Tag Archives: blacklist monitoring

Monitoring Your Email Reputation with Microsoft Smart Network Data Services

Leave a reply

Standard blacklist monitoring tells you whether your sending IPs appear on public RBLs. It doesn’t tell you how Microsoft specifically views your mail. That’s a separate reputation system, and it matters a lot: Outlook.com, Hotmail, and MSN together represent a significant share of consumer email. Generator Labs now integrates directly with Microsoft Smart Network Data Services (SNDS) inside your blacklist monitoring dashboard.

What SNDS Provides

SNDS is a free Microsoft program that gives senders data about mail flowing from their IP addresses into Microsoft’s mail infrastructure. The metrics it returns include:

  • Message volume from each IP
  • Spam complaint rate
  • Spam trap hits
  • Overall IP status (Green / Yellow / Red)
  • Filter result breakdown

A Red status from SNDS means Microsoft is actively blocking or heavily filtering mail from that IP. Yellow is a warning that reputation is declining. Most teams only discover this when customers start reporting missing mail.

Why It’s Worth Monitoring Separately

SNDS status doesn’t always correlate with your RBL status. You can be clean on every public blocklist and still have a Yellow or Red SNDS rating because of complaint rates, trap hits, or sending patterns that Microsoft’s filters flag specifically. The inverse is also true: an SNDS Green rating doesn’t mean you’re clean on all public RBLs.

Treating SNDS as a separate signal, alongside your regular blacklist monitoring, gives you a more complete picture of your sending reputation and catches Microsoft-specific issues before they escalate.

Setup

Go to RBL Monitoring > SNDS in the portal and add your SNDS access key. Microsoft issues one key per registered IP range. Once connected, Generator Labs pulls your SNDS data automatically and surfaces status changes alongside your other monitoring results.

Setup instructions are in the SNDS documentation.

SPF, DMARC, and rDNS Checks Are Now Built Into Blacklist Monitoring

Leave a reply
Generator Labs email deliverability checks tab showing all 13 available checks

Getting listed on an RBL is one way mail stops delivering. There’s a longer list of DNS misconfigurations that cause mail to land in spam or get silently rejected, and most monitoring tools don’t catch them. Generator Labs has added 13 email deliverability checks directly into blacklist monitoring profiles, running alongside your RBL checks and feeding into the same alert pipeline.

What Gets Checked

IP-based checks (for IPv4 and IPv6 hosts):

  • Reverse DNS (rDNS): the IP has a PTR record
  • Forward-Confirmed rDNS (FCrDNS): the PTR resolves forward back to the original IP
  • Generic PTR Pattern: the PTR doesn’t look like a dynamic or consumer hostname
  • PTR Format: the PTR has at least two labels and a valid alpha TLD

Domain-based checks (for URIBL and URI hosts):

  • MX Health: MX records exist and at least one target resolves
  • SPF Record: domain publishes a valid SPF record
  • SPF Strict: SPF uses an enforcing policy (-all or ~all)
  • SPF Lookup Limit: SPF stays within RFC 7208’s 10-lookup cap
  • DMARC Record: domain publishes a valid DMARC record
  • DMARC Strict: DMARC uses an enforcing policy (p=quarantine or p=reject)
  • TLS-RPT Record: domain publishes a TLS Reporting record
  • MTA-STS Policy: domain publishes a valid MTA-STS policy
  • BIMI Record: domain publishes a valid BIMI record

How to Enable

All 13 checks are opt-in. Go to RBL Monitoring > Monitoring Profiles > Data Sources, click the Email Deliverability tab, and enable the ones you want. None of them run unless you explicitly turn them on.

The recommended approach is a dedicated profile for your mail-sending hosts so deliverability alerts don’t mix with RBL alerts from non-mail infrastructure. Failures trigger the same notifications and webhooks as blacklist listings, so they drop straight into your existing incident workflow.

Full documentation is at docs.generatorlabs.com/email-deliverability.

Generator Labs: Blacklist and Certificate Monitoring for Email and Infrastructure Teams

Leave a reply

Generator Labs provides infrastructure monitoring for teams that need to stay ahead of two specific problems: IP and domain blacklistings that kill email deliverability, and SSL certificates that expire without warning. Both products run in the same portal, so you manage everything in one place.

