Category Archives: How to Make the Most of MxToolbox

BIMI Lookup Tool

MxToolbox is excited to announce the unveiling of another free tool for your use: the new BIMI Lookup tool. This innovative tool enables you to test your Brand Indicator for Message Identification (BIMI) records, ensuring that your BIMI record is correct and adheres to the current standards.  A missing or incorrectly formatted BIMI record means your customers may not see your domain’s logo in their inboxes. 

What’s BIMI and Why’s It Such a Big Deal?

BIMI is an industry-wide standards effort to display brand logos next to the brand’s email messages in their customer’s inboxes as indicators of trust to help message recipients recognize and avoid fraudulent emails delivered to their inboxes. This new standard, which is currently in beta testing, is important to email senders and their customers alike. Businesses get a prime opportunity to add trust to the emails they send and increase the visibility and ROI of their email programs, while recipients also benefit from senders deploying DMARC and other BIMI authentication standards to reduce the success of phishing attacks.

BIMI builds off of DMARC, with some outlets calling it DMARC 2.0, and will only display if you have deployed DMARC. Several Oath brands (Yahoo!, AOL, etc.) are currently beta testing the BIMI standard with their mailbox users. Gmail will also be rolling out their own beta test of the BIMI protocol in 2020. With Gmail’s current 1.2 billion worldwide users able to see a company’s logo displayed within a year’s time, adopting the BIMI standard will be highly beneficial to your business email practices. As DMARC and BIMI work in tandem to improve message delivery, it becomes imperative your brand utilizes these pioneering email technologies and standards.

How MxToolbox’s BIMI Lookup Tool Works

The new BIMI Lookup tool allows you to check for any errors included in your BIMI record published content, syntax check content, DMARC record format, or image format content. By entering your company’s domain name and clicking the “BIMI Lookup” button, this diagnostic tool will parse the BIMI record for the supplied domain, display its BIMI record, and run a series of diagnostic checks against that specific record. The provided results will help you recognize any current issues in your BIMI record’s setup that may prevent your logo from being displayed in Yahoo!, AOL, and Gmail (early 2020) inboxes.

To learn more about BIMI and how it’ll benefit your business, please click here.

Ultimate Combo

MxToolbox’s free BIMI Lookup tool is a great way to ensure your BIMI record is setup correctly and displays your logo as intended. BIMI provides your business an opportunity to grow your brand and protect your customers. Implementing this standard and monitoring it with our new tool are positive steps in improving your business email delivery. Don’t let your messages be sent to the Junk folder anymore.

MxToolbox Updates: New Mobile/Tablet-Optimized SuperTool in Beta

MxToolbox will soon beta test a new and updated version of our SuperTool (Beta8). Some SuperTool users will receive access to this beta version, while others will continue to use the existing SuperTool.  Be on the lookout for the upcoming changes.

The SuperTool streamlines all of your MX record, DNS, blacklist, and SMTP diagnostics into one integrated tool. Everything you need to assess your business domain’s status is found with this free tool.

Our Beta8 rollout centers on increasing multi-device usage and ensuring a better, more enjoyable experience across all devices. Upgrades will be especially noticeable for users on both mobile and tablet options. From phone, tablet or laptop, the new and improved SuperTool will help retrieve all the information you seek with the aim of a better user experience than the current SuperTool.

If you receive the Beta8 version, congrats! Any feedback you could provide our team will be greatly appreciated. Please send your thoughts, concerns, and recommendations to: feedback@mxtoolbox.com.

 

A Little Blacklist History

History of Blacklists

Blacklist – in the context of technology, a list of items, such as usernames or IP addresses, that are denied access to a certain system protocol. When a blacklist is used for security purposes or access control, all entities are allowed access, minus those actually listed in the blacklist. Moreover, an email blacklist is a real-time database that utilizes criteria to determine if an IP is sending email it considers to be spam. There are many operable blacklists, and each has a unique way of accepting inbound mail and determining if messages are considered spam. Needless to say, blacklists directly impact the deliverability of your company’s emails.

Note: A Whitelist or whitelisting is NOT the opposite of a blacklist.  A whitelist is a connection or group of IP addresses that will always be accepted, typically bypassing many other security controls.  Do not ask for someone to whitelist you.

The first Domain Name System-based Blackhole List (DNSBL) was the Real-time Blackhole List (RBL) created in 1997 as a Border Gateway Protocol (BGP) list. Interestingly, the initial version of the RBL was not published using DNS, but rather a list of networks transmitted via BGP to routers owned by subscribers so that network operators could drop all TCP/IP traffic for machines used to send spam/host spam supporting services, such as a website. The term “blackhole list” is often interchanged with “blacklist” and “blocklist.”

Overview of Blacklists

Generally speaking, a DNSBL or RBL is an effort to stop email spamming. It is a blacklist of locations on the Internet believed to actively send email spam. The locations consist of IP addresses, which are typically  linked to spamming. Most mail server software can be configured to reject or flag messages that have been sent from a site listed on one or more of these lists.

