MX Messaging Resources

Save Money and Get Expertise With Hosted E-Mail

Suzanne — Fri, 30 Jan 2009 18:11:00 GMT

In these challenging times, all companies are looking for new places to cut costs and save on cash flow. One of the biggest challenges faced by every business is how to be fiscally responsible while still having the skilled people you need helping you grow your business. E-mail servers are large investments and the cost of keeping one up and running can be a big cash drain. Transitioning to hosted e-mail can be a responsible move for your company.

Everyone is looking at cutting costs right now and one of the ways that those costs can be cut where your company will benefit is through the use of MxToolBox e-mail hosting service. MxToolBox offers the world class Zimbra service that allows you to access your e-mail from any computer or smart phone. Our service will protect you from spam, keep you secure and you won’t have to worry about having your own server.

You can save money and grow during this tough time with a skilled staff at your fingertips. When you use the e-mail service from MxToolBox you not only get the most secure and best e-mail service available, you also get a team of experts who are available 24 hours a day to help with any challenges you encounter. Our technical team is not only the best in the field; they want to talk to you.

In the first in a series, we would like you to get to know our staff better. We know that we hire the best in the business, people who are technically savvy as well as outgoing and customer oriented. We want you to know them too.

Peter LeBlond is the Product Development Engineer for MxToolBox. Peter has a Bachelor of Science degree from Georgia Tech where he focused on Human Computer Interaction with a focus on Networking. Peter has over seven years of experience and he is one of the lucky few of us who uses his degree every day.

Like the rest of our team, Peter, is a key asset to MxToolBox and our customers. We hire people with the best skills so that we can offer the best service to our customers. Peter’s expertise in Human Computer Interaction means that he has the skills to make your experience at MxToolBox as good as it gets. Peter is skilled at making the computer your friend and making your interaction with our software seamless and comfortable.

Peter is a computer specialist at his core, and even when he is home Peter can be found working on his computer and investigating new software development.

Peter loves the ability to use his expertise at MxToolBox, but he also loves to solve problems and interact with customers. That means that when Peter gets a call about a challenge that a customer is having you know it is making his day to address that challenge and solve any difficulties that may have arisen. He truly wants our customers to be happy and when he can solve a problem and make someone’s day…well that’s his calling card.

Update: As of Feb, 5th 2009 the MxToolBox Forums have moved to http://community.mxtoolbox.com/forums

TQMCUBE Blacklist Removed

Wendy — Thu, 22 Jan 2009 22:55:00 GMT

We have received reports that the RBL (Real Time Blacklists) TQMCUBE went down. We have removed it from our database and no more alerts should be received.

The TQMCUBE was an open relay data base which listed open relays which has recently closed its doors. Most RBLS (Real Time Blacklists) when they wish to dissolve will commonly blacklist the entire internet in order to get the attention of those people using them to stop attempting to contact their IPs.

We apologize for any inconvenience this may have caused, please let us know if you have any other questions or concerns.

Update: As of Feb, 5th 2009 the MxToolBox Forums have moved to http://community.mxtoolbox.com/forums

Spam Levels Expected to Increase, as well as Phishing Campaigns

Wendy — Fri, 09 Jan 2009 13:25:00 GMT

Happy New Year! 2009 is expected to be a year of more spam challenges and new sophisticated spamming techniques from spammers. Now that the Presidential Election is over we can put the Election Spam to rest, but thanks to the economy, an increase in targeting the down and out, the tax-rebate-hopeful and the naive pull-yourself-up-by-your-bootstraps market is expected.

According to spam experts, the next few months will be very telling as to how many and how advanced spam and phishing will be in 2009. Spam and Phishing are expected to target taxpayers who are expecting both tax refunds and tax relief under President Obama's proposed stimulus package. Since out tax system does involved the process of collecting personal data, tax time can be tricky for the technology and Internet naive as they may fall victim to professional looking Phishing sites or authentic looking spam emails.

With the jobless rate rising, an increase in spam targeting the unemployed is also expected. Recipients should be wary of mail offering low-cost diplomas and certifications, home-business scams, and also of offers of credit or debt help.

We have also observed that spammers are continuing to piggyback on legitimate newsletters and using the reputation of major social networking sites to try and deliver spam messages into recipients’ inboxes. The social networking spam messages were carefully crafted to closely mimic the legitimate notification emails often distributed from social networking sites.

As always we recommend having up-to-date Anti-Virus software on all local computers and on your mail server as well. We also recommend implementing a Business Enterprise Email Solutions that provide an avenue of protection from Spam, Phishing and Blacklists:

You Manage the Server And Let FlexBox Manage the Security

FlexBox Junk Mail is a complete, enterprise-grade email security solution. By filtering inbound and outbound email traffic outside of your network perimeter, you will improve your mail server’s security, performance and delivery rates.

On-Demand Email Security For Organizations and Professionals that Manage Email Servers
Business Grade Inbound / Outbound Email Filtering
Inbound Filtering: Stop Spam, Virus and Phishing Problems
Outbound Filtering: Solve Blacklist and Other Delivery Issues
Proactive Management of Outbound Mail for Blacklist Protection
Spools Mail Automatically if Your Server is Down
Improves Security, Performance and Reliability
On-Demand Service Means No Software, No Hardware and No Maintenance
Easy Administration makes Managing Your Email Even Easier
Patent Pending Technology lets You Migrate to Emergency Mail and Managed Mail Instantly, on a Per User Basis

The threats to your email server are daunting. Highly skilled, highly organized cyber-criminals constantly probe for weaknesses to exploit. Without adequate defenses, your server will be flooded with spam, used to send spam, or worse. You shouldn’t have to fight these battles alone...

FlexBox secures your server and keeps you from having to spend time putting out any more email fires.

And, FlexBox Junk Mail is the ONLY email security service that let’s you migrate individual users to advanced or emergency services in real time. You manage the server and let FlexBox and the MxToolBox Email Experts back you up.

Call 866-698-6652 to speak with a FlexBox specialist and start your 30 Day Risk Free Trial.

Informationwave Blacklist Removed

Wendy — Sat, 03 Jan 2009 17:37:00 GMT

We received reports last night that the RBL (Real Time Blacklists) InformationWave went down. We have removed it from our database and no more alerts should be received.

