Category Archives: How to Make the Most of MxToolbox

How do I get delisted?

Each blacklist has it’s own method for delisting.  Sometimes it’s a webform, sometimes it is an email.  Almost always, you need to include the steps you took to fix whatever problem put you on a blacklist.  Many blacklist operators see themselves as righteous crusaders fighting against spam, malware, viruses, bad email configurations and poor email operations, so remember when dealing with a blacklist operator, you are the bad actor seeking forgiveness.

Tips for delisting:

    • Read the description of the blacklist – Descriptions on MxToolbox Blacklist Info Pages give you everything you need to know about the blacklist and your reasons for being listed.  
    • Ask yourself “Do I need to be delisted?” and “Is this affecting my business?” – If you do not do business in Spanish, chance are you don’t need to be removed from the NoSolicitado blacklist that only serves Spanish language emails.  If you aren’t seeing any emails bouncing back, then this isn’t a huge issue, yet.  Don’t waste time or get frustrated over listings that have no effect on business.  
      MxToolbox provides filters that allow you to ignore alerts on irrelevant blacklists.  We also provide an MxReputation report that tells you what your global reputation is.  If it’s still high, you might be fine ignoring this blacklist.
    • Take care of the problem that caused the blacklisting – Once you know why you were listed, fix those issues.  Patch servers, run anti-malware/anti-virus software, fire the guy in marketing that was CCing all your customers or whatever you need to do. A blacklist will not delist you if you have changed nothing.
    • Have a detailed list of remediation steps you have taken –
      What did you do to clean viruses or malware?
      What did you do to close hacked accounts and prevent future attacks?
      Have you changed outbound email policies to prevent spam?
      Have you patched servers or firewalls?
    • Visit their site and fill out the required forms carefully and completely – MxToolbox has links to all the blacklist websites, including delisting forms.  Their forms are for their protection.  Their users will question a delisting if it results in further spam, so filling them out completely will aid your case.
    • Be polite – Most blacklists have evidence that your servers have acted badly.  Treat this as a respectful request that your servers be delisted because you are technically the bad actor here.
    • Explain the business impact – Let them know that you have a business that is impacted by being listed.
    • Be patient, wait a few days for a response – This is not an instantaneous delisting process.  Some of these blacklists are small shops with a handful of employees.  They also need time to validate that you are no longer spamming, sending malware or other issues.  They will wait to see that your emails are no longer hitting their spam traps or being reported by any new customers.  Be patient.
    • Don’t make multiple requests – It’s okay to make a second request if you have heard nothing in a few days, but refrain from making multiple requests in the first few days of an inquiry.  Blacklists get hundreds or thousands of requests daily and often duplicates drop to the bottom.
    • Don’t pay to delist – All the blacklists checked by MxToolbox provide free delisting services.  A few offer paid expedited delisting services.  MxToolbox does not recommend paying to delist and we do not condone services that require payment.  

After you’ve gone through these steps, you should consider setting up monitoring on your important IP addresses, especially Email and Web servers.  Monitors can alert you to blacklist events as they emerge, rather than waiting for serious business impacts.  MxToolbox offers a wide range of monitoring solutions from Free, single IP solutions, to real-time large network blacklist monitoring.

How do I know if I am listed on a blacklist?

Typically, the first time you find out that you are blacklisted is when customers start telling you that they aren’t receiving your email.  Bounced email is the number one symptom of being blacklisted.  Unfortunately, this is finding out about the problem only after it has impacted your business.

The other way to find out if you have been blacklisted is monitoring.  MxToolbox provides active monitoring solutions for blacklisting events.  Our free IP Blacklist monitor checks your server’s IP address every 7 days to give you a general warning of blacklist issues.  Our paid subscriptions check every 4 hours and premium services check at least once an hour, up to real-time blacklist checking.  The higher the frequency of checks, the more likely you will know about being blacklisted before it becomes a customer issue.

MxToolbox Use Cases: Firewall Setup

Testing Firewalls

Testing firewall setup can be a tricky business.  There are thousands of ports to scan and many types of options that make configurations complicated.  While MxToolbox can’t know every firewall and test every variation, we can give you tips on how to probe your firewall externally using our tools to see if everything is setup properly.

Pre-Test

Before you begin testing your firewall setup, you’ll want to make a few lists:

  1. Make a list of IP addresses and server names.  You should have two lists:  one for public facing servers that you want to be able to access and another for private servers that should not be externally facing.
  2. Make a list of ports that should be accessible on the firewall, based upon the types of servers you have that are public facing.
  3. You may also want to make a list of ports you absolutely want blocked for security reasons.  We have a few in our Portscan Tool.

Verifying Setup

During setup verification, you will run a series of tests against both your public IP addresses and private servers to ensure your firewall is appropriately blocking traffic and permitting only what you want.

  1. Run a port scan on your firewall.  This will tell you if most common ports are open
  2. Ping both lists of servers: IP addresses you want to be public and servers you don’t want to be public.
  3. Run a Traceroute to all public facing servers so you can be sure that traffic is running through your firewall.
  4. Run SMTP, HTTP, or TCP tests on all public facing servers for each port/service combination that the server will be running.  Alternatively, you could simply run a port scan for each server.