Furthermore, a DNSBL is a software mechanism, rather than a specific list or policy. There are many DNSBLs in existence, which use a wide array of criteria for listing and delisting addresses. For example:

  • The IP addresses of zombie computers or other machines being used to send spam (some RBLs specialize in spam in different languages)
  • Internet service providers (ISPs) who willingly host spammers, or those which have sent spam to a honeypot system.
  • List of the IP addresses of email systems that openly relay mail (which could be used by spammers)
  • List of dynamic IP addresses at ISPs
  • List of domain names typically used in spam emails.

In order to operate a DNSBL three things are needed: a domain to host it under, a nameserver for that domain, and a list of addresses to publish.

In addition, based on data received about your IP address, there are three places for your email to end up. If your company is on a blacklist, outbound messages could end up in spam or not delivered. If in good standing, your business emails will be then go through secondary processing by the inbox provider.  Most will be delivered and show up in the inbox as intended. Most blacklist services set up their own specific methods, algorithms and honeypots and have websites that detail the reasons for listing along with delisting options.  Delisting may be requested or may be automatic in some cases (keep reading).  Note: Some less savory blacklists require a payment for delisting; Mxtoolbox does not approve of this type of business model.

What Is an IP or Domain Blacklist Problem?

Most businesses learn that their IP address is blacklisted when a customer reports missing an important email.  After multiple reports, someone usually contacts IT who looks into the problem.  Without proper monitoring of your blacklist status, your business could be at risk.

MxToolbox to the Rescue

An early innovator in addressing blacklist issues, MxToolbox built started with a free online Blacklist Check tool to help email admins, marketers, and business owners monitor their sending reputation. Since then, we have focused on email delivery solutions, introducing the most comprehensive Blacklist Monitoring service on the Internet and, now, providing DMARC-based email deliver solutions.

The Future of Blacklist Monitoring

MxToolbox believes in continually delivering innovative tools and services to help our customers who face an ever changing email world.  Recently, we released Adaptive Blacklist Monitoring, expanding the frontier of blacklist monitoring beyond traditional blacklist monitoring for businesses to answer the following questions:

  1. How do you maintain lists of all internal and external sender’s IP addresses?
  2. How do you update IP addresses being monitored when they change?
  3. How do you monitor cloud email services sending from large pools of IPs?

MxToolbox Adaptive Blacklist Monitoring leverages new technologies like SPF and DMARC to monitor your blacklist status and email deliverability across all of your senders: internal, external and cloud-based.

Automatic Monitoring

MxToolbox automatically detects all your Outbound IP addresses that you actively send email from and monitors them for blacklistings.  Add a new 3rd party sender? MxToolbox automatically monitors those new IP addresses as well. With this solution you no longer need to maintain IP lists and update monitoring.

Sender/Cloud Email Reputation

Send email through Office 365 or GSuite, etc.? MxToolbox detects the IP addresses those services are actively using to send your messages and if they are blacklisted. You can even view your sender’s reputation via MxRep to gauge how well their services are functioning.

 

New Features for MxToolbox

At MxToolbox, we’re continuously striving to provide cutting-edge tools to help our customers improve their company’s email practice. As you can see on our Network Tools page, we offer a wide-range of helpful free tools and paid products that ensure your business email platform is working at its optimal level. And since we’re routinely updating and expanding our collection of tools, we recommend you visit the page often for the latest developments. For the most recent updates and newest tools please check out the NEW! tab. Let’s take a closer look at some of the more popular MxToolbox features.

NetworkTools-21April2019

Email Tab

The email portion of the Network Tools page contains some of our most popular tools such as the MX Lookup and Blacklist Check; and offers several other essential diagnostic tools that can greatly benefit your company’s email setup. For example, the SPF, DKIM, and DMARC tools now support improved message delivery and provide feedback catered to your business domain. Moreover, the two specific DNS record generators features (SPF and DMARC) MxToolbox offers under this tab help create records for the respective protocols.

Network Tab

For this section of Network Tools, the ASN Lookup and Domain Health Report tools are highlighted points. For example, the ASN (Autonomous System Number) Lookup query takes either an AS name or AS number as input and returns the missing component. For immediate feedback regarding your domain, the Domain Health Check will execute hundreds of domain/email/network performance tests to ensure your systems are online and performing optimally. In addition, the report will provide results for your company’s domain and highlight any critical problem areas that need attention.

DNS Tab

The DNS tab provides all the key DNS tools to help make sure your DNS records are published correctly and your DNS is operating at 100% such as DNS Lookup, DNS Check, and Whois. This list of tools also contains some advanced DNS Security diagnostic tools such as nsec, rrsig, and more.

