Category Archives: Knowledgebase

Random Password Generator

Websites, servers, systems and pc’s all require passwords.  Most people reuse the same password without thought, but that’s not a good practice in this day of data breaches.  To prevent easy hacks, most sites require passwords fit a certain schema: capital letters, special characters, numbers, etc.  Some require a longer passwords to make a cracking a password more difficult.  Creating these can be difficult as can remembering a password you created on the spur of the moment.

Password Generator

Fortunately, MxToolbox has created a handy random password generator that enables you to create passwords that meet three different levels of security:

  • Easy to Remember – Creates passwords 8 characters long in a standard schema with a capital Letter, lower case letters and 2 numbers.  These passwords alternate consonants and vowels to make them easier to remember.
  • Stronger – Creates slightly longer passwords (10 characters) with a capital letter, special characters and numbers.
  • Very Strong – Passwords in this category are 14 characters long and use multiple capital letters, numbers and special characters in a truly random configuration.

Don’t like the 5 options we provide?  Click the “Generate More” button until you find a password you like.  Now that you can quickly generate a strong password, you just need a way to remember it!

 

How do I test my DNS resolution?

DNS setup and resolution is important for your on-going business.  Without properly configured DNS, your customers cannot find you online.  It’s a pretty common story: You setup a new server and configure the DNS and you can see it on your network, but can anyone else get to your server?   Everything isn’t setup and running until you check DNS resolution with an external 3rd party.

Free Tools

Fortunately, MxToolbox provides free tools that allow you to check your DNS resolution externally, so you can verify what your customers see.

Our DNS Lookup tool will return all the authoritative A records for a domain.  This is useful to ensure basic DNS configuration.

Our SuperTool contains a number of useful DNS lookups.  Most often our users check on DNS records for mail like MX, SPF, DMARC, and DKIM.  However, we support the most common DNS lookups, including A, AAAA (for IPv6), PTR, SOA, TXT, LOC and others.supertool

SuperTool also includes a lookup (DNS:) for all the name servers authoritative to your domain so you can see them all at-a-glance.  This lookup includes an analysis of the name server configuration compared to relevant RFCs.dnslookup

MxToolbox Premium Services

A la carte, DNS monitoring with MxWatch Monitoring packages.

Starting at $20/month, you can setup custom DNS monitors for your systems and domains.  These monitors alert you immediately if a record changes or servers fail to respond.  Learn More.

Turn-key DNS monitoring with Domain Health Monitoring.

Domain Health analyzes your domain’s configuration and automatically creates the appropriate DNS, SMTP, and HTTP monitors for your domain.  You get one free Domain Health Monitor with an MxWatch Monitoring package.  Learn More

Comprehensive DNS Change Management and Security Monitoring with DNS Zone Protect.

Our latest product constantly scans  the entire DNS setup for your domain and alerts you when any change is made.  Unlike traditional DNS monitors, DNS Zone Protect can detect the addition of new subdomains that could be the start of a Domain Shadow attack.  Learn More.

I didn’t do anything, but my domain is on a Blacklist

At MxToolbox, we occasionally see a domain on an IP blacklist as a source of spam or malware when the owner of the domain has done nothing wrong.  This article will discuss the issue and potential solutions.

The first thing we always recommend to customers with a potential spam or malware problem is to review the following things:

  1. Have you violated any CAN-SPAM regulations recently?
  2. Have you had a virus or malware outbreak in the recent past?
  3. Do you run your own mailserver?  Has it been on a blacklist recently?

If you answered “Yes” to any of these questions, you may have earned your spot on the blacklist but we can still help you with some tools and techniques.  Learn more about our blacklist solutions.

If the answer to all of these questions is “No”, you may still be on a blacklist through no fault of your own.  If you are hosting your domain in a shared environment, it is typical that the IP address associated with your domain is the same as the IP address associated with several other domains. These shared environments use the same servers for multiple domains.  In this case, the IP address of the server has been blacklisted.  This may be due to one of the other domains on this server having trouble with spam or malware.  It’s not your fault, you’re tainted by association.

What can you do?