The Informationwave was an open relay data base which listed open relays which has recently closed its doors. Most RBLS (Real Time Blacklists) when they wish to dissolve will commonly blacklist the entire internet in order to get the attention of those people using them to stop attempting to contact their IPs.

We apologize for any inconvenience this may have caused, please let us know if you have any other questions or concerns.

Update: As of Feb, 5th 2009 the MxToolBox Forums have moved to http://community.mxtoolbox.com/forums

Spam Protection You Can Trust

Suzanne — Mon, 22 Dec 2008 21:40:00 GMT

When you use email services from MxToolBox, you get the piece of mind of knowing that your email is protected from spam attacks by our team of technology experts. We use the best anti-spam tools available to keep your email and computer safe.

However, sometimes a loophole can be created that lets spam through. These loopholes can be a big problem. Fortunately, MxToolBox can help you remove one of the biggest loopholes: the exploitation of the whitelist.

As many people have experienced, sometimes you will receive email from a spammer who uses a familiar email address to get you to open their message. Spammers know that people are expecting mail from places like Sears and JC Penny and the spammer will use people’s trust to get to them using false addresses. This is called spoofing and can cause you all sorts of headaches.

The spam protection you get with MxToolBox will stop this spam from reaching your computer so that you only get legitimate email from these companies. They have the use of a variety of anti-spam technologies that is able to recognize a message from a legitimate company and one that is from a spam site.

However, one of the loopholes spammers can use is created when a personal whitelist is used by the computer user. Many email programs will allow the user to whitelist an email address or a domain name which allows all the email that has been whitelisted to get straight through to the computer. This can open the door to the Whitelist Exploit.

When an email address or a domain name is whitelisted, which means that ANY message from that email address or that domain name goes to the computer and not through a spam filter safety net. Because of this, spammers will use domain names of popular stores figuring that some of the people will have whitelisted these domains and their spam will get through.

Another popular spamming technique is for the spammer to send an email to a user using their own personal email address. Because a person with the right skills can change their outgoing email address to anything they want, spammers can create a computer program that will send messages to any name imaginable at every email server imaginable and they will be successful every time someone has whitelisted their own email address.

An email program’s spam filter will not catch this because to whitelist something means that it gets a free pass to your computer. The spam filter is not active for a whitelisted address.

So what should you do? The first step to stopping spam as effectively as possible is to call the team of experts at MxToolBox to get information about safely using the whitelist feature. Most people don’t even need to use this feature and will still receive email that is sent from reputable locations. And if you are having difficulty getting email from a certain location the team at MxToolBox is again happy to help solve the problem so that you get the email you need and none of the spam you don’t.

That is one of the main reasons that using email solutions from MxToolBox is so successful for so many people. You can be secure in the knowledge that your email is being handled by people who have the expertise and skill to protect you from spam.

Photo Credit

Spam volumes are increasing again...

Wendy — Fri, 12 Dec 2008 13:36:00 GMT

Since the removal of the large spam source, McColo last month, everyone thought that spam would decrease immensly and immediately. While we did see a a drastic reduction of spam and viruses directly after it was shut down, we knew better that it would only be a short time before spam was back and we warned you that it would be worse than before (articles are here and here).

SpamCop's statistics page shows a steady increase in spam reports since last month:

Looking at the past year of spam traffic, you can see an instant impact when McColo was taken down in November, but they are rising:

The Prognosis

If you've seen more spam getting through your filters this winter, it's probably not because the developers and technicians that build and maintain your anti-spam / anti-virus decided to hang out at the pool until Fall. It's likely because the overall volume of spam and viruses continues to push boundaries never before seen. Couple this with the myriad of new techniques and tactics and, well, the security community has to scramble to keep up.

As for MxToolBox, we've worked hard to make sure our FlexBox Email Security Service has provided the highest possible level of protection for our customers mailbox's though this winters spam season.

Photo Credit: SpamCop

Penis-Pill and Viagra Spam Email Returns

Wendy — Tue, 09 Dec 2008 13:54:00 GMT

Credit: Mx Logic Security News

A botnet that was castrated with the shutdown of McColo last month has apparently returned to email accounts to ask why you don't want to be a bigger man.

According to the net security firm Marhsal8e6, the Mega-D botnet has re-emerged and is up to its old habit of sending spam emails touting the sexual benefits of penis-enlargement pills, the Register reports.

Though the botnet has been linked to a network of compromised zombie computers, the actual location is ongoing.

"Spam from Mega-D has been ramping up over the last few days and reached up to 48 percent of all the spam we captured in our honeypot spam traps," Phil Hay, lead threat analyst for Marshal8e6, told the news provider.

Officials at Marshall8e6 said the botnet may have been enhanced itself, upgraded with elements from back-door program Rustock, according to the Register.

Last month, web-hosting company McColo was shut down after a connection to spammers was discovered. At the time, it was thought the company sent out 80 percent of the world's spam.

After the McColo closed, a massive decrease in spam was reported. However, it appears the down turn was only temporary.

Update: As of Feb, 5th 2009 the MxToolBox Forums have moved to http://community.mxtoolbox.com/forums

Spam Volume has Risen Back 37%

Wendy — Fri, 05 Dec 2008 21:42:00 GMT

from: Washington Post & Web Marketing & Industry News

In the fallout resulting from knocking McColo Corp. offline, this past week may prove to be a missed opportunity in the prevention of a dramatic reappearance of junk e-mail, as a botnet that once controlled 40 percent of the world’s spam apparently has found a new home.

The botnet Srizbi was knocked offline Nov. 11 along with Web-hosting firm McColo, which Internet security experts say hosted machines that controlled the flow of 75 percent of the world’s spam. One security firm, FireEye, thought it had found a way to prevent the botnet from coming back online by registering domain names it thought Srizbi was likely to target. But when that approach became too costly for the firm, they had to abandon their efforts.

“This cost us a lot of money. We engaged all the right people. In the end, it comes back to the fact that there wasn’t a process in place to do what we were trying to do,” said Alex Lanstein, senior researcher at FireEye. “The day after we stopped registering the domains, the bad guys started picking them up.”

According to FireEye, Srizbi was the only botnet operating through McColo that had a backup plan in case their master control servers were ever unplugged: The malware contained a mathematical algorithm that generates a random but unique Web site domain name that the bots would be instructed to check for new instructions and software updates from its authors.

Shortly after McColo was taken offline, researchers at FireEye said they deciphered the instructions that told computers infected with Srizbi which domains to seek out. FireEye researchers thought this presented a unique opportunity: If they could figure out what those rescue domains would be going forward, anyone could register or otherwise set aside those domains to prevent the Srizbi authors from regaining control over their massive herd of infected machines.

In addition, by registering the domains, FireEye, a startup, could gain valuable intelligence, such as where the individual bots were located and how many there were. The problem, FireEye quickly found, was that each variant was designed to seek out a different set of four rescue domains every 72 hours. To make matters worse, the company identified more than 50 variants of Srizbi in circulation, impacting 500,000 systems. Those that were deficient or ill-programmed in some way controlled fewer victims — anywhere from a few hundred to a few thousand computers. The more virulent strains of Srizbi, however, controlled upward of 50,000 systems, FireEye found.

That meant that to prevent the Srizbi authors from regaining control over their herd, FireEye would have to register more than 450 domains each week just to stay a step ahead of the bad guys. But each domain name registered costs money. FireEye spent $4,000 buying up future domains that might be sought by stranded Srizbi bots.

FireEye researchers thought that with that kind of firepower at their fingertips, they could have instructed each of the infected systems to uninstall the bot program. But the FireEye researchers surmised that such an action would not only be illegal but that commanding all of the bots to uninstall their infectious code would run the risk of doing serious damage to the systems. Srizbi, like most other sophisticated botnet programs these days, hooks into systems at a fundamental level, and removing it occasionally causes an infected system to stop working altogether.

“We could tell these bots to uninstall themselves from most of the machines, and the whole process would probably take a few seconds,” Lanstein said. “But even if it were legal to do this, what would happen if removing the malicious software messes up some of these machines even worse?”

Srizbi had already shown it was fully capable of resurrecting itself. Joe Stewart, director of malware research for Atlanta-based SecureWorks, has documented how the Srizbi botnet’s built-in rescue system can bring a lost herd of hacked computers back into the fold.

In October 2007, a massive blast of spam was sent through the Srizbi botnet promoting U.S. presidential candidate and libertarian Ron Paul. SecureWorks found that the control servers used by Srizbi for that spam run were all located at McColo, and reported the location of those servers to the now defunct hosting provider. Stewart said McColo responded by changing the Internet addresses of those control servers, which was enough to strand all of the bots seeking new instructions. When the backup mechanism in the bots caused them to search for new Web site names a few days later, the criminals who controlled the network were able to regain control over it by registering those Web site names.

A week ago, FireEye researcher Lanstein said they were looking for someone else to register the domain names that the Srizbi bots might try to contact to revive themselves. He said they approached other companies such as VeriSign Inc. and Microsoft Corp. After FireEye abandoned its efforts, some other members of the computer security community said they reached out for help from the United States Computer Emergency Readiness Team, or US-CERT, a partnership between the Department of Homeland Security and the private sector to combat cypersecurity threats.

Officials at US-CERT, however, have not responded to e-mails and phone calls requesting an interview about this story.

If others had gotten involved, there were a couple scenarios that could have played out. One was for an ISP or registrar to gain clearance to “sinkhole” all of the Srizbi bots, essentially tying them up eternally by pretending to have the instructions the bots were seeking but never quite giving those bots the complete answer. The other was for an accredited registrar to register all of the domains sought by the Srizbi variants.

Ultimately, the FireEye researchers, under pressure from their managers to stop incurring expenses for registering the domains stopped their efforts Nov. 24. According to FireEye, sometime on Nov. 25, unknown individuals in Russia apparently registered the remaining domains, thereby regaining control over the world’s largest spam botnet.

Devnet allow our customers to have a 21 day test drive of Postini Email Security, which helps prevent your company from being affected by such issues.

You Better Watch Out…Or You Just Might Cry

Suzanne — Tue, 25 Nov 2008 21:03:00 GMT

The holidays are a tricky time for e-mail security. It’s the time of year when everyone is so busy getting ready for the holidays that little things can get through your security wall much easier. You are busy at work finishing projects and getting ready for the break while ordering gifts from internet sites and getting lots of discount offers and codes for free shipping. Some of your favorite sites are bound to have quite a few offers that you just can’t refuse and so you will click through to see that special offer you have been waiting for.

The problem is that while this is the time of year for great holiday specials it is also the time of year when phishing is at its most virulent. People are waiting for packages to ship and watching for their e-mail from UPS, FedEx or the good old Postal Service and that is when phishing is the most dangerous. Phishing is the practice where an entity tries to trick a computer user into sending them usernames, passwords or bank account numbers that it can then be sold to other entities who will use the stolen identity to get credit cards, empty out bank accounts, or other bad things. During the holidays phishing is often done using a false e-mail from an entity pretending to be UPS, FedEx or the US Postal Service. If you respond to these e-mails they ask for certain aspects of your on-line identity which they steal and sell.

Everyone knows not to send their information to banks so those phishing expeditions are much less effective with a technically savvy person, but people can still be fooled by a phishing scam that is seen to come from a package delivery company at this time of year. It is the sheer volume of orders that people are making from catalogs and internet sites and each of those orders come with legitimate shipping information and shipping updates. It is easy for a phishing scam to slip by.

No one is perfect and that is one of the reasons that MxToolBox offers the highest quality perimeter protection available. MxToolBox will make sure that the phishing never gets to your inbox, which is a huge relief. When you can be certain that the e-mail you receive is legitimate you can rest easy around the holidays.

MxToolBox also provides relief for your email system by freeing up bandwidth. When your server has to process all that junk e-mail you lose bandwidth for other functions and it can get bogged down. MxToolBox’s perimeter protection frees your server from even needing to process the junk.

Perimeter protection is not offered by all e-mail providers, but it is guaranteed with MxToolBox and our high-quality email service. Your filtered connection through MxToolBox will guarantee that you don’t fall victim to those out there trying to steal pieces of your identity to sell. With MxToolBox you can rest assured through your winter buying sprees that your computer is safe and snug on these winter nights.

