LVKNET.com

Insure your business

Your own mail filter is better.
Author: admin

July 8, 2015

mailFilter

  

Domain health
Author: admin

September 16, 2014

Posted in Exchange Server,IT | |

Are you one of these guys?

1. You don’t have enough budget or you don’t have enough knowledge. So you declare 2 name server to point to the same IP.

onedns

2. You seems to have 2 name servers but actually one name server failed for a long time. Finally you have only one name server.

faileddns

3. Your name servers are in same subnet.

samesubnet

4. You have stealth NS Records.

stealthdns

5.  According to RFC2182 section 5,  you must have at least 3 nameservers and no more than 7. You have only 2 name servers and you don’t care for the standard.

twodns

  
Posted in Azure,Exchange Server | |

Why do you need your own blacklist, bl, RBL or DNSBL?
Because
1. It takes very long time to add IP you want to the blacklist while spam mails keep coming everyday.
2. You have to register, verify, login and you have to submit sample spam mail to the DNSBL site.
3. For your own list, you can add, delete or query as many times as you want.

How does a DNSBL work?
DNSBL is a non-recursive DNS server. The mail server convert the IP address of every incoming SMTP connection and check against one or more blacklist sites.

Single blacklist IP 180.250.93.188
09/15/14 05:51:19:868 — (6352) Connection from: 180.250.93.188 – Originating country : Indonesia
09/15/14 05:51:21:743 — (6352) Resolving 180.250.93.188 – Error resolving IP address (DNS Server Reports Query Server Error)
09/15/14 05:51:21:743 — (6352) 180.250.93.188 – Mail from: coventrieszh6@bk.ru To: f6e14b6@lvknet.com will be rejected

Class C blacklist IP 196.27.76.x
09/15/14 17:22:21:964 — (10640) Connection from: 196.27.76.223 – Originating country : Mauritius
09/15/14 17:22:27:058 — (10640) Resolving 196.27.76.223 – ADSL-TPLUS-76-223.telecomplus.net
09/15/14 17:22:27:073 — (10640) 196.27.76.223 – Mail from: order@zodiacsalespromotions.co.uk To: f6e14b6@lvknet.com will be rejected

Class B blacklist IP 189.111.x.x
09/15/14 19:12:26:042 — (10556) Connection from: 189.111.251.26 – Originating country : Brazil
09/15/14 19:12:48:244 — (10556) Resolving 189.111.251.26 – 189-111-251-26.dsl.telesp.net.br
09/15/14 19:12:48:244 — (10556) 189.111.251.26 – Mail from: order@zodiacsalespromotions.co.uk To: f6e14b6@lvknet.com will be rejected

If the blacklist IP is 180.250.93.188
You can check if that IP is in blacklist by using nslookup

C:\Users>nslookup
Default Server: google-public-dns-a.google.com
Address: 8.8.8.8

> 188.93.250.180.dnsbl.lvknet.com
Server: google-public-dns-a.google.com
Address: 8.8.8.8

*** google-public-dns-a.google.com can’t find 188.93.250.180.dnsbl.lvknet.com: N
on-existent domain
(This means 180.250.93.188 is not in blacklist)

> 188.93.250.180.dnsbl.lvknet.com
Server: google-public-dns-a.google.com
Address: 8.8.8.8

Non-authoritative answer:
Name: 188.93.250.180.dnsbl.lvknet.com
Address: 127.0.0.2
(This means 180.250.93.188 is blacklist)

> 223.76.27.196.dnsbl.lvknet.com
Server: google-public-dns-a.google.com
Address: 8.8.8.8

Non-authoritative answer:
Name: 223.76.27.196.dnsbl.lvknet.com
Address: 127.0.0.3
(This means 196.27.76.223 or 196.27.76.1 to 196.27.76.254 are blacklist)

> 26.251.111.189.dnsbl.lvknet.com
Server: google-public-dns-a.google.com
Address: 8.8.8.8

Non-authoritative answer:
Name: 26.251.111.189.dnsbl.lvknet.com
Address: 127.0.0.4
(This means 189.111.251.26 or 189.111.0.1 to 189.111.255.254 are blacklist)

How to build your own blacklist?
Since Azure is free for 30 days, I’m going to implement DNSBL on Azure.
Once you setup virtual machine in Azure,
1. Add DNS server role.
2. Add DNS zone name (lvknet.com)
dnscmd localhost /zoneadd lvknet.com /primary /file lvknet.com.dns
3. Add BL deligation zone (DNSBL) (ns1 is a DNS server name or FQDN)
dnscmd localhost /recordadd lvknet.com dnsbl ns ns1
4. Add DNS sub zone name (dnsbl.lvknet.com)
dnscmd localhost /zoneadd dnsbl.lvknet.com /primary /file dnsbl.lvknet.com.dns
5. Add blacklist IP to dnsbl.lvknet.com
dnscmd DNSServerName /RecordAdd DNSZoneName ReverseBLip RecordType IPAddress

dnscmd ns1 /RecordAdd dnsbl.lvknet.com 188.93.250.180 A 127.0.0.2
dnscmd localhost /RecordAdd dnsbl.lvknet.com *.76.27.196 A 127.0.0.2
dnscmd 138.91.3.244 /RecordAdd dnsbl.lvknet.com *.111.189 A 127.0.0.2

Using excel to reverse your IP.
=D1&”.”&C1&”.”&B1&”.”&A1

blip

 

Download DNSBL.txt from 1 Aug 2014 – 21 Sep 2014

DNSBL script

  

Exchange Server 2013
Author: admin

December 22, 2013

Posted in Exchange Server | |

Download a 180 days free trial.

http://technet.microsoft.com/en-us/evalcenter/hh973395.aspx