You have a few options that involve talking to your Internet Service Provider (ISP).  First, you must notify your ISP that your shared host has a blacklist issue.  This problem affects all the domains hosted on that server and your ISP needs to notify other customers on the affected server.  Also, they may need to protect other servers, or run anti-virus and anti-malware protection on the server as the blacklisting may have been as a result of an infection.  Second, you can ask your ISP to move your domain and website to another server or have the IP address of your server changed to one that is not blacklisted.  If the domain that caused the blacklisting remains on the same server, however, your blacklist problem will only go away temporarily.  Another option is to move your domain to a dedicated host, where you are not sharing a server.  This may be more expensive but will make you entirely responsible for the blacklist health of your domain.

MxToolbox email experts can help you with everything you need around blacklists, including:

  • Lookup tools for identifying the blacklists you are on
  • Monitoring tools to constantly watch your domains and IP addresses for inclusion on a blacklist (and our paid monitoring solutions come with our top-notch support)
  • Cloud-based Email Protection and Total Security packages to prevent future attacks that would get you blacklisted
  • Information on blacklist and links to the blacklist, including delisting resources.

We also offer a turn-key Domain Health Monitoring solution that automatically monitors all the important aspects of your domain, from blacklists to email to website health.

Contact us to learn more.

How do I get off the Blacklist?

This is the final article in a multi-part introductory series on blacklists and blacklist activity.

Most of our customers come to us when their business has already been adversely affected by blacklisting.  Email is crippled by low deliverability rates.  The first question our experts are asked is always “How do I get off this $%&! blacklist?”  The process is really simple, but it often takes time.

First, you need to stop spamming, or sending viruses and malware.  The infected systems need to be shutdown or quarantined.  This could mean taking down email servers or infected workstations across the company.

Second, you need to put in place tools that prevent future exploitation of your systems.  MxToolbox, as an expert in email and blacklists, recommends cloud-based email security software that protects both inbound and outbound email.  You can contact our experts to learn about our Email Protection and Total Security packages.

Third, you must contact the blacklisting agency or agencies to get delisted.  If you are on multiple blacklists, you must contact each one separately as each has their own preferred delisting process.  One thing is universal: before removing you from their list, blacklist operators will require you to explain the steps you took to prevent further spam, malware or botnet attacks from your servers.

MxToolbox email experts can help you with everything you need around blacklists, including:

  • Lookup tools for identifying the blacklists you are on
  • Monitoring tools to constantly watch your domains and IP addresses for inclusion on a blacklist (and our paid monitoring solutions come with our top-notch support)
  • Cloud-based Email Protection and Total Security packages to prevent future attacks that would get you blacklisted
  • Information on blacklist and links to the blacklist, including delisting resources.

Contact us to learn more.

How can I prevent getting on a Blacklist?

This is the third article in a multi-part introductory series on blacklists and blacklist activity.

The simple answer is don’t spam, or send malware or viruses and you won’t get on a blacklist!  Unfortunately, this is not as simple as it sounds.   As applications and operating systems get more powerful and complex, they open more possibilities for exploitation.  Spammers and hackers are finding new ways everyday to exploit these systems.  Your system administrators keep up with patches, but, often what fails isn’t the configuration, patch or security, it’s human nature.  All it takes is an errant click on the wrong link or downloading something from the wrong site and your systems can be infected with malware.

The best way to prevent blacklisting is to limit the risk of a malware infection through comprehensive email filtering.  Now that botnets are also problematic, we also recommend security software that filters website URLs and DNS to offer additional protection.

At MxToolbox, we offer comprehensive email security solutions

  • Email Protection + Continuity provides inbound and outbound mail filtering to ward off spam, malware and other email-based attacks.  Outbound filtering means that even should your servers be compromised, spam will not be passed on to your customers.  With Continuity, should your email go down, your users will still have access to send and receive email while you work the issue.

  • Total Security includes everything from Email Protection + Continuity but adds in DNS and URL filtering of websites, both of on-premise and mobile devices.  With Total Security, your users are protected even if they click on links that download botnets or malware and also protected from botnets reaching out to host servers.

