MXToolbox SMTP Failures (false positives)
Posted: September 4th, 2022, 12:25 am
MXToolBox is a third-party service that provides many basic SMTP server tests. The test results sometimes include misleading results for cPanel & WHM servers.
The SMTP email server test may return errors on the SMTP Banner Check, SMTP TLS, and SMTP Transaction Time checks.
What do you need to do?
You need to login to WHM/cPanel and Greylisting / whitelist MxToolbox IP ranges to enable monitoring or lookups,
Within: Home /Email /Greylisting : Status = ON
and choose New Trusted Hosts tab.
you will need to add new ranges IP's to the allow list, and choose New Trusted Hosts tab, and add these IP's:
US-EAST-1A: 44.194.168.193/32
US-EAST-1B: 52.55.244.91/32
US-EAST-1C: 18.205.72.90/32
US-EAST-1D: 18.209.86.113/32
If MXToolBox is offline for scheduled maintenance and infrastructure migration, or their IP's changed,
Mailflow Monitoring – During the migration outbound pings will no longer be performed, nor returns be processed. Reporting may show anomalous failures or delays due to these gaps.
The good result will look like this:
The SMTP email server test may return errors on the SMTP Banner Check, SMTP TLS, and SMTP Transaction Time checks.
Code: Select all
SMTP Banner Check
Reverse DNS does not match SMTP Banner
SMTP TLS
Warning - Does not support TLS.
SMTP Transaction Time
15.363 seconds - Not good! on Transaction Time
You need to login to WHM/cPanel and Greylisting / whitelist MxToolbox IP ranges to enable monitoring or lookups,
Within: Home /Email /Greylisting : Status = ON
and choose New Trusted Hosts tab.
you will need to add new ranges IP's to the allow list, and choose New Trusted Hosts tab, and add these IP's:
US-EAST-1A: 44.194.168.193/32
US-EAST-1B: 52.55.244.91/32
US-EAST-1C: 18.205.72.90/32
US-EAST-1D: 18.209.86.113/32
If MXToolBox is offline for scheduled maintenance and infrastructure migration, or their IP's changed,
Mailflow Monitoring – During the migration outbound pings will no longer be performed, nor returns be processed. Reporting may show anomalous failures or delays due to these gaps.
The good result will look like this:
Code: Select all
Test Result
-----------------------------------------------------------------------------------------------------------
Status Ok SMTP Reverse DNS Mismatch OK - 104.37.168.247 resolves to srv8.jsalfianmarketing.com
Status Ok SMTP Valid Hostname OK - Reverse DNS is a valid Hostname
Status Ok SMTP Banner Check OK - Reverse DNS matches SMTP Banner
Status Ok SMTP TLS OK - Supports TLS.
Status Ok SMTP Connection Time 0.347 seconds - Good on Connection time
Status Ok SMTP Open Relay OK - Not an open relay.
Status Ok SMTP Transaction Time 1.389 seconds - Good on Transaction Time