Mail and domain check tools

I’ve been working on a few tools over the past few days. I’m personally using them whenever I create new mailboxes, move mailboxes from one server to another, create new web pages… My goal is to end up having a tool suite which provides all checks that I need in order to figure out whether the configuration of the web server, the mail server and dns server are fine.

I currently do not yet have a central page for all the tools but most of the tools have a navigation area where you can get access to the other tools. The following tools are currently available (more tools are on the way but not yet tested):

Check HTTP headers

In this tool, you can give a URL and the tool will show you the HTTP headers for this URL. It will also follow redirects and show you the headers for the redirected URLs. If you look up “”, you’ll see the following:

HTTP Response Code: 301
HTTP Response Code: 200

HTTP/1.0 301 Moved Permanently
Date: Mon, 02 Sep 2013 08:38:16 GMT
Server: Apache
Cache-Control: max-age=3600
Expires: Mon, 02 Sep 2013 09:38:16 GMT
Vary: Accept-Encoding,User-Agent
X-Powered-By: PleskLin
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

HTTP/1.0 200 OK
Date: Mon, 02 Sep 2013 08:38:17 GMT
Server: Apache
Pragma: public
Cache-Control: max-age=0, no-cache
Vary: Accept-Encoding
Content-Length: 53605
Connection: close
Content-Type: text/html; charset=UTF-8

The first line is displayed in blue to indicate a redirect and the second one is displayed in green. If we would end up getting a 4xx or 5xx return code, it’d be shown in red.

Check SMTP server

This tool will check the DNS settings for the mail server, connect to it and perform a few checks and show you a summary as well as the log of what was done. Here’s an example when you check the domain

DNS MX entries for

Priority Mail Server IP Address TTL
10 24975

Testing mail server:

IP address:


Server Identity:
Server IP address:
Reverse Banner:
Reverse DNS:

>>> EHLO






TLS support available.


220 ready for tls

TLS could be started.
Switched to TLS.

>>> MAIL FROM: <>

250 ok

>>> RCPT TO: <example@relay.check>

553 sorry, that domain isn’t in my list of allowed rcpthosts; no valid cert for gatewaying (#5.7.1)

Not an open relay

>>> QUIT


Check Results
Reverse lookup of SMTP Banner –
SMTP Reverse DNS Mismatch –
TLS Support Supported
TLS Start Successful
Switch to TLS communication Successful
Open relay Not an open relay


I’ll also add in the future a description of what exactly needs to be fixed when something is marked as not OK but I guess it’s a good start (and it’s already enough for me since I know how to fix it ;-)).

Blacklist check

This tool will check whether the specified domain name or IP address is contained in anti-spam databases. This check will take much longer than the other ones since it will check 67 anti-spam databases. This tool uses Ajax to check multiple black lists in parallel for better performance. It checks for black list entries at over 60 anti-spam databases.

The information displayed should be pretty self-explanatory so I won’t go into details in this post.


This tool is basically just an online version of the whois tool you know from the command line. It will show the domain registration information for the specified IP address or a host name.

The information displayed should be pretty self-explanatory so I won’t go into details in this post.

Check Alexa Rank

This tool uses the script described in my previous post: PHP: Displaying the Alexa ranking of a web sit. If you enter as domain, you’ll get something like this:

Alexa Rank: 444,068
Number of links: 67


HTML Escape Tool

The HTML Escape Tool is already described in this post. So I won’t add anything to that.

Other tools

I’m currently working on the following tools which will hopefully be online within the next weeks:

  • An HTML code cleaner to make sure that all tags are properly closed, indented and capitalized.
  • A check for all DNS entries for a specified domain.

I guess I’ll have other ideas as I finish implementing these tools.

If you encounter any problem working with any of the tools please drop me a line.

New security policies at T-Online: mail delivery not working

In February, T-Online has changed its security policies and now blocks any “generic host name”. 