Regardless of the software you choose, implementing a comprehensive email security solution is necessary to prevent blacklisting and ensure email deliverability.  Contact us for more information.

In the next installment of our series on Blacklists, I will discuss the steps you need to take to get off of blacklists.

How did I get on a Blacklist?

This is the second article in a multi-part introductory series on blacklists and blacklist activity.

At MxToolbox, our experts see the same story play out time and again:

For a few weeks or days, a small number of seemingly random emails bounce back or delivery fails.  At first, this is no real problem; email is never 100%, right?  Then, an important email to a big client goes missing and your users get nervous.  Administrators at your client’s organization says you’ve been blacklisted so they can’t accept email from you.  By then, you realize a large portion of your email isn’t getting through to anyone.  Your business is at risk and it’s all because you are on a blacklist!

Blacklist operators use a number of ways to catch and track undesirable activity but sometimes they capture legitimate businesses, like yours.  Typically, legitimate businesses get placed on a blacklist for one of the following reasons:

  • Relaying spam through in-house email servers
  • Sending malware, viruses or spam from individual accounts
  • Denial of Service (DoS) or other type attacks from malware infected servers or networks
  • Unknowingly Sending phishing emails or unsubscribe attacks
  • Operating a mail server with no reverse DNS, such as from an IP address in your Internet Service Provider’s (ISP’s) dynamic IP address pool (DHCP)
  • Failing to honor unsubscribes when mailing

So, you can see there are a number of reasons that you can end up on a blacklist without actually intending to do something undesirable.  Most often, our experts find that a blacklist issue was caused by your servers passing on spam, viruses or malware.  This condition is highly preventable!

At MxToolbox, our experts understand the common causes of blacklisting.  We can help you take immediate steps to get removed from blacklists and provide thoughtful solutions to keep you off blacklists in the future.  Contact us for more information.

In the next installment of our series on Blacklists, I will discuss some methods for preventing blacklists.

What is a Blacklist?

This is the first article in a multi-part introductory series on blacklists and blacklist activity.

A Realtime Blacklist, or RBL, is a list of IP addresses and domain names that an organization has decided to block, typically for spam.  There are many Blacklists, and each focuses on different types of undesirable behavior.  For example:

  • CBL or Composite Blocking List is a DNS-based blackhole list of suspected e-mail services sending SPAM email resulting from virus or malware infections.
  • Listing on Backscatterer blacklist indicates that your server is issuing “backscatter” in the form of Non-Delivery Reports (bounces) to external users, or misdirected autoresponders and sender callouts.
  • Inclusion in either of the MAILSPIKE Blacklists (BL or Z) means that your IP Address has most likely been identified as being part of a real-time spam outbreak.

Blacklists are typically used to block undesirable internet traffic.  For example:

  • Blocking access to websites on domains known for malware
  • Blocking incoming email from IPs or domains known to be spammers
  • Blocking access to IP addresses based in risky countries

MxToolbox does not own or operate any of these blacklists.  Instead, our email experts curate a list of over 100 blacklists and aggregate blacklist information into a single, central lookup tool.  Our tools enable you to check your mail server IPs and domain names against all these blacklists in a single consolidated interface.  Our monitoring packages enable you to monitor your domains and IP addresses for blacklist activity and get instant notification when placed on a blacklist.  We built our lookup and monitoring tools to help you navigate the complicated world of blacklists.

Your email deliverability depends on staying off of blacklists.  Get protected today.

In our next installment of our series on Blacklists, I will discuss how legitimate businesses sometimes end up on blacklists.

Disable Outlook Filtering

Many administrators don’t realize that Outlook by default has its own filtering in place. This filtering is very basic and it doesn’t usually cause any issues with your existing mail server security or 3rd party filtering. If you have exhausted your efforts in troubleshooting missing mail or false positives you may disable this filtering to see if that helps. To disable Outlook Filtering, follow these steps:

  1. Open Outlook
  2. Click Actions > Junk E-mail >Junk E-mail Options
  3. Select No automatic filtering;
  4. Press OK.

Search Gmail logs in the administrator control panel

This is very exciting news!

What happened to an inbound or outbound message? Was a message sent to my domain and marked as spam? Which users sent or received a specific message? Starting today, domain admins can get answers to these and other such questions using Gmail log search. This feature is now available in the administrator control panel.

See Finding messages with email log search for steps on using the email log tool located within the Reports tab. See Viewing message details for a description of the output. Finally, see Interpreting message details for recommendations on using log search results to investigate delivery issues.

Guidelines

When using email log search, keep in mind these limitations and conditions:

  • Only super administrators have access to email log search.
  • Resellers do not have access to the email log search feature for a resold domain when accessing its control panel via the reseller console.
  • Messages may take up to an hour after being sent or received to appear in the email log search database.
  • Only messages from the past 30 days can be retrieved via search.
  • The maximum date range for queries is a seven-day period.
  • Log times are shown in the administrator’s own time zone.
  • Mail sent to a Google Group or other mailing list doesn’t appear unless a Google Apps user is a member of that group and a recipient of the message.
  • Focused queries are faster and recommended. For instance, a specific message ID query may take a few seconds to return results while more generic queries without a message ID may take dozens of seconds to complete.
  • Search values must be complete. No partial matches or wild cards are supported.
  • Although the subject is shown in search results, messages cannot be queried by subject.
  • Only one sender or recipient can be entered in a query. Multiple entries are not supported.

For more information:
http://support.google.com/a/bin/answer.py?hl=en&answer=2604578

New Ping and Traceroute Tools available at MxToolbox.com

Today we’re happy to announce that we have added ICMP Ping and Traceroute to our Free Tools at mxtoolbox.com. Typically you would use a Windows Command Processor or Terminal shell to utilize Ping and Traceroute to help troubleshoot issues however it is often very useful to run these tools from a location other than where you are currently sitting, so we’ve added it to the arsenal of commands available on our site.

Ping (http://en.wikipedia.org/wiki/Ping)

Ping is a commonly used tool to test the reachability of a host (IP) and also measures the round trip time on the response.

NOTE: Don’t confuse the new ICMP ping tool with our ping@mxtoolbox.com email trace tool. Ping@mxtoolbox.com was created in the spirit of ICMP ping as a quick tool to test Inbound and Outbound mail flow on a server. For more details on ping@mxtoolbox.com, go here.


Traceroute (http://en.wikipedia.org/wiki/Traceroute)

Traceroute tracks the path that a packet takes from the source to a destination address.  A traceroute also shows how many times your packets are being rebroadcast by other servers until it gets to the final destination.

Along with our Free DNS Tools, we also offer Free Server Monitoring. Our MxWatch Monitoring will allow you to setup Monitors for Blacklists, SMTP and more. You will then be alerted via email or SMS text if there is an issue with a Monitor, which can help you address problems before they escalate. The Free version of our MxWatch includes two Monitors, which can be used to check the Blacklist every seven days or any other additional alerts of your choice; SMTP, TCP, HTTP, etc. We also offer Paid Services for those individuals that want to monitor more than two sites or servers.  Why choose the paid services? The MxWatch Basic package provides up to 10 Monitors as well as access to the Tier II expertise of our rock-star Support Team!

Here is the full list of available commands for our Free DNS Tools:

Command Explanation
blacklist: Check IP or host for reputation
smtp: Test mail server SMTP (port 25)
mx: DNS MX records for domain
a: DNS A record IP address for host name
spf: Check SPF records on a domain
txt: Check TXT records on a domain
ptr: DNS PTR record for host name
cname: DNS canonical host name to IP address
scan: Perform a port scan on the host
whois: Get domain registration information
arin: Get IP address block information
soa: Get Start of Authority record for a domain
tcp: Verify an IP Address allows tcp connections (tcp:ip:port)    New!
http: Verify an IP Address allows http connections (http:”url”:”regex”)    New!
https: Verify an IP Address allows secure connections (https:”url”:”regex”)    New!
ping: Perform a standard ICMP ping  New!
trace: Perform a standard ICMP trace route  New!


As always we thank everyone for their feedback on our tools, to reach out to us please email us at feedback@mxtoolbox.com.