Photo Credit

Facebook wins $873 million case against spammer

Wendy — Tue, 25 Nov 2008 14:00:00 GMT

By: Deborah Gage
Source: San Francisco Chronicle

(11-24) 16:58 PST -- Facebook has won an $873 million judgment - the largest to be delivered under federal anti-spam laws - against a Canadian resident accused of sending more than 4 million bogus messages from members' profiles, many advertising male enhancement drugs.

The man, Adam Guerbuez, did not defend himself or show up in court. The order was signed Friday in San Jose by U.S. District Judge Jeremy Fogel.

"We know where he is and where he lives and we're looking for him to execute the judgment," said Sam O'Rourke, Facebook's senior corporate counsel. "We have no illusions that we'll get $873 million from this guy, but from what we can tell he has substantial resources. If he has $1 million, we'll take $1 million."

O'Rourke declined to say how the social networking site linked its spam to Guerbuez, but said this is not the last lawsuit Facebook will file. It also is investigating spam messages offering fake Macy's gift cards that showed up in members' profiles in October.

"We are very much intent on policing the site and making sure Facebook is not seen as a place for spammers to target," O'Rourke said.

Facebook sued Guerbuez and his business, Atlantis Blue Capital, which Facebook alleges is fictitious, in August, and accused him of sending more than 4 million spam messages in March and April.

According to Facebook's complaint, Guerbuez acquired logins and passwords of Facebook members, in some cases by luring them to phishing sites where they would unwittingly enter personal information, then used infected computers to automatically log into their Facebook profiles and pump out spam.

The messages advertised Web sites owned by Guerbuez and others that offered male enhancement drugs, among other products.

"There's a potential reputational harm (to Facebook) when users get annoyed or angry or embarrassed," O'Rourke said.

Social networks are rich targets for spammers because members believe they're getting messages from friends and are more likely to at least look at the spam, said Adam O'Donnell, the director of emerging technology at Cloudmark in San Francisco, which sells spam blocking software to several social networks.

Members of social networks aren't seeing as much spam as they were six months ago, he said. But he also expects spammers to move their activities overseas as U.S. law enforcement turns up the pressure on spammers who live in North America and are easier to reach.

Source: San Francisco Chronicle

Spam Drop Could Boost Trojan Attacks

Wendy — Tue, 18 Nov 2008 14:16:00 GMT

Credit: John E. Dunn, Techworld.com

The dramatic fall in spam traffic reported last week after alleged rogue ISP McColo was taken offline will only be a temporary reprieve and could actually generate a new wave of Trojans, experts have warned.

ISPs disagree on the global percentage drop caused by the shuttering of California-based McColo last week, with estimates given by those contacted by Techworld ranging from 50 to 80 percent, but even the lower figure is still an unprecedented fall in such a short space of time. It appears that even those who were aware of its use as a hosting port had not guessed that a single ISP could be behind such a huge chunk of the world's spam.

"Our servers haven't been so relaxed for months," said Richard Cox, CIO of respected spam-fighting organisation, Spamhaus, ruefully. "This proves how important it is for the law to get at this sort of criminality."

Nevertheless, Cox doubted that the improvement would last long, and could actually lead to a rise in Trojan attacks as spammers using McColo to host botnet control infrastructure, attempted to reconstitute their networks elsewhere in the coming weeks.

Paul Wood of MessageLabs said his company had also seen spam dipping sharply, which had hit specific troublesome botnets hard.

"We documented a massive drop in spam volume to levels, eight times less than typical volumes for a period of 12 hours, immediately following the takedown before spam levels began to rise again," he said.

"Further analysis of our metrics would suggest there has been an 80 percent drop from Mega-D and 60 percent from Srizbi; Rustock is down by 50 percent and Asprox down by 80 percent. Overall botnet traffic has reduced by approximately 30 percent in the 24 hours following the takedown."

In fact, McColo was the third ISP of significance to the criminal world to face disruption in a matter of weeks, he said, referring in particular to the de-peering of Intercage by ISPs in September.

How the botnet controllers reacted in the coming weeks would depend on how easily they could regain control of compromised, 'zombie' PCs. If that proved hard, it was possible that new PCs would need to be hit with Trojans in order to start new botnets from scratch.

"It depends on the botnet in question and whether the bad IPs at McColo can be re-activeated by another rogue ISP sooner or later," he said.

Adam O'Donnell of Cloudmark was less convinced that the reduction in spam volumes held much significance for the average user, especially business users sitting behind filtered connections.

"We have seen a drop in IP connection attempts that would have been dropped anyway," he said. "This is not like cleaning up a mess in the street," and the problem would return once the botnetters had found new hosters. "I give it two weeks," he said.

Despite the relentlessly upward movement in spam volumes over time, the occasional fall is not unheard of, with a single botnet going offline reportedly reducing traffic in early 2007.

According to Ed Rowley of recently-merged spam filtering outfit Marshal8e6, McColo could have a positive long-term effect in at least one way, that of convincing the authorities that tacking spam was now possible. In the past, the industry had been reluctant to shut down other ISPs, regardless of evidence of wrong-doing, but this might now change.

"There is a strong feeling that this [closing problem ISPs] is not a bad thing," he said.

Phishing Scam Targeting Network Solutions Customers

Wendy — Mon, 17 Nov 2008 15:52:00 GMT

From: Domain Name News

Fast on the heels of the recent Enom phishing scam, another phishing attack attempting to con domain name registrants into providing their customer information is under way. Network Solutions (NSI) domain customers are the target this time. The spam email messages being sent out warn the user of their domain expiring. Current reports show that the domain name com42.asia is being used and disguises itself as a site that looks identical to NetworkSolutions.com. As the public and internet providers become aware of the abuses, both the Enom and NSI phishing attackers are adapting to these reports by changing the domain name addresses they use:

Dear Network Solutions Customer,

We recently notified you that the registration period for your Network Solutions domain name had expired. As a benefit of having previously registered a domain name(s) with Network Solutions, you are eligible to receive a percentage of the net proceeds that were generated from the renewal and transfer of the domain name you chose not to renew. Since you have chosen not to renew the domain name listed below during the
applicable grace period, we were successful in securing a backorder for this domain name on your behalf and it has been transferred to another party in accordance with the Service Agreement.