The following error message can then be seen in the mail log files:
deferral: Connected to but greeting failed./Remote host said: 554 – A problem occurred. (Ask your postmaster for help or to contact to clarify.) (BL)

If you connect to the SMTP port of this t-online mail server (telnet 25), you’ll also get the same message.

This means that every administrator of a hosted server has to make sure that:

1) it’s reverse IP mapping points to a non-generic domain name. This entry is called “PTR record”, “Reverse DNS” or “Reverse Mapping” depending on where your server is hosted. Here a few examples:
– is OK
– is OK
– is not OK

For 1&1 customers: this can be done in the 1&1 Control Center. Click on “1&1 server”, then click “IP addresses”, then click on the IP address of your server and enter a domain/subdomain that you own and which A record maps to this IP address in “reverse mapping” (and don’t forget to save).

Note: The propagation of this record can take a few hours up to 1 or 2 days. It is explained here how to check the record.

2) the “HELO record” of your mail server also contains the same domain/subdomain.
– qmail: Update the file /var/qmail/control/me and restart with:

        /etc/init.d/qmail restart
– postfix: Update the file /etc/postfix/ and restart with:
        /etc/init.d/postfix restart

You can check whether it’s fine now by connecting to port 25 of your server e.g.:

# telnet localhost 25
Connected to localhost.
Escape character is ‘^]’.

After that is all done, send an email to stating the IP address of the server and the changes performed and you should get an answer within a few hours. After that it’s usually a matter of 2 hours to be able to send emails to T-Online addresses again.

You can check whether it’s already fixed by connecting to one of t-online mail servers:

# telnet 25
Connected to
Escape character is ‘^]’. T-Online ESMTP receiver fssmtpd2025 ready.
220 T-Online ESMTP receiver ready.

Script to monitor DNS entries

Here's a script we're using to monitor the DNS entries for all our domains. This script is called once a day with a cron job.

The script reads a file containing a list of domains to monitor (one domain name per line). The path to this file can be configure with the variable DOMAINLIST.

Every time the script is run, it copies the results of the last run to OLDLOG (can be configured in the script) and writes the new results in NEWLOG (also configurable).

Then it performs a diff. If no changes occurred between the two runs, nothing happens. If something changed, an email is sent to the configured email addresses (variable EMAILS) containing the diff results.





echo> $OLDLOG

while read line

echo "Checking $line:" | tee -a $NEWLOG
dig +nocomments $line ANY | grep -v ";" | grep -v "^$" | awk '{ $2=""; print "'$line': "$0; }' | sort | tee -a $NEWLOG
echo "" | tee -a $NEWLOG


echo "-------------------------------------------------------------"

diff -y --suppress-common-lines $OLDLOG $NEWLOG > $TEMPLOG

if [ -s $TEMPLOG ] ; then
  for EMAIL in $EMAILS
    $MAIL -s "DNS status update" $EMAIL < $TEMPLOG
rm -f $TEMPLOG

Reverse lookup

The Domain Name System supports not only the resolution of domain names (e.g. to IP addresses (e.g. 85.213.318.24), but also the reverse direction, using so-called reverse lookups.

For a reverse lookup, the IP address (e.g. 85.213.318.24) is divided into its components in reversed the order (e.g. 24.318.213.85). Then, the string “” is added to it (e.g.

The obtained identifier can then be used to perform a usual DNS query but for a PTR record (not for an A record). The PTR record contains a reference (pointer) to another DNS entry (to the address corresponding to the domain name).

This query can be performed with dig:

# dig ptr


An easier way (without computing the reverse lookup string):

# dig -x 85.213.318.24


or just use the host command:

# host 85.213.318.24 domain name pointer

Additionally, if you want to see whether a changed record has been propagated to a given Name Server, you can use nslookup:

# nslookup
> server
Default server:
> set q=ptr

Non-authoritative answer: name =

Authoritative answers can be found from:

> exit

The “server” command basically says to use another Name Server. “set q=ptr” sets to the query type to PTR.