cPanelResources

Tutorial MXToolbox SMTP Failures (false positives)

Overview
MXToolBox is a third-party service that provides many basic SMTP server tests. The test results sometimes include misleading results for cPanel & WHM servers.

Test Results
The SMTP email server test may return errors on the SMTP Banner Check, SMTP TLS, and SMTP Transaction Time checks. Here's a look at some typical results when using the MXToolBox SMTP Test Email Server function on a server using cPanel & WHM:

Timeout waiting for response after 15 seconds. : Completed Connect

SMTP Banner Check
Reverse DNS does not match SMTP Banner

SMTP TLS
Warning - Does not support TLS.

SMTP Transaction Time
15.363 seconds - Not good! on Transaction Time

SMTP Reverse DNS Mismatch
OK - 208.74.121.68 resolves to mx1.cpanel.net

SMTP Valid Hostname
OK - Reverse DNS is a valid Hostname

SMTP Correction Time
0 seconds - Good on Connection time

SMTP Open Relay
OK - Not an open relay.

Session Transcript:

Connecting to 208.74.121.68
SendSMTPCommand: Timeout waiting for response after 15 seconds.
LookupServerv2 26157ms
Here's an image displaying how these results appear on the MXToolBox website:



False Positives
This set of results usually includes false positives stemming from the "Introduce a delay into the SMTP transaction for unknown hosts and messages detected as spam" feature found in the Basic Editor tab of WHM's Exim Configuration Manager interface (WHM >> Home >> Service Configuration >> Exim Configuration Manager). See the image below for a look at where to find this feature in the WHM UI:



This feature introduces a delay into the SMTP transaction when receiving mail. Remote SMTP servers that send spam will generally not wait through the delay. When a legitimate remote SMTP server connects to the cPanel server, it will typically wait until the delay expires and then proceed with the delivery as normal.

MXToolBox only waits for 15 seconds before declaring the connection a failure, and with the delayed SMTP transaction enabled as part of the option noted above lasting longer than 15 seconds, MXToolBox reports a failure on the SMTP Banner and SMTP TLS tests because the connection doesn't finish in time.

Workarounds
1. Disable Introduce a delay into the SMTP transaction for unknown hosts and messages detected as spam in the Basic Editor tab of WHM's Exim Configuration Manager interface (WHM >> Home >> Service Configuration >> Exim Configuration Manager). Once you do this, wait a few minutes and perform the MXToolBox test again to verify the previous failures no longer appear in the results.

Note that we strongly recommend you re-enable the "Introduce a delay into the SMTP transaction for unknown hosts and messages detected as spam" feature after running the MXToolBox test, as it is an effective tool to fight incoming spam.

2. Whitelist the MXToolBox server IP addresses.

Enter the IPs shown below in the Sender verification bypass IP addresses list, located in the Basic Editor tab of WHM Home >> Service Configuration >> Exim Configuration Manager.

Alternatively, if WHM >> Greylisting is enabled, whitelist the MXToolBox server IP addresses shown below using the Trusted Hosts tab in WHM >> Greylisting.

Code:
64.20.227.0/24
52.55.244.91
18.205.72.90
Feel free to respond to the corresponding forums thread if you have any trouble with the instructions in this tutorial, or have additional questions or feedback.

Thanks!
Author
cPanelResources
Views
904
First release
Last update