Renew your domain now - http://www.networksolutions.com.com 42.asia

You must click on the following link, enter your domain name, and confirm your contact information in order to claim these funds. If your contact information is not correct, you must enter Account Manager and make the
appropriate changes prior to clicking “submit” from the confirmation screen. If you do not do this, you will be confirming inaccurate information and will not receive any payment. Checks will only be made payable and mailed to the Account Holder of record.

Sincerely,
Network Solutions® Customer Support

Major Spam Vendor is Caught, Beware that Spam will Continue!

Wendy — Mon, 17 Nov 2008 15:39:00 GMT

A massive reduction in Spam has been witnessed since an alleged Californian based ISP was closed down last week. Industry bodies have long been raising awareness of the volume of Spam which appears to come from the San Jose based business, McColo Corp., but it is only now that the providers of Internet Connectivity to McColo have acted.

However, before celebrating too quickly, this is the lull before the storm as businesses globally could be taken by surprise when SPAM volumes return to previous levels in the run up to Christmas and the spamming operations relocate. MxToolBox also warns that with such a key player in the SPAM market removed, the SPAMMERS will be quick to find new methods and new technologies - as well as resorting to traditional methods of using the unsuspecting Enterprise networks to host their Botnets and distribute their messages.

With McColo allegedly being the master hosting centre for the biggest botnet offenders, Mega-D, Srizbi, Pushdo, Rustock and Warezov, the hunt is on to find new hosts. Roughly there are 7 million computers infected with either Srizbi or Rustock sending spam over an average one-month period.

Apart from being a massive centre for botnet hosting, the servers at McColo have recently been the subject of investigation by private security researcher, Jart Armin, who documented the activity at McColo in a report published today which claims that McColo is currently hosting at least 40 different child pornography Web sites or sites that collect payment for the illicit content -- and that traffic analysis showed that one of the sites garnered between 15,000 and 25,000 visitors each day.

How can small businesses ensure that they are protecting their information and infrastructure from spam or other malicious attacks?

1) Allocate an adequate amount of resources ($) to proactively protect information- As a rule of thumb, small businesses should expect to spend approximately $200 per month, per user for information security. The amount spent on security should rise every year in proportion with the amount spent on new IT hardware (PCs, Laptops, Servers etc.) and software.

2) Continuous Administrator education on threats- Protect against threats at the network and hardware levels, but avoidance information should always be passed down to the user base. Users are notoriously undereducated on how to avoid security breaches...especially phising scams and other social engineering scams designed to deliver web based malware.

3) This is related to 2 above...lock down your perimeter(s)- Email Filtering, IM Filtering, Web Filtering, Wireless Network Encryption and Mobile Messaging Protection should all be robust and employed at all entry points.

4) Be ready- Remember, it is far cheaper and far easier to have a proactive info security policy than it is to recover from a breach.

5) Back up critical data offsite. Most authors do not present data backup as a security issue...but it is (in fact, it is more than a security issue, but it definitely intersects with security). If there is a breach (or natural disaster for that matter), you need to know that your data is safely backed up and easily accessible somewhere far from the reach of the Cyber Thugs.

Zimbra’s Search Tools Make E-Mail Manageable

Suzanne — Mon, 27 Oct 2008 15:28:00 GMT

E-mail is easy to lose. While it is not easy to lose the actual e-mail, it is incredibly easy for an important e-mail to get pushed down to the bottom of your inbox or put into a folder and then forgotten. E-mail is one of the most effective organizational tools we have, but this tool can easily create chaos.

This is one of the reasons that the Zimbra Collaboration Suite’s Search Function is so important. The Zimbra Search Function is so efficient that it allows the user complete control over the information.

Zimbra is moving from the less efficient folder organization method that has been cluttering up e-mail systems for years to a more dynamic search function that allows for much more customization. When you open the Zimbra Search Function you are given the opportunity to use a wide range of search tools to efficiently find exactly what you are looking for and you can easily access all of the e-mails that are related to one another with the click of a button.

Zimbra maintains access to the traditional search methods, such as who the e-mail is from, who it is to or who was cc’d, by subject or how it was flagged. So the search capability is still comfortable and familiar to use, but there is so much more.

The Zimbra system uses a well organized search window that allows the user to see all of the search options at once and combine them easily. This added functionality allows the user to search the trash or the junk e-mail folder along with all the traditional folder options. You can even search for keywords inside your attachments, which can be amazingly helpful if you need to find a particular invoice or that much needed document.

Zimbra also allows you to add Zimlets, which are add-ons that are either created by Zimbra to add functionality or are created by third parties that can be downloaded into Zimbra. The Zimlets also allow for “mash-ups” that allow the user to access more than one application in the same window eliminating the need to open more than one application by allowing these applications to be “mashed” together. For instance information from your calendar can be viewed through your e-mail.

With the pre-installed Zimlets you can search for an e-mail using a URL or tracking number, which comes in handy when you are working with a customer who has not received their order or trying to find out when your Amazon order is going to arrive.

There is also the capability to fine tune your search by time since Zimbra has included ‘last hour’ and ‘last 4 hours’ as search options in addition to the traditionally available ability to search by days so that even the busiest person can stay current with their e-mail.

Your searches can even be saved. All of these features can be used together to create the most efficient and useful e-mail search function imaginable. The finesse which Zimbra allows really makes it not only a more elegant solution, but one that is much more practical as well. Searching on Zimbra is like building an elegant structure. You are given all the tools to fine tune your search to get simply the e-mail you were looking for.

Zimbra Comes to the iPhone

Suzanne — Mon, 22 Sep 2008 18:05:00 GMT

The people who work at your company are always on the go. Meetings, conferences, site visits all take us away from the office and while laptops are small, they are just too heavy to carry around just so you can have access to e-mail, but e-mail is important and we all need to be connected so we lug our laptops around because as a small or medium sized company it didn’t make sense to spend the money for some of the smart phones that would make our lives easier.