On-going Server Maintenance

On-going, you may want to ensure your firewall is open to the ports/services you have specified.  The best way to test this is through regular monitoring.

  1. Setup SMTP monitors for all mail servers behind the firewall
  2. Setup HTTP monitors for all web servers behind the firewall
  3. Setup TCP monitors for all other services on those servers.

Monitors are the best way to know immediately when a service or server goes down.  MxToolbox monitors are constantly probing your systems to check availability, giving you peace of mind knowing that you will know if something goes wrong.

MxToolbox Use Cases: Webserver Setup

Setting up a Web Server

Setting up a webserver for a new or existing domain can be a fairly trivial task with the right tools.  An administrator needs to balance configuring web server software, DNS setup, load-balancing, redundancy, and firewalls.  Here are few tools that might simplify your setup process:

Pre-Check

  1. Run a blacklist check on the IP addresses that you plan to use for your web server.  A blacklisted IP address should not be used for mail servers or web servers as this is an indication of potential fraudulent or spammer activity.

Verifying Setup

We’ll pick-up after you have assigned the IP addresses, and installed the OS and web server software.  From there you will want to verify that your server is up and running and accepting HTTP or HTTPS connects:

  1. Run an HTTP or HTTPS test on each IP that will accept email.  This will perform several tests against your server and give you results on your web configuration. HTTPS tests add a few additional areas related to configuration of the secure socket layer, including certificate checks.

Verifying DNS Setup

  1. Check that you have properly configured A records for the server(s).

On-going Server Maintenance

  1. Setup a web monitor on each IP that will serve as a web server.  This will perform several tests against your server and give you granular results on the status of your HTTP or HTTPS configuration.

Today, almost every online service runs off an HTTP or HTTPS backend.  Knowing that your services are up and running is incredibly important.  With MxToolbox Monitoring solutions, you can be sure that your services are up and performing while you concentrate on making them even better.

MxToolbox Use Cases: Setting up a Mail Server

Setting up a Mail Server

Setting up a new mailserver can be a time-consuming and error-prone process, especially if it involves setting up a server for a new domain.  An administrator needs to balance new email security configurations with DNS setup, redundancy and firewalls.  While these can greatly improve security and email deliverability, they can complicate setup.

Here are a few suggestions for using MxToolbox to ease your mail server setup:

Pre-Check

  1. Run a blacklist check on the IP addresses that you plan to use for your server.  A blacklisted IP address should not be used for mail servers.

Verifying your Setup

We’ll start after you have assigned the IP addresses, and installed the OS and email server software.  From there you will want to verify that your server is up and running and accepting email:

  1. Run an SMTP test on each IP that will accept email.  This will perform several tests against your server and give you results on your SMTP configuration.
  2. Check that the appropriate Email TCP ports are available and responding through your firewalls to these servers.
    1. SMTP on port 25
    2. POP on 110 and 995
    3. IMAP on 143 and 993
    4. Outbound SMTP on 587
    5. OWA on 443
  3. Run a Port scan to make sure other ports are shutdown

Verify your DNS Setup

  1. Check your MX records to ensure they are pointing to the new server.
  2. Check that you have properly configured A records for the server.
  3. Check the servers PTR records to ensure they point back to the domain.
  4. Check your SPF records on the domain.

Final Setup

  1. Send us a test message.  Our Email Deliverability report will give you an in-depth report on email headers, hops and more.
  2. Setup your user lists.  We have an Email Extraction tool that can help you assemble simple lists of email users for addition to your server.

Advanced Testing

You might decide to adopt additional standards to address email delivery and spam issues.  MxToolbox is excited to offer tools that can analyze the setup of both DKIM and DMARC standards.

  1. Check your DKIM setup.  This can be useful for email deliverability as signing emails with a DKIM key can reduce bouncebacks.
  2. Check your DMARC setup.  DMARC can improve email delivery as a fully configured record gives recipients the means to communicate issues with your email.  If you monitor your abuse post, you can uncover and remove issues that might cause blacklisting.

On-Going Server Maintenance

We encourage our customers to setup a regular maintenance plan for their email servers.  Realistically, load issues arise, as do DNS and firewall complications.  The best way to prevent these is to know about them before they take out your email.  Here are a few recommendations to keep your servers up and running:

  1. Setup a Blacklist monitor for each IP address.  Blacklisting can cause lingering email delivery issues.  You want to know when your servers have been blacklisted.
  2. Setup monitors for your email systems MX and A records for this email server.  Typically, these shouldn’t change, but a monitor will ensure you know immediately if something does change.
  3. Setup SMTP monitors for IP address of each server.  SMTP monitors will constantly check your servers to ensure they are up to send and receive email.
  4. Setup a Mailflow monitor for each server.  Our premium Mailflow monitor constantly checks the end-to-end health of your mailservers by measuring traffic flow through the server.  

Monitors give you peace of mind.  You’ll know immediately when there is a service slowdown or outage and be free to concentrate on other issues.  

