Thursday, 18 September 2008

Static IP changed - Ack! :P Guess where the new one is listed?!?

We just received yet another confirmation that having e-mail reputation protection services (RPS) such as ExchangeDefender is absolutely mandatory in all of our quotes and for our clients in general.

The price of the reputation services is relatively cheap compared to the grief we just went through with one of our clients.

Their ISP sent a note indicating that their true static IP was to be changing shortly. We made sure to prepare for the change, though there was not a lot to do before hand.

When we received the new IP, made the necessary DNS A and MX record changes for their SBS box along with running the CEICW on the SBS box itself their e-mail essentially died within short order.

This was expected. Any e-mail that was not making it to the SBS box during the transition was redirected to the ISP's e-mail servers and pulled down by the POP3 Connector.

Once everything settled down and the Internet was aware of the MX changes they started getting NDRs from various sources indicating a problem via Spamhaus on virtually all e-mail they sent out.

It turns out that the IP address assigned was not on a black list per se, but on their PBL advisory which is a list of supposed dynamic IPs that should not host SMTP services.

So, yet another more wasted time for them as they waited for the IP to be removed from the Spamhaus PBL and for the rest of the Internet to recognize that. Fortunately that process does not take too long. For us, checking that new IP address at MXToolBox is also now a mandatory thing to do! :(

Having an e-mail reputation service in place would have saved us from having all of this grief.

With the SmartHost wizard in SBS 2008 setting up all outgoing e-mail to hit the reputation service provider's SMTP servers is a breeze. It would not matter whether the IP address was static or dynamic or whether the server was using some form of DynDNS service.

All incoming and outgoing e-mail would be parsed by the RPS.

The only consideration would be that the ISP would prevent any SMTP outbound e-mail that is not directed at their own e-mail servers. We have ISPs that are now doing this for their consumer level Internet products. They also block inbound 80, 443, 25, 110, 21, and other common ports for the consumer level.

Keep in mind that in the case of ExchangeDefender, we as dealers make a small monthly residual on "providing" the service to our clients and also managing the service for them. With a large number of clients on the service, this makes for a tidy monthly sum to shore up that bottom line.

Philip Elder
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.

No comments: