Blog | Technical

How seriously are you taking your Email Server setup ?

Recently I`ve started digging into mail server settings and the need for tighter security.
Some of the findings are startling ! I have found to my cost that not having the settings described below can cause major issues with sending and receiving email.
In recent years the large companies that deal with sending and receiving email have tightened the way that users can send email through their systems.

There is so much spam and phishing that the companies have tightened up the way that mail senders are recognised.

My findings below give some items that need to be looked at to ensure a free flow of email from and to your mail server.I use MXtoolbox.com to test out DNS and IP settings for websites and Mail server.

Should you find that you find the settings like this when checking your domains, it means you will often get issues sending and receiving email:

-- SMTP Open Relay May be an open relay.
-- DMARC Policy Not Enabled DMARC Quarantine/Reject policy not enabled
-- Status Ok SMTP Reverse DNS Mismatch OK - 99.99.9.9 resolves to mail--server.anycompnay.com
-- Status Ok SMTP Valid Hostname OK - Reverse DNS is a valid Hostname

Email Providers like Yahoo, AOL, BT, Google will block or delay messages that do not have DMARC Quarantinme enable, have an incorrect Reverse DNS name and most certainly can cause issues if it happens to be an Open Relay.

 MXtoolbox mail server checks

Open relay


An open relay is an Simple Mail Transfer Protocol (SMTP) email server that allows anyone on the Internet to send messages through it while hiding or obscuring the source of the messages being sent. THIS IS A SERIOUS SHORTCOMING on a mail server setup and coudl lead to serious reprucussions.

SMTP

Reverse DNS Mismatch
Some receiving mail servers may use this as an indication of a possible spam source in a scoring system. Most will not reject incoming mail solely on this basis. We recommend that you contact your ISP and ask them to setup a reverse record (PTR) that matches the hostname of your mail server.

DMARC email policy


DMARC is a key component of a brand`s email security and deliverability strategy as it enables: Visibility - Monitor emails sent using your domain to ensure they are properly authenticated using SPF and/or DKIM. Brand Protection - Block spoofed messages that might damage your brand`s reputation with customers.

SMTP Open Relay


During diagnostics we attempt to simulate sending a message to a fake email address; test@example.com. We do this to try to detect if your server is an open relay, which means that it accepts mail to domains for which it is not responsible and then passes it along to the proper server. Your server responded with a 200 accepted code to our RCPT TO command. THIS DOES NOT MEAN YOU ARE OPERATING AN OPEN RELAY, only that you may be an open relay.
Information taken from Mxtoolbox.com, refer to their ite for further information.

Check out how to verify below - all green is good.