MXToolbox SMTP failures and timeouts (false positives)

Understanding false positives on MXToolBox SMTP tests.

269ac00f765508cb74b25d006dbf5bb2

Written by Dennis Nind

Last published at: February 8th, 2019

Overview

MXToolBox is a third-party service that provides many basic SMTP server tests. The test results sometimes include misleading results for cPanel & WHM servers.


Test Results

The SMTP email server test may return errors on the SMTP Banner Check, SMTP TLS, and SMTP Transaction Time checks. Here's a look at some typical results when using the MXToolBox SMTP Test Email Server function on a server using cPanel & WHM:




Here's an image displaying how these results appear on the MXToolBox website:


False Positives

This set of results usually includes false positives stemming from the "Introduce a delay into the SMTP transaction for unknown hosts and messages detected as spam" feature found in the Basic Editor tab of WHM's Exim Configuration Manager interface (WHM >> Home >> Service Configuration >> Exim Configuration Manager). See the image below for a look at where to find this feature in the WHM UI:


 


This feature introduces a delay into the SMTP transaction when receiving mail. Remote SMTP servers that send spam will generally not wait through the delay. When a legitimate remote SMTP server connects to the cPanel server, it will typically wait until the delay expires and then proceed with the delivery as normal.


MXToolBox only waits for 15 seconds before declaring the connection a failure, and with the delayed SMTP transaction enabled as part of the option noted above lasting longer than 15 seconds, MXToolBox reports a failure on the SMTP Banner and SMTP TLS tests because the connection doesn't finish in time.


Workarounds

1. Disable Introduce a delay into the SMTP transaction for unknown hosts and messages detected as spam in the Basic Editor tab of WHM's Exim Configuration Manager interface (WHM >> Home >> Service Configuration >> Exim Configuration Manager). Once you do this, wait a few minutes and perform the MXToolBox test again to verify the previous failures no longer appear in the results.


Note that we strongly recommend you re-enable the "Introduce a delay into the SMTP transaction for unknown hosts and messages detected as spam" feature after running the MXToolBox test, as it is an effective tool to fight incoming spam.


2. Whitelist the MXToolBox server IP addresses.


Enter the IPs shown below in the Sender verification bypass IP addresses list, located in the Basic Editor tab of WHM Home >> Service Configuration >> Exim Configuration Manager.


Alternatively, if WHM >> Greylisting is enabled, whitelist the MXToolBox server IP addresses shown below using the Trusted Hosts tab in WHM >> Greylisting.


Code:

64.20.227.0/24
52.55.244.91
18.205.72.90