Now you can put down that laptop and with the help of MxToolBox and Zimbra you can stay connected to the rest of your company at the touch of a screen through your iPhone. Your iPhone will now synch with your Zimbra applications and “push” technology will make sure that you get an e-mail on your iPhone as soon as it arrives in your in-box. With the Zimbra iPhone solution you will now have access to all of your vital corporate information at all times. Using Zimbra through MxToolBox you can access your e-mail as well as your company’s contacts, meeting requests and calendar events. All of this information is synched with our servers making the iPhone an effective corporate tool.

The best thing about the iPhone and Zimbra is that Zimbra is part of a collaboration suite available from MxToolBox that will make your company as efficient as the top guns. One of the key reasons that large companies are able to stay efficient is through their use of collaboration software, a huge suite of services that enable all the sales staff to stay on top of their customers and customer support teams that seem almost psychic since they can access customer information that is shared throughout the company. However, these solutions require expensive software, dedicated servers and full-time IT staff to maintain the system. Now small and medium sized businesses are able to afford the types of solutions that will help their companies work more efficiently.

Zimbra through MxToolBox is the answer for small and medium sized businesses who want the benefits of a world class collaboration suite of software. Zimbra allows contacts to be shared by the entire company, which makes closing deals and keeping customers happy that much easier. Calendars are also shared, which means that the entire company knows about important meetings and there is a built in instant messenger. The new iPhone access can now lead to even better company wide collaboration.

Another exciting feature of the new iPhone and Zimbra collaboration is the ability for photos for iPhone contacts to be synched with the Zimbra address book, which is a handy tool when you are meeting a client for the first time at a crowded restaurant and you can look up the client’s photo on the company address book.

Businesses feed off collaboration. Sales people need to work together to find customers and finish deals, customer service staff need to be certain that customers stay happy and meetings need to be easy to organize. With the access to Zimbra through the iPhone all of this collaboration can now be done at the touch of a screen. Just one more reason to leave the laptop at the office and get an iPhone for the office with Zimbra from MxToolBox.

At MxToolBox we thrive on collaboration too. It is one of the reasons that our customer service department is so efficient. We pride ourselves of thinking of our customers first and we want to make certain that you are always happy. The only way for our collaborative system to work is through the use of collaboration software. When we get a customer service request we start a record of this request that can be seen by each of our customer service representatives. Because of our Zimbra collaboration software we are able to work as an efficient team and with the addition of the iPhone compatibility we are now working even better.

NDRs (Non-Delivery Reports)

Wendy — Wed, 10 Sep 2008 13:17:00 GMT

NDR spam: Why am I receiving an NDR for a message I didn’t send?

NDRs are a normal part of email exchanges, but spammers' activities can cause spikes in NDR activity. Spammers send junk messages to thousands of email addresses, some of which exist and some of which do not. To give the appearance that their messages are legitimate, spammers use a practice called "spoofing," whereby they manipulate the "From" address to use a real domain or sender.

When a spammer sends email to an invalid address, the receiving mail server sends an NDR message to the "From" address, rather than to the actual sending server. Because spammers spoof common addresses, such as sales or info of well-known companies, these NDRs may be destined for your mail server.

Undelivered Mail Returned to Sender

Your message did not reach some or all of the intended recipients.

Subject: Report update

The following recipient(s) could not be reached:

webmmaster@jumboinc.com on 03/15/2008 11:09 PM

The e-mail account does not exist at the organization this message was sent to. Check the e-mail address, or contact the recipient directly to find out the correct address.

Another challenge is that the growth in NDRs is driven by the overall growth in spam activity. The more messages spammers send, the greater the number of spam messages sent to invalid addresses, resulting in more NDRs.

We highly recommend that anyone running a corporate email server invest in top-of-the-line Anti-spam technology. It will pay off a thousand fold in the long run. Most good anti-spam solutions do a reasonable job of limiting the impacts of NDR spam attcks. But almost all still will allow a sender to try quite a few bad recipients before shutting them down.

Threat Advisory: CNN and MSNBC Spam

Wendy — Wed, 10 Sep 2008 13:10:00 GMT

Over the past two weeks, we've seen waves of high-volume attacks (over 15% of all spam messages) using false CNN and MSNBC content. Our botnet protection has blocked the vast majority -- over 99% -- of these attacks and mutations, and we continue to release filter updates that automatically delete some variants.

We'd like to provide you with an update on recent spam attacks.

Our message security vendor has advised us on high volumes of bogus CNN and MSNBC messages that contain links to download malware. Spammers have copied the contents of CNN and MSNBC alerts and substituted a link that prompts users to upgrade to a new version of a fake Adobe Flash player.

The security service has detected and blocked the vast majority of these attacks, and continues to release protections to stop the new mutations. Their capture rate is over 99%; however, the attack volumes are so large (in the hundreds of millions of messages) that a 1% passthrough rate means that a few messages may end up in your inbox.

For best security practices, if you see any CNN, MSNBC, or suspicious news alert messages:

Do not deliver these messages from your Message Center or Quarantine Summary.
Delete these messages from your inbox.
Do not click on any links in the messages.

If you need to access CNN or MSNBC content, visit the website directly.

Please be assured that our security service considers virus and spam protection as their highest priority, and continues to be on the cutting edge against new spam attacks and tactics.

Virus and Spam Trends

Following is the summary of email threats and trends we track for our user base of over 40,000 organizations.

Viruses Increase: In July, our systems recorded the largest volume of email virus attacks of the year. On July 20, our zero-hour virus protection technology detected and caught emails that contained a spoofed UPS package-tracking link intended to lure recipients into clicking it and downloading malware. This virus wave peaked at nearly 10 million messages on July 24.

On August 5, we experienced a large inflow of messages with an encrypted .RAR attachment. While the use of attachments as a virus delivery mechanism generally decreased in 2008, this new virus showed that tactics continue to vary.

Spam Levels Remain High: April showed peak spam volumes for 2008, but the overall level of spam remains high this summer. The average user has received 133 spam messages per day this year. Our statistics show that the average unprotected user would have received 36,000 spam messages in 2006 and 36,000 in 2007. This year's July total shows a 68% growth rate over the same time in 2007. In short, spam attacks in 2008 have not let up from previous years.