Blacklist Monitoring

Blacklist monitoring runs continuous checks of your IPv4 addresses, IPv6 addresses, and domains against hundreds of RBL and URIBL data sources. The moment a listing is detected, alerts go out through whatever channels you have configured: email, SMS, Slack, Discord, PagerDuty, or webhooks.

Coverage is the differentiator. Free one-shot tools check a handful of the major lists. Generator Labs checks well over a hundred data sources on a schedule, including 30+ premium sources on Enterprise and Ultimate plans that free tools do not cover. You get notified when something changes; you are not logging in to run a manual check.

Other features worth knowing:

Full IPv6 support. IPv4 and IPv6 addresses are both monitored across all plans. As more mail infrastructure goes dual-stack, IPv6 blacklisting is a real and growing issue that most monitoring tools still treat as secondary.

Shareable public reports. Every monitored host gets a public report URL you can hand to a client, ISP, or manager without giving anyone portal access.

REST API. Full programmatic access to monitoring data and controls, with client libraries for PHP, Node.js, and Python.

Generator Labs RBL Monitoring hosts list

Blacklist Monitoring Pricing

  • Free: 1 host, 48-hour check interval, 100+ data sources. Free forever, no credit card required.
  • Professional: $8/month for 20 hosts at 24-hour intervals.
  • Enterprise: $16/month for 50 hosts at 12-hour intervals, premium data sources, custom run times.
  • Ultimate: $0.005 per check, unlimited hosts, custom intervals, all premium sources.

The Ultimate pay-per-check plan scales cleanly for larger deployments. Running 50 hosts daily against 150 data sources works out to roughly $11/month.

Certificate Monitoring

Certificate monitoring tracks SSL/TLS certificate expirations across your domains and sends alerts before anything expires. Add your domains, set alert thresholds, and the service runs automatically from there.

Both publicly-trusted and private or internal CA certificates are supported, which matters for teams running internal infrastructure that does not go through a public CA. Certificate expiry causes outages that are entirely preventable; automated monitoring removes the spreadsheet tracking and calendar reminders that most teams fall back on.

Generator Labs Certificate Monitoring monitors list

Monitoring profiles let you define reusable alert configurations across multiple monitors. Set custom expiration alert windows (5, 15, 30, 60 days, or any combination you need), choose which failure types trigger alerts, and assign private CAs or internal monitoring agents. One profile can cover dozens of monitors.

Generator Labs Certificate Monitoring add profile dialog

Certificate Monitoring Pricing

Certificate monitoring is priced at $0.01 per host per day, with no fixed tiers. You pay for what you monitor and can add or remove domains at any time.

Who It Is For

  • Email service providers and hosting companies monitoring large IP ranges
  • IT and security teams who need immediate notification when a host gets listed
  • Organizations managing many domains who need certificate expiry visibility without manual tracking
  • Developers who want API access to monitoring data for automation or integration

Get Started

Generator Labs offers continuous blacklist monitoring and certificate monitoring with solid alert coverage and a complete API. The free tier is a real free tier. Sign up at portal.generatorlabs.com to get started, no credit card required.

Blacklist Monitoring for Cloud Hosting

Leave a reply

Originally Posted on Blacklist Monitoring with Generator Labs.

Since our inception, we’ve helped thousands of companies and individuals, from all around the world, stay on top of day-to-day threats related to their email and websites. Recently, with the addition of our Facebook Threat Exchange monitoring, we’re helping those same customers battle social media related threats.

Some of our earliest customers have been cloud hosting and cloud computing companies- companies that provide the backbone of the Internet as we know it today.

Cloud Hosting Providers

One specific challenge with this type of company, is the sheer number of IP addresses and domains to monitor, and the regular re-use of these IP addresses. The last thing you want, is a brand new customer getting an IP address that is already blacklisted because of something the last owner did.

Another key challenge, is making sure that resources are used “only as needed”. Let’s face it- you don’t want to pay to monitor hosts that aren’t being used- and you shouldn’t have to.

We offer a few key features that makes blacklist monitoring for cloud hosting providers, easier and more affordable.

