Solved

Is my email domain blacklisted?

Posted on 2008-06-13
8
806 Views
Last Modified: 2013-12-20
How do i find out the ip address of my email domain without contacting my ISP?
0
Comment
Question by:shmeezy
  • 4
  • 3
8 Comments
 
LVL 12

Accepted Solution

by:
NetAdmin2436 earned 125 total points
ID: 21782947
http://www.mxtoolbox.com/index.aspx

Then type your domain.

Example: companyA.com
0
 
LVL 12

Assisted Solution

by:NetAdmin2436
NetAdmin2436 earned 125 total points
ID: 21782959
The above was to find your ip address. This is to see if your blacklisted.
http://www.mxtoolbox.com/blacklists.aspx
0
 

Author Closing Comment

by:shmeezy
ID: 31467083
Thanks, thats the free site that I was looking for.
0
 

Expert Comment

by:jono55
ID: 29461334
I'm trying to understand the difference between a DOMAIN NAME being blacklisted VERSUS the IP address that a Domain resides upon being blacklisted....

OR are these things 1 in the same?

Short background:
When i use these online "Black List" checking tools for my domain (vsurv.com) i am told that my ip address (209.85.23.178) IS black listed... This is the IP address of the server upon which VSurv.com is pointed to (ie: The "A Record" for Vsurv.com = @        209.85.23.178).

BUT! We don't use that IP address (or server) to send emails! it has no SMTP server on it... it IS NOT set to be a MX server... in fact we use GOOGLE as our mail server (via Google Apps). Google is setup in our DNS records as our MX Servers. and our SPF record PASSES with GOOGLE as our email sender....

So i don't understand why VSurv.com is being blacklisted for IP address 209.85.23.178 when we don't send emails from that server!

H E L P !



0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 12

Expert Comment

by:NetAdmin2436
ID: 29463966
First, I suggest you open a new question so more experts will be able to see it.

Second, You might want to think seriously before you post your domain and external IP address again. That's always a no no in a public forum, and opens your network up to attacks from hackers. You are basically giving a potential hacker your external IP address, domain name and telling them your current problem. For all you know, I could be a hacker....and now I can target your network. Believe it or not, tech sites like this can be a haven for hackers.

But, I will say that (from my understanding of your setup) that it sounds like you may have a couple of computers on your network with malware infections that could be sending out spam and making it look like it's coming from your A record. That's just a possibility I see. I'd make sure all your computers are free from malware and have their firewalls on. Then, typically, on your corporate firewall you can set it up so it ONLY will send or recieve email from your server. So if ComputerA, ComputerB try sending out spam email, your corporate firewall will block it.

Another possibility is that a large number of emails were spoofed (which they typically are) and your network was the "sender". Send a request for your IP address to be taken off the blacklist. Then just monitor it every few weeks to see if it comes back.
0
 

Expert Comment

by:jono55
ID: 29465541
Thanks for the gentle warnings. But other than simply putting my domain name and IP address "on the radar" for hackers that might use this forum... it's really not any information that you couldn't find out VERY easily...

The IP address and domain name i gave are from our public web server hosted in a data center... people find us on google every day... and hackers try to attack us every day :)

This isn't my internal server here at our office...
0
 
LVL 12

Expert Comment

by:NetAdmin2436
ID: 29469583
It's not just your domain and IP address, it's also the fact that your explaining the problem and your network/email configuration along with it. This is one of the things that's taught/explained in the C|EH exam. Anyways, I'm not trying to preach or argue, do want you want.

Have a great day :)
0
 

Expert Comment

by:jono55
ID: 29470683
Thanks!

Soooooo.... Any thoughts? Now that u know this isn't an office LAN, and assuming that it IS something I've done (as opposed to something my host did...), what is a likely explanation?
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now