance with this transition?  Contact our Support Team!

Why are we making this change?

Innovative companies like Google are recognizing the benefits of securing all communications with their clients, both for privacy and security reasons.  HTTP sends every message between your browser and the server in clear text.  In the event there is a malicious router in the network, it’s possible to record and use those message.  With HTTPS, that traffic is encrypted so no one in the middle can read it – just you and our servers!  By going exclusively to HTTPS communications, we are enabling better security for our customers.

What else does MxToolbox have for HTTPS?

Our team of experts is always looking at technology so we highly recommend our customers use HTTPS to secure traffic to their own web servers.  In fact, MxToolbox HTTP lookups and monitors will flag a server if HTTPS is not available in the future.  If you are operating a web server, we highly recommend adding an HTTPS monitor to track server uptime, alert you to potential outages and monitor your SSL certificates expiration date.

What blacklist monitors do I need?

Blacklisting can be a pretty complex issue.  There are several different catgories of blacklists and each finds bad actors in it’s own unique way: honeypots, customer reports, protocol scans, etc.  This can leave many users confused.

What blacklists matter?

Which ones should I monitor?

What servers should I monitor?

First, MxToolbox monitors the most comprehensive, best curated list of blacklists.  Our experts understand blacklists and the causes of blacklisting better than anyone out there.  You can trust that our list of 100+ blacklists is the list you need to know about for your online reputation.  In fact, new blacklists are often asking us to add them to our checks!

Second, you need to understand the causes of blacklisting.  Even if you are using a legitimate server on a legitimate IP address, you could legitimately get caught in a blacklist honeypot, attacked by malware, accidentally spam someone and flagged for malicious activity.  Monitoring your servers for blacklisting is like an insurance policy – you need it whether or not you’re planning to have an accident.

Our experts recommend the following monitors to ensure your email delivery and online operations by monitoring your blacklist reputation:

  • IP Blacklist monitor for each mail server IP
    At minimum, you should have an IP monitor for the IP referenced in your MX record
  • IP Blacklist monitor for each web server IP
    At minimum, you should have an IP monitor for the IP referenced by your website’s A record so that traffic is not interrupted to your e-commerce site.
  • Domain Blacklist monitor for your domain
    This is optional, few companies are referenced enough in spam to be blacklisted unless they really are a major source of spam, malware or botnets.

There are other monitors that will help your overall system reputation, stability and reliability:

  • An MX monitor for your mail server in case it should ever be changed or DNS go down
  • An A record monitor for webserver
  • A SMTP monitor for your mail server to ensure uptime and report downtime and issues with availability
  • A Mailflow monitor to check your end-to-end mail system performance

 

DMARC Reports – Beta Program

Google & other inbox providers are constantly changing their acceptance policies to give more and more preference to email traffic that utilizes DMARC and DKIM technologies.  This gives them better control when categorizing email, both for advertisement value and for detecting and eliminating spam, viruses, malware and other threats to large scale email hosting.  But, it presents challenges to companies that are sending email to Google customers, both consumers and businesses hosted on Google email servers.

How do you configure SPF, DKIM, and DMARC?

What do I do with DMARC reports when I receive them?  

How can I get good information about my email deliverability?

These are all questions that we commonly get from our customers trying to ensure that their business emails are visible to their customers and prospects.  Since Google is often a first mover in new technologies, you can expect other big email hosts, like Microsoft Outlook.com, to follow their example.  This means SPF,  DKIM, and DMARC are becoming a requirement for doing business.

MxToolbox is here to help you get ahead of that curve!  Last year we introduced both DKIM and DMARC lookups and monitors for our customers.  Now, we’re introducing a beta version of a DMARC Reporting product.

DMR pro.jpeg

MxToolbox DMARC Reports will give you insight into what your customers are saying about the email coming from your servers or email that appears to come from you.  Once configured, our new DMARC Report gives you statistics on:

  • Email volume & compliance by Inbox Provider (Google, Outlook, Yahoo!, etc.)
  • DMARC Compliance Rate & DMARC issues
  • Email volume from each sender or forwarder IP
  • SPF & DKIM Authentication issues
  • And more…

Also, included in the report is the ability to view and export raw data.

Why Should I configure DMARC and what value does this report provide me with?

In addition to getting high value into seeing where your email is being sent from, who is receiving it, and identifying SPF & DKIM issues with your email, DMARC also provides you with the ability to:

  • Prevent Reputation and Blacklisting issues
  • Reduce domain spoofing
  • Improve deliverability rates

A common method spammers use to trick email recipients into opening mail containing harmful malware or phishing links is to forge the “From” address on email messages so that when the recipient sees the message it appears to come from a legitimate person in your domain. As a result mail filters and users will flag the spoofed mails as spam or phishing.  This may cause you email deliverability and reputation issues, as you may find legitimate email being blacklisted by Inbox providers. With DMARC, you can avoid these significant headaches as your DMARC record tells providers like Gmail what they should do with messages that aren’t coming from you.

While we’re in beta, you can setup one domain for free.  Just follow the instructions on the DMARC Report Setup Page.  We will recommend adding a DMARC record to your DNS if you don’t currently have one already or if you do have one, we’ll just recommend a slight change to your DMARC record so we can start building your reports. Then you just wait until email is delivered and DMARC reports begin to be filed and viewable with MxToolbox!

You can even access DMARC Reporting from your DMARC Monitor!

DMR - monitor access.jpeg

Email and DNS Provider Data

Have you ever looked up at the MX records for a company and wondered who their mail hosting provider was?   Maybe you are looking for prospects with a particular hosting service or need to know if that company is using your services or going it on their own?  Are they adequately protected?

Similarly, wouldn’t it be nice to know who the DNS provider is for a company?  This could be useful for prospecting or diagnosing issues.  Why can’t I reach XYZ.com?  Oh, their DNS provider is down…

mail-provider-zoom

Well, now you can get this information from the most trusted provider of tools and monitoring solutions for IT administrators, MxToolbox.  We include Email and DNS provider data on MX, and DNS lookups (specifically mx: and dns: now a record).  More information simplifies your work and makes your daily life easier.

mail-providerdns-provider

Have a list of domains or IP addresses you need information on?  MxToolbox Bulk Lookup is the answer!   The best suite of online tools, MxToolbox Professional, now includes our enhanced Bulk Lookup Tool which provides:

  • IP address
  • Geo Location
  • AS Number
  • AS Name
  • Blacklist status
  • SOA
  • MX Records
  • Name Servers
  • Email Provider
  • DNS Provider

MxWatch monitoring packages include the MxToolbox Professional interface, a number of monitors and the Bulk Lookup Tool.  A Basic Plan comes with 2000 bulk lookups a month, while our Pro Plan includes 20k.  Upgrade today to get started!