IP Range Host Type

Normally customers add IP addresses and domains (aka “Hosts”) to the Generator Labs portal individually. If you have 10 to 15 Hosts, this isn’t really a big deal. You can add hosts using our bulk loader, or individually. You can also add Hosts as a range or CIDR block (x.x.x.x/y).

But what if you have thousands of Hosts to monitor? At some point it’s going to become unwieldy to provision, and impossible to manage.

To support this, we built a custom “IP Range” Host type. This lets you add IP addresses as a range or CIDR block, but rather than thousands of IP addresses showing under your account, a single Host entry is shown. Our system will still monitor every single IP address individually– but the full block of IP addresses can be managed as a single entry.

So whether you have a few /24’s or a whole /18- you can easily manage the full IP block with ease.

API Provisioning

Loading all your IP addresses into the system is great, but what if you only want to monitor a sub-set of those hosts? Or if you only want to enable monitoring for hosts that are currently in-use?

Several of our customers have opted to integrate with our web-based API, to provision monitoring on IP addresses as they’re allocated to their customers. That way only active IP addresses are being monitored. This ensures that you’re only paying for monitoring that matters- that will actually impact your business or your customers.

The Generator Labs API is easily integrated into any provisioning or monitoring platform, with just a few simple lines of code:

# wget --post-data="type=rbl&name=Test&host=10.10.10.10" -qO- https://portal.generatorlabs.com/api/host/add.json?api_token=x

{
    "status_code": 200,
    "status_message": "Hosts added successfully.",
    "data": [
        {
            "id": "37c46a725dd8adab28d35b9f200c198d",
            "host": "10.10.10.10",
            "name": "Test"
        }
    ],
    "version": "2.0"
}

Easily enable monitoring on a Host when it’s allocated to a customer, and then disable it when it’s de-allocated- it’s a simple as that.

Contact Groups

When we identify an issue with any of your Hosts, we’ll immediately notify you via several different notification methods. These contacts can be broken down into custom contact groups, and assigned to Host. The end result, is that you can have a unique contact for every host under your account:

Cloud Hosting companies can optionally send alerts directly to their customers, notifying them about issues with their IP addresses and domains, and alleviating some of the burden from their network operations staff.

We regularly add new features and tools to make managing and provisioning monitoring services, easier and more effective for our customers.

How Do RBLs Affect Me? (Part 3)

Leave a reply

Originally posted on Generator Labs

In Part 1 and Part 2 of our series, I talked about what RBLs are, how they work, and how RBLs are used by administrators to control the day-to-day onslaught of SPAM on their email systems. In this article I’m going to talk about how RBLs affect you, your business, and why you should care.

So Why Do I Care?

Getting listed on an RBL or URIBL is not uncommon- it happens.

  • Maybe you have a customer using your email platform that didn’t quite understand the rules against bulk email.
  • Maybe one of your employees downloaded some virus infested software that started sending SPAM to all the contacts in their email client.
  • Maybe your email administrator made a mistake when configuring your email system, and opened you up as an open relay.
  • Maybe the WordPress or Drupal installation on your website was compromised, and injected with phishing code.

We all do our best to ensure that these types of errors aren’t the norm, but human error happens.

As a mail recipient, RBLs protect you from these issues by rejecting these messages before they land in your inbox. As a mail sender, RBLs protect others FROM your issues- and limit your overall liability, by reducing the number of messages delivered.

By listing compromised mail servers and website domains, and using these RBLs and URIBLs in our mail systems, we effectively limit the spread of SPAM and phishing websites, which is good for everybody.

Sounds Great- What’s the Catch?

Once you’re listed- as the name indicates- you’re “black-holed”- much of your email won’t be reaching its destination, and traffic to your websites could be limited.

If your business relies on email communication- either as a tool, or a product- then the longer you’re listed, the worst it is for your bottom line, and your reputation. It looks really bad if your customers email you, and get a bounce message indicating that your email system has been blocked.

The sooner you know there is an issue, the sooner the issue can be resolved, and the sooner you can request delisting from the RBLs in question.

Generator Labs

Generator Labs provides a fully automated RBL monitoring service, which checks your IP addresses and website domains, against a customizable list of the top DNSBLs, and will alert you immediately if your system is listed.

Don’t wait days or weeks to find out that your email hasn’t been reaching your customers- click here to find out more!