Category Archives: Uncategorized

INPS_DE Blacklist Offline

The INPS_DE blacklist, operated out of Germany recently decided to shut down their blacklist service due to changes in regulations. As such, we have temporarily removed them from our blacklist monitoring services. If they decide to reinstate their blacklist database we will re-evaluate their inclusion in our monitoring.

Notice of blacklist database termination from the blacklist operator:

For more than 10 years I, Christian Jung, have been working with passion and enthusiasm the inps.de DNSBL and the inps.de DNSWL. I wanted to work with these projects which have been very well received, making the internet a little bit better and also to be a small part of it.

The protection of data has always played a significant role in development. The entry into force of the basic data protection regulation DSGVO on 25.05.2018 succeeded for However, a massive insecurity and with the means available to me I can get one Legal advice, which would provide the necessary clarity, at the present time simply can not afford.

For this reason, I have decided with a heavy heart, the inps.de DNSBL for the time being “put on ice” and to offer it to the public only when there is clarity in this respect. From my DNS servers will be delivered an empty zone, so that all previously entered IP addresses to the outside are no longer registered. I thank from the bottom of my heart all those who have supported my projects in the past years so energetically supported. Without this support would be the hit rate far from being so good.

Sectoor Exitnodes shutting down

Update: We have shut down blacklist monitoring on Sectoor Exitnodes as this blacklist is in fact currently offline.

If you have received blacklist alerts regarding this list, the alerts and monitor status will be automatically corrected by our monitoring system during the next check. There is no action you need to take at this time.


Earlier today we detected abnormal behavior from the blacklist Sectoor Exitnodes. Its domain registration expired recently and their blacklist database is now showing signs it may be going offline.

We are monitoring this situation and will update this post once more details are available.

Abuse System Update

On May 9th we updated our abuse system to shutdown unauthorized and excessive access to our site and improve service to our free and paying customers.  During the update of the abuse management system all access to the site was shutdown for approximately 10 minutes instead of the shorter planned outage.

As of Noon Central US time all access has been restored.  We apologize for the inconvenience.

NoSolicitado False Positives

Blacklists operate using DNS system where a blacklist publishes a set of IP addresses that are blacklisted. We query these lists in real-time to give you a consolidated report of the blacklist reputation of and IP address. Sometimes a DNS server at a blacklist operator may get out of sync with the entire pool or the pool may get out of sync with the database. Regardless of the root cause, we always display what we receive when we query the blacklist providers’ DNS servers.

Currently, we are noticing On Friday, we noticed some issues where the Blacklist NoSolicitado is showing some IP addresses blacklisted and then quickly delisting them. These bounces are affecting customers with blacklist monitors and those searching IP addresses. We will update when there is more information.

Update:  NoSolicitado has updated their DNS and we are no longer showing false positives of listing/delisting bounces.  If you are on NoSolicitado, it is a legitimate listing.

DMARC Record Missing Alerts

Have you heard of DMARC?  It is the newest way to protect your email delivery and online reputation from delivery failures, misconfigurations and fraud and phishing attempts.  If you aren’t using DMARC, you are at risk from email delivery failures.  Learn more about DMARC, DMARC Compliance and Email Delivery.

Since DMARC is such a pivotal technology, we have decided that our customers need to be alerted when it is not configured.   Therefore all MX record lookups will show a critical warning when a DMARC record is not found (see below).  Paid users with MX monitors will receive critical alerts that a DMARC record is missing or misconfigured for their domain.

DMARC record missing.png

MxToolbox experts feel that DMARC is critical to your business success.  Our team is ready to help you with your DMARC configuration and transition to a focus on proactive email delivery management.  Our most recent products MxToolbox Delivery Center and MxToolbox Fraud Center leverage DMARC to improve your email delivery and protect your brand from email fraud.

DNSSEC Root Zone Key Signing Key (KSK) Rollover

What is it?

The KSK is a public-private key pair that allows the DNSSEC protocol to secure your DNS information. The public part of the key is the starting point for DNSSEC queries similar to how the root servers are the starting point for DNS queries. The private part of the key is used by Verisign to sign the Zone Signing Keys in the DNSSEC-sign of the root zone.

What does that mean?

If you’re not using DNSSEC then you don’t have anything to worry about. DNSSEC is a additional security measure that can be taken to secure your DNS information and verify that your domain is actually yours. If you’re not sure that you’re using DNSSEC then you likely are not using it. You could ask whomever is responsible for your DNS to find out for sure.

If you are using DNSSEC then you will need to create a new key pair and retire your current key pair so that DNSSEC will keep functioning. This will be done automatically for you if you are supporting RFC5011 (https://tools.ietf.org/html/rfc5011). Otherwise, you will need to manually update the trust anchor at http://data.iana.org/root-anchors/ and you can find information about testing your configuration at https://www.icann.org/en/system/files/files/ksk-rollover-external-test-plan-22jul16-en.pdf

MxToolbox Resources

networktools_dns.png

MxToolbox has all the DNS and DNSSEC tools you need to help you through this transition.  We have everything from basic DNS lookups, to DNSKEY, NSEC and IPSECKEY lookups to comprehensive domain research tools, like Investigator.  You can even validate your DNS Cert or HTTPS Certificate.  All of these tools are easily accessible from

our Network Tools page (see image).

Additional Resources:

https://www.icann.org/news/blog/dnssec-rolling-the-root-zone-key-signing-key

https://www.icann.org/resources/pages/ksk-rollover

The Status of SpamCannibal

We have temporarily removed SpamCannibal from the list of the over 100 blacklists we check when you use our service.  This means that it will temporarily not appear during searches.

Why?

For approximately the last week, SpamCannibal has failed to resolve in DNS and failed to respond to other queries.  For the moment we are treating it like a temporary outage and simply suspending use of it while we wait for more information.

Typically, when a blacklist goes down permanently, they let everyone know by blacklisting the entire world.  This has not happened.  Instead, we simply stopped receiving status from queries and DNS now times out for the site.  No public announcement has been made, so we are assuming that the outage is temporary until we get more information.

What’s the Status of my Monitors?

We maintain the last status of your IP address or domain associated with the monitor for each blacklist.  If you were on SpamCannibal’s list before the outage, you are still considered to be blacklisted until we find our what has happened to their list.  If you were not on the blacklist at the time of the outage, your status will not change.

What does this mean for email delivery?

Being on a blacklist means that if any company uses that blacklist for email delivery or rejection purposes, your email could be rejected.  Anyone who was using a copy of the SpamCannibal blacklist at the time of the outage may still be using that copy for decision making purposes.

Can an IP or domain be delisted?

Not at this time.  Since the site is inaccessible, there is no method for delisting available. If there is more information or the site remains down for an extended period of time, we may decide to flush all monitors that are currently listed as blacklisted by SpamCannibal.

We will continue to monitor SpamCannibal and return them to our pool of blacklists if the site should recover.