How can I make full use of my MxToolbox account? Part 11, Add Premium Monitors

In this installment of our series on getting the most from your MxToolbox account, we’ll discuss our premium monitoring options and how they can save you time and money.

Consider Premium Monitoring Options

MxToolbox is constantly striving to develop tools and monitors that save time for IT professionals.  Most of our tools and monitors are included in our MxWatch monitoring packages, but a few are more complicated or require more infrastructure to support.  These are premium monitors that require an extra charge.

Domain Health Monitoring

As an online business, you have a domain; that pesky “.com” thing you run use as your online presence.  This domain has value to you:  It’s your name online.  It’s the location everyone uses to access your services.  It’s how people find you now that the Yellow Pages are a historical curiosity.  Since it’s so valuable, wouldn’t you like a regular report card on your domain that tells you how it’s doing?  That’s our Domain Health Monitor.

Domain Health analyzes your domain and automatically creates the monitors you need for your domain, including: Blacklist, DNS, SMTP and HTTPS monitors.  These monitors scan your domain frequently and report on any potential issues.  You get peace of mind your domain is accessible to your customers and prospects.

Mailflow Monitoring

If you’re running your own mail server, you probably have to deal with users complaining of missing messages, delays or messages not arriving at their destinations.  How mail is processed through your network and servers is important and can affect everything from customer satisfaction to actual sales.  An unanticipated outage could cost you money, time and customers, not to mention a few hours of work and the ire of everyone at the company.  That’s why we developed our Mailflow Monitor.  

MxToolbox Mailflow monitoring is an end-to-end monitor for how email flows through your mfgraphlarge_smallservers.  Every 5 minutes, we send you an email that is forwarded back to our servers.  We analyze the round-trip time and the headers to understand how the email flowed through your servers.  We give you a complete analysis and alert you when our messages reach certain performance thresholds.  You even get reports you can use for management.

DNS Zone Protect Monitoring

If you own a domain, you registered it at a domain registrar and then configured DNS records so that everyone on the Internet could find your website and send you email. Those records are vitally important for your domain to work properly.  DNS Zone Protect is a service from MxToolbox that monitors all of your DNS records for a domain, in real time, to make sure you know for certain that your DNS is working and that all of the information is correct.

DZPChangeSummaryDNS Zone Protect gives you two very powerful features in one simple service. If anyone, using any method, modifies any of your DNS records, you will know about it. This includes possibilities like a compromised DNS login, an attack against your DNS provider, or other possible security vulnerabilities on the DNS Servers. The method of attack doesn’t matter. If your records change, DNS Zone Protect will make sure you will know about it.

The other benefit DNS Zone Protect provides is a comprehensive change history of all your DNS records. This automatic communication is vital so that everyone on your team knows exactly what is being done, in real time. We also keep a histoDZPStatusrical account of changes which allows you to go back and see what your DNS records were at any point in time in the past.  DNS Zone Protect gives you peace of mind about all your DNS for that domain, not just the records you know about.

In the next in our series we will discuss use cases, specifically, how to verify setup of an email server using MxToolbox.

How can I make full use of my MxToolbox account? Part 10, Configuring Paid Monitoring

In this installment in our series on making the most of your MxToolbox account we discuss some best practices for configuring your paid monitors and introduce you to Quickwatch monitors.

Configure Paid Monitoring Options

With an MxWatch account you receive access to the MxToolbox Professional toolset and a number of a la carte monitors that you can use for Blacklists (including Domain blacklists), DNS, Mail, HTTP, or other TCP ports.  You can mix and match the types of monitors you use.  With these monitors, you also get an enhanced interface for managing the monitors that includes:

  • Add users to the account – Maybe you have a small team or a colleague with which you work.  Now you can share a single account and access and control your monitors.  The filters_exampleaccount owner can delegate or retain authority to edit or view monitoring information.
  • Use Tags – Have a large number of monitors or maybe monitors for specific groups within your organization?  Tags enable you to logically group monitors without renaming the monitor.
  • Create Custom Filters – Combined with tags, custom filters enable you to group monitors together in your view.
  • Setup Notification Policies – Once you’ve added users and tags, you might want to control how certain monitors alert you and your team.  Notification policies are highly granular ways of controlling how alerts notify you.

A combination of these items gives you everything you need to simplify notification of specific teams or team members in the event of an outage.

Setup Quickwatch Monitors

Have you ever made a change to DNS and then needed to know when it was finished propagating?  Have you ever needed to know when a VM image was finished loading and new services were available?  With our Quickwatch Monitors you can do that and more.  Quickwatch enables you to set a short-term (1 to 3 day) monitor that automatically expires.  During that time if the monitor detects a change, we alert you.  Since the monitor automatically expires, there’s no need for you to login and deactivate or delete the monitor, it stops tracking on its own.  Since Quickwatch Monitors are light and flexible, you get a larger number of them as part of your paid subscription. Use the on anything that is likely to transition quickly and it’ll save you time rerunning queries on the site.

In our next installment we will discuss premium monitoring options to make your job even easier.