MxToolbox’s Newest Additions and Updates

Among the many email tools MxToolbox offers, there are a few that stand out. Although we love each equally, if forced to name favorites, these come to mind:

  • DMARC Report Analyzer – One of our newest tools, this feature will make DMARC Aggregate XML reports human readable by parsing and sorting them by IP address into understandable reports.
  • DMARC Generator – Another new tool we’re proud of, this generator will help you create a DMARC record specifically for the domain/subdomain that you submit. Simply put, this tool’s a must for your DMARC implementation.
  • Header Analyzer – Found under the Email tab, this tool will make email headers human readable by parsing them. This helpful feature is a popular tool to which we’ve recently added DMARC, SPF, and DKIM testing functionality.
  • Email Deliverability – Also under the Email tab umbrella, this tool has been updated for easy workability. Send a test email to us, and we take over from there to generate a comprehensive deliverability report. To receive crucial data regarding your email status, definitely try this tool.

MxToolbox strives to provide your business the most beneficial information related to your email platform. By offering your company a variety of free tools to gain optimal deliverability, we believe our tools allow your messages to be delivered successfully. This not only protects your business, but also your customers. Whether found under one or more tabs, the features shown on the Network Tools page are vital to your email rates. Be sure to explore the page and try as many as desired. We’re here to help.

The State of DMARC Adoption – Inbox Providers in 2018

Print

There is a lot of buzz surrounding DMARC right now.  And most people have questions like:

  • How many companies are adopting DMARC?
  • What is the volume of email sent to companies and governments that have adopted DMARC?
  • Is it necessary for your business?

As your expert in Email Delivery, MxToolbox is constantly looking at technologies that affect your business.  For years, the biggest worry for companies like yours was being blacklisted. Now, email delivery is more complex and requires constant evaluation of your email senders and their compliance with new technologies like SPF, DKIM and DMARC.  In our State of DMARC Adoption, we evaluate how quickly companies are adopting DMARC and how DMARC can affect your business.  Learn More.

 

Still listed?

Every so often a customer contacts us because they feel it is taking too long to be de-listed from a blacklist or they were almost immediately re-listed on a blacklist.  We have a few recommendations for you:

First, be patient!  Some blacklists are operated by a small team that must field hundreds or thousands of requests every day.  They need time to get to your issue.  Some blacklists require a minimum delay before they will delist an IP address or domain.  This is for everyone’s protection.  They have no credibility as an anti-spam service if they delist a regular spammer or if they delist someone with a malware infestation before it has been remedied.  Blacklist administrators need time to trust your servers again.  Give them time.  It’s painful for you, but it’s temporary.

Second, research your issue!  You may not think you have an issue, but it is very rare that your email randomly dropped into a honeypot or other spamtrap that blacklist administrators use to create their lists.  You have an issue, somewhere.  It might be a malware infection, it might be an accidental   inclusion in an email campaign, it could be an internal user sending malicious email by accident.  Regardless, you need to do some research into your systems to make sure it doesn’t happen again!  And, you may need to look into your internal email controls and policies.  You should be doing this anyway, but now is the time to make a special effort!

Finally, fix your issue!  Put new policies in place.  Invest in new email controls.  Talk with Marketing about how they do campaigns.  Setup user controls.  Sweep your systems for malware.  Clean your house.  This will save you time and money down the road.  And, you can mention all this in your next request to delist.  The blacklist provider will appreciate the work.

Why do all this work if it was an accident?  How do you know it was really an accident you were listed?  You don’t unless you look into it and there’s tremendous risk in assuming that you’re “okay”.  The downside of being listed a second or third time is severe:  you will be listed for a much longer time and it will be much more difficult to be delisted.  In fact, most blacklist administrators have a three-strikes policy.  A third listing and you’ll likely be blacklisted for the better part of a year.  Continued listing could get you on their permanent blacklist.

Yes, I am trying to scare you.  Yes, this is serious.  Yes, this requires you to work to fix the issue.  Get started!  The downside is much more severe than the minor inconvenience you are experiencing with your first blacklisting or even with your delisting request being delayed.  And, remember, paid MxToolbox users don’t have to go it alone: we provide delisting support services to help you get off these lists.  But, we can’t magically delist you:  you still have to do the work.

Are blacklists legal, ethical, etc?

Blacklists came about as a response to unethical and illegal spam.  Blacklists have no other purpose but to stop bad or malicious acts, so they typically occupy the ethical high ground. Since they are used by businesses, universities and internet service providers to screen traffic, they are incented to be ethical, list only known bad actors and not list legitimate commercial traffic.  To do otherwise would undermine the value of their service to their own customers.

All that said, MxToolbox carefully curates a list of the most used and best maintained blacklists.  All the blacklists we check provide free delisting services.  We feel that requiring payment for delisting is not ethical.  However, a few blacklists offer expedited delisting services, which is a bit of a grey area.  Other blacklists may ask strange or seemingly random questions.  Think of this as geeks being geeks, rather than anything malicious or unethical.