Telnet: the best email diagnositc tool

rachale — Tue, 26 Aug 2008 01:29:00 GMT

Oftentimes it is very helpful to remove your mail server from the equation to see if there is an underlying network / reputation problem blocking mail flow. Here's how you can manually send a test message using the telnet command built into every operating system. You'll need to determine the name or address of your recipeints mail server. You can do this by looking up their MX record at http://mxtoolbox.com. In my example the MX record is a1.mx-route.com. Your commands are in bold below and the responses I got are in italic. Be careful, on Windows if you typo you cannot backspace and correct yourself. Just hit enter and retype the entire command.

telnet a1.mx-route.com 25
Trying 208.123.79.41...
Connected to a1.mx-route.com (208.123.79.41).
Escape character is '^]'.
220 a1-1.mx-route.com ESMTP
helo mxtoolbox.com
250 a1-1.mx-route.com
mail from: <peter@mxtoolbox.com>
250 sender <peter@mxtoolbox.com> ok
rcpt to: <support@mxtoolbox.com>
250 recipient <support@mxtoolbox.com> ok
data
354 go ahead
Subject: Test Message
This is a test message.
.
250 ok: Message 156715331 accepted
quit
221 a1-1.mx-route.com
Connection closed by foreign host.

Here you can see that the sender, recipient and message were accepted by the 250 responses from the recieving mail server. If there are problems you will see them reflected with 4xx or 5xx responses that can be very helpful for figuring out the problem.

Peter
Product Development Engineer
peter@MXToolBox.com

Update: As of Feb, 5th 2009 the MxToolBox Forums have moved to http://community.mxtoolbox.com/forums

MxToolBox launches Zimbra based email continuity solution

rachale — Mon, 28 Apr 2008 19:56:00 GMT

Austin, TX – April 30th, 2008 – MxToolBox today announced the immediate availability of a hosted Email Continuity service based on version 5.0 of the Zimbra Collaboration Suite (ZCS).

The product, called Emergency MailTM Zimbra Edition (EmZ), allows businesses with an on-premise email system to run in parallel with hosted Zimbra servers.   Most popular business email systems including all versions of Microsoft Exchange are supported.

Copies of all email messages are backed up in real time on Zimbra servers hosted in highly redundant MxToolBox data centers. In the event of fire, natural disasters, or server failures, users can continue to communicate with each other and conduct business remotely without disruption simply by accessing their Emergency Mail account.

MxToolBox selected Zimbra, a Yahoo! company, to provide underlying mail server technology because of their best-of-breed anywhere access from virtually any device, and advanced mailbox search capabilities which are critical in a disaster recovery situation.

“We are excited about MxToolBox Emergency Mail Zimbra Edition, it’s an innovative use of Zimbra’s technology and solves a critical business continuity risk facing IT Managers,” said Scott Dietzen, Yahoo! vice president. “MxToolBox customers have access to a best-of-breed email and collaboration solution 24/7.”

The searchable Emergency Mailbox is always available to the end users via the Zimbra AJAX web interface.   Unlike more common replication systems, FlexBox routing technology from MxToolBox scales from businesses from a few users up to thousands, making it one of the first Email Continuity solutions cost effective for small business customers.

The system has already proven itself in real-world situations. John Autry, Manager of Information Systems for the City of Slidell in southern Louisiana notes “numerous times our exchange server has been down and everyone was able to still use their email with the emergency mail.”

MxToolBox founder Eric Rachal describes, “the real power behind our approach is that users can decide themselves when to use their Zimbra Emergency mailbox which means zero switchover time, and zero intervention by IT staff to engage or disengage the system.”    When the customer’s email server comes back up, copies of all messages during the outage are reconciled back with the customer mail server.

Because the system is always available, some IT managers are even using it to lessen the impact of planned downtime. “Major weekend upgrades becomes much less risky when your users never lose access to email,” Rachal notes.

MxToolBox had customers on an earlier version of the service in 2005 who were effected by hurricane Katrina. Some of those customers decided never to plug their mail servers back in, so this version also offers a seamless migration path to a fully managed Zimbra solution via drag and drop web interface.

The service is available immediately from MxToolBox on a monthly subscription basis with pricing starting at $1.99 per user.

Fixing ORDB Blacklist (ordb.org) Bounce Back Problems - Exchange

Peter LeBlond — Wed, 26 Mar 2008 20:17:00 GMT

If you are encountering problems with mail referencing ORDB.org on your Microsoft Exchange 2003 or 2007 server, or mail being blocked with a return message stating that the sender's IP was on relays.ordb.org, please ensure that you do not have relays.ordb.org entry configured in the IMF settings. You MUST restart the SMTP Virtual Server to release this setting.

The ORDB was an open relay data base which listed open relays which has recently closed its doors. Most RBLS (real time blacklists) when they wish to dissolve will commonly blacklist the entire internet in order to get the attention of those people using them to stop attempting to contact their IPs.

For more information please see the ORDB Problems page on our support site.

Update: As of Feb, 5th 2009 the MxToolBox Forums have moved to http://community.mxtoolbox.com/forums

MxToolBox Expands Options for IT Resellers

rachale — Tue, 05 Feb 2008 23:37:00 GMT

Austin, TX, United States, 02/05/2008 - MxToolBox, Inc.'s announces the launch of ServiceBox™, the first on-demand platform for automating Software as a Service (SaaS) delivery through the IT channel.

	The offering allows IT service firms and VARs to automate the acquisition, provisioning, support and billing of leading software service offerings. ServiceBox™ is the culmination of the firm’s five year track record of automating the delivery of email messaging and security services to small and mid-sized business. The firm currently has distribution relationships with leading vendors in the space. Current partners include Yahoo! (via their acquisition of Zimbra) and Google™ Messaging (via their acquisition of Postini). MxToolBox services thousands of businesses today, with hundreds of channel partners throughout North America. Company representatives describe ServiceBox™ as a powerful tool that integrates the entire on-demand IT service chain into an automated, simplified package. Partners and IT consultants, starting with a single customer order, can use ServiceBox™ to sell, support and bill their customers directly, or allow MxToolBox to handle selected portions. For larger partners, fully integrated support help desk and accounting modules streamline business operations, contract management, technical support and sales pipeline. “When we started selling software service offerings back in 2003, there were no tools to help automate business processes around recurring revenue streams. Everyone was still thinking in terms of SKUs and traditional distribution. Surprisingly, this is still the case five years later,” says Eric Rachal, CEO of MxToolBox. Rachal continues, “The supply chain and distribution channels behind SaaS are rapidly evolving into a complex mess. Vendors and OEMs are struggling to figure it out. Our goal is to make sure the customer never sees that.” MxToolBox is making key elements of the technology available at no charge to qualified information technology service firms through-out North America who place orders through the service. The initial inventory of services available includes Junk Mail filtering, Emergency Mail for business continuity, email monitoring and hosting. The firm expects additional product announcements and partnerships in the near future. About MxToolBox MxToolbox (mxtoolbox.com) is headquartered in Austin, Texas. The company provides on-demand IT Business Management software and innovative on-demand messaging infrastructure and security services to the small and medium-sized business market throughout North America. The company also provides online email diagnostic tools that are used by tens of thousands of email administrators every day.

MxToolBox Announces the FlexBox Email Platform

Joel — Wed, 12 Sep 2007 14:22:00 GMT

FlexBox Email Platform

Exciting things are happening here at MxToolBox. Monday marked the official launch of the MxToolBox FlexBox Email Platform, a one-of-a-kind email services suite built on Patent Pending Technology and designed specifically for the small to medium business market. FlexBox is an integrated collection of email services from email perimter security for companies that manage an email server in to fully managed email and collaboration for companies that do not want to manage an email server. But that's just the begining...

So, what Makes FlexBox "one-of-a-kind"?

Great question. Let me begin by saying that we're just as skeptical as you are when people throw around words like one-of-a-kind, revoluionary, groundbreaking, etc. You really have to be. When we say that FlexBox is one-of-a-kind, we can prove it. Read about it on our website and test it to see for yourself.

FlexBox's Technology allows a single email address to exist in two places. Aside from being really cool, this capability is particularly unique and useful in two different scenarios: Email Continuity and Testing/Migrating to a Managed Email Service.

Email Continuity

FlexBox Emergency Mail is a email continuity (aka disaster recovery) mail box that runs in parallel with an existing mailbox on a self managed server. Emergency Mail is always on, always ready and always synchronized with the primary mailbox. It is the first email continuity service with Zero Switchover Time, Zero IT Intervention to Activate, Zero Switchback time, and a rolling 30 day history of received email. That means that if you have FlexBox Emergency and your server goes down, your users can immediately begin using the Emergency Email system without skipping a beat. They can send and receive email without any intteruption, which leaves you free to fix the problem. Once your server is back up, the Emergency Mail boxes automatically synchronizes with the mailbox on your server, meaning you don't have to migrate any data.

Emergency Mail gives small to medium businesses the same kind of protection from email outages (planned and unplanned) that large enterprises have...but at a fraction of the cost. It is available on a per user basis, so you don't have to overspend for users that don't need the protection.

Migrating to Hosted Email

Any IT Manager/Consultant/Administrator that has ever considered moving from a self-managed server to a Managed Email Service knows that the migration process is enough to stop the idea dead in its tracks. Consider this---with traditional hosted email (i.e. Non-FlexBox hosted email), in order to simply test a hosted email solution in a day-to-day production environment, every single user must be moved off of the mail server and onto the Managed Platform, all at once. Just to test it! There goes the weekend. After migration, the help desk phone begins to ring, and ring, and ring. "How do I use this new sytem?" "Why didn't all of my contacts move over?" The list goes on and on. Forget about having any fun for the next couple of weeks. Then, if the managed solution just doesn't deliver, every user has to be moved back to the old system (another weekend), data from each system has to be reconciled (good luck) and all those folks in the Executive Suite are going to be asking for answers. Not fun.

FlexBox completely changes the rules of email migration. Because FlexBox technology allows a single address to exist in two places, IT Managers (you), can now have a user's mailbox on your server and you can have that same user's mailbox on a FlexBox Managed Mail server. You can have one user, some of your users or all of your users on both systems.

This means you can try Managed Email without migrating every user. FlexBox Managed Mail is the only Managed Email service that let's administrators keep some users on their in-house server and put other users on a Managed Server. It is also the only Hosted Email solution with Self Paced Migration. No more 72 hour weekends. No more two week help desk flood. No more damaged reputation. Just the exact email system that you need.

The FlexBox Services

Junk Mail is a spam and virus filtering service for email servers. Junk Mail has inbound and outbound mail filtering with free spooling.

Emergency Mail is an always on, always up to date backup email box. The mailbox has a rolling 30-day email history and is always ready. There is zero switchover time, zero IT Intervention and zero switch back time. Emergency Mail is provisioned on a per user basis.

Managed Mail is a fully hosted email service with high-end security and enterprise grade redundancy. Managed Mail is provisioned on a per user basis.

Managed Mail Pro is a email and collaboration solution with shared synchronized contacts and calendars. Managed Mail Pro also offers shared wikis and many other web 2.0 productivity features. Managed Mail Pro is provisioned on a per user basis.

Mobile device Synchronization and Email Archiving are also available. All services are available immediately to organizations throughout North America. And, if you are an IT Consultant or Solutions Provider, we are happy to announce that we have a FlexBox Email Services Partner Program

Starloop Blacklist

Joel — Mon, 10 Sep 2007 13:59:00 GMT

We have disabled lookups to the STARLOOP Blacklist. Our lookup tool is not checking Starloop as of 9 AM CST 9/10/07.Starloop began listing all IP Addresses sometime late Sunday evening. These listings are false positives. The Starloop website is down and the blacklist is now timing out. If you experience bounce backs as a result of a recipient system using Starloop, your best course of action is to contact the recipient email team and inform them that Starloop is not a current, working RBL.

We will monitor the sitatution and post any updates here.

Update: As of Feb, 5th 2009 the MxToolBox Forums have moved to http://community.mxtoolbox.com/forums

Malware Infected Pfizer Computers Sending Viagra Spam

Joel — Fri, 07 Sep 2007 18:45:00 GMT

One of the most ironic spam stories we have seen to date was reported yesterday at Wired. For at least six months, botnet infected computers at Pfizer have spewed out a steady stream of Viagra spam. The infection has taken it's toll on Pfizers internet reputation, as researchers are reporting that approