Insure your business

Your own mail filter is better.
Author: admin

July 8, 2015



Domain health
Author: admin

September 16, 2014

Posted in Exchange Server,IT | |

Are you one of these guys?

1. You don’t have enough budget or you don’t have enough knowledge. So you declare 2 name server to point to the same IP.


2. You seems to have 2 name servers but actually one name server failed for a long time. Finally you have only one name server.


3. Your name servers are in same subnet.


4. You have stealth NS Records.


5.  According to RFC2182 section 5,  you must have at least 3 nameservers and no more than 7. You have only 2 name servers and you don’t care for the standard.


Posted in Azure,Exchange Server | |

Why do you need your own blacklist, bl, RBL or DNSBL?
1. It takes very long time to add IP you want to the blacklist while spam mails keep coming everyday.
2. You have to register, verify, login and you have to submit sample spam mail to the DNSBL site.
3. For your own list, you can add, delete or query as many times as you want.

How does a DNSBL work?
DNSBL is a non-recursive DNS server. The mail server convert the IP address of every incoming SMTP connection and check against one or more blacklist sites.

Single blacklist IP
09/15/14 05:51:19:868 — (6352) Connection from: – Originating country : Indonesia
09/15/14 05:51:21:743 — (6352) Resolving – Error resolving IP address (DNS Server Reports Query Server Error)
09/15/14 05:51:21:743 — (6352) – Mail from: To: will be rejected

Class C blacklist IP 196.27.76.x
09/15/14 17:22:21:964 — (10640) Connection from: – Originating country : Mauritius
09/15/14 17:22:27:058 — (10640) Resolving –
09/15/14 17:22:27:073 — (10640) – Mail from: To: will be rejected

Class B blacklist IP 189.111.x.x
09/15/14 19:12:26:042 — (10556) Connection from: – Originating country : Brazil
09/15/14 19:12:48:244 — (10556) Resolving –
09/15/14 19:12:48:244 — (10556) – Mail from: To: will be rejected

If the blacklist IP is
You can check if that IP is in blacklist by using nslookup

Default Server:


*** can’t find N
on-existent domain
(This means is not in blacklist)


Non-authoritative answer:
(This means is blacklist)


Non-authoritative answer:
(This means or to are blacklist)


Non-authoritative answer:
(This means or to are blacklist)

How to build your own blacklist?
Since Azure is free for 30 days, I’m going to implement DNSBL on Azure.
Once you setup virtual machine in Azure,
1. Add DNS server role.
2. Add DNS zone name (
dnscmd localhost /zoneadd /primary /file
3. Add BL deligation zone (DNSBL) (ns1 is a DNS server name or FQDN)
dnscmd localhost /recordadd dnsbl ns ns1
4. Add DNS sub zone name (
dnscmd localhost /zoneadd /primary /file
5. Add blacklist IP to
dnscmd DNSServerName /RecordAdd DNSZoneName ReverseBLip RecordType IPAddress

dnscmd ns1 /RecordAdd A
dnscmd localhost /RecordAdd *.76.27.196 A
dnscmd /RecordAdd *.111.189 A

Using excel to reverse your IP.



Download DNSBL.txt from 1 Aug 2014 – 21 Sep 2014

DNSBL script


Exchange Server 2013
Author: admin

December 22, 2013

Posted in Exchange Server | |

Download a 180 days free trial.