At CBORD, we take network security seriously. Among the electronic security issues that every organization has to deal with these days is SPAM. The volume of SPAM being sent on the Internet today is measured in the hundreds of billions of messages, and according to some studies accounts for as much as 90% or more of all emails being sent! Aside from the well-known inconvenience that SPAM presents, it also poses very real security concerns by potentially serving as a vector for malware (viruses, worms, trojans) and also by providing platforms for phishing or social engineering attacks, as well as various other types of fraud and scams.
In order to best protect our staff and our customers, CBORD has implemented a number of standard email security solutions to combat SPAM and other threats.
Basic Troubleshooting First Steps
If you're having trouble sending email to CBORD.com, please start by checking the following:
- Ensure the email address you are trying to send mail to is correct (check spelling). This is very basic, but an essential first step any time you're having trouble.
- You may get a bounce-back message. Bounce-back messages, also called Non-Delivery Reports (NDRs), are email responses from a mail server telling you that your message could not be delivered. These will generally appear in your mail client to have come from "Mailer- Daemon", "Postmaster", or some other such sender. These contain valuable troubleshooting information and should be forwarded to your internal IT department to review.
- Your internal IT staff should verify that the message is making it out of your mail system and that the problem is not internal to your organization.
- If your IT gurus have confirmed that mail is being rejected by our gateway, that does not necessarily mean that "the problem is on CBORD's end". In some cases, your mail may be rejected if your domain's DNS and/or mail server configuration do not meet basic security requirements. In these cases, please ensure that your organization's IT staff confirm these configurations prior to making assumptions about the point of failure (see below for helpful details).
The following are technical details of our mail security requirements intended to help the IT staff of senders whose messages are being rejected
CBORD now performs reverse DNS verification on all incoming connections and will refuse an SMTP connection from any server where verification fails. Senders having problems should ensure the following requirements are met:
- The IP of your outgoing mail server must have a valid PTR (rDNS) record.
- The hostname of the PTR record for your outgoing mail server's IP must match either an A or AAAA record in your domain's forward lookup zone and that record must resolve to the IP of the sending mail server (this is called Forward-Confirmed reverse DNS and is specified in RFC 1912 and RFC 1033)
- The domain provided in the MAIL FROM (part of the SMTP protocol, a configuration on the sending mail server, not necessarily the same as the "from:" address) address must have either an A, AAAA, or MX record in DNS. This ensures that our mail gateway has a legitimate place to send bounce messages.
These requirements are well-established industry standard best practices, have been implemented by policy at many organizations, and are the default setting in many leading anti-SPAM products.
In addition, CBORD subscribes to several real time blacklist reputation services. These services monitor Internet traffic and compile a real-time list of IP addresses believed to be sending SPAM. If you are having trouble sending email to CBORD, you should check to see if your domain is on one of these private blacklists:
It's also good idea to use a tool that will check many well-known public blacklists all at once:
Another site with useful tools is http://multirbl.valli.org/lookup/
Please note that if your organization has been blacklisted, it's always prudent to investigate how and why it was blacklisted and ensure there are no underlying issues that need to be resolved. Almost all blacklists have an FAQ that will explain how you may have ended up there. Solving the root causes helps your organization avoid ending up back on this or some other blacklist. Common reasons include malware infected computers using an organization's Internet connection to send actual SPAM or conduct other suspicious behavior, email practices that resemble common characteristics of SPAM, and improper configurations.
Ultimately, CBORD cannot be responsible for these issues, as they are outside of our control, but we will make every reasonable attempt to assist you in any way we can where we can and to answer any questions you or your IT staff may have.
Are the messages actually going through but not getting to recipients or ending up in junk mail folders?
In some cases, messages may be successfully delivered but getting quarantined or getting tagged as SPAM and ending up in the recipient's junk folder. This can happen for many reasons, such as disallowed attachments, attachments over a certain size, malware has been detected, or the message appears suspicious for other reasons.
Here are some further resources with tips on what characteristics commonly cause messages to be falsely identified as SPAM:
You'd be surprised at some of the things that seem innocent enough (like neglecting to include a subject line) that actually cause many SPAM filters to think your message smells a little fishy.
What to Do When All the Basics Check Out - We're Here to Help!
SPAM is a tough nut to crack. If the problem were easy to solve, it would have been solved already. Modern anti-SPAM techniques are very effective, but hardly perfect. CBORD understands that SPAM can be frustrating for all involved, and we're committed to helping our customers and partners as much as we can.
Once you have verified that your email is properly addressed and your IT staff have confirmed the mail is being rejected by CBORD, that your organization's domain and mail server configurations meet standard requirements, and that your organization's mail servers have not been blacklisted, then CBORD's IT infrastructure team will be happy to take a closer look to see what might be going on.
In order to troubleshoot this problem, please fill out and submit the form below.
Of course, we are also available by phone at 1.844.GO.CBORD (844.462.2673)