Recently I`ve started digging into mail server settings and the need for tighter security.
Some of the findings are startling ! I have found to my cost that not having the settings described below can cause major issues with sending and receiving email.
MXtoolbox mail server checks
In recent years the large companies that deal with sending and receiving email have tightened the way that users can send email through their systems. We all know how much spam and phishing that goes on.
My findings below give some items that need to be looked at to ensure a free flow of email from and to your mail server.I use MXtoolbox.com to test out DNS and IP settings for websites and Mail server.
Should you find that you find the settings like this when checking your domains, it means you will often get issues sending and receiving email:
-- SMTP Open Relay May be an open relay.
-- DMARC Policy Not Enabled DMARC Quarantine/Reject policy not enabled
-- Status Ok SMTP Reverse DNS Mismatch OK - 220.127.116.11 resolves to mail--server.anycompnay.com
-- Status Ok SMTP Valid Hostname OK - Reverse DNS is a valid Hostname
Email Providers like Yahoo, AOL, BT, Google will block or delay messages that do not have DMARC Quarantinme enable, have an incorrect Reverse DNS name and most certainly can cause issues if it happens to be an Open Relay.
An open relay is an Simple Mail Transfer Protocol (SMTP) email server that allows anyone on the Internet to send messages through it while hiding or obscuring the source of the messages being sent. THIS IS A SERIOUS SHORTCOMING on a mail server setup and coudl lead to serious reprucussions.
During diagnostics we attempt to simulate sending a message to a fake email address; firstname.lastname@example.org. We do this to try to detect if your server is an open relay, which means that it accepts mail to domains for which it is not responsible and then passes it along to the proper server. Your server responded with a 200 accepted code to our RCPT TO command. THIS DOES NOT MEAN YOU ARE OPERATING AN OPEN RELAY, only that you may be an open relay.
Information taken from MXtoolbox.com , refer to their site for further information.
Reverse DNS Mismatch
Some receiving mail servers may use this as an indication of a possible spam source in a scoring system. Most will not reject incoming mail solely on this basis. We recommend that you contact your ISP and ask them to setup a reverse record (PTR) that matches the hostname of your mail server.
DMARC email policy
DMARC is a key component of a brand`s email security and deliverability strategy as it enables: Visibility - Monitor emails sent using your domain to ensure they are properly authenticated using SPF and/or DKIM. Brand Protection - Block spoofed messages that might damage your brand`s reputation with customers.
DMARC should be easy to setup. The image below shows the Domain Admin system Virtualmin with the parameters that need to be setup. Other providers may have a slightly different format but setting these parameters helps with major Mail Server providers.
DMARC helps if you often mail to email monopolies (gmail/outlook). they pay attention to that. some other big players too. not all email providers utilise this function, but in general it’s another helpful measure if you’re counting on email deliverability. IMO ensureing this being set ensures you tick all the boxes, I`ve seen emails being bounced because security isn`t tight enough.
[ -- link to No Card reader needed ]
Check out how to verify by following the video - all green is good.
If you don`t have a payment card reader, then still take payments. Check out our new way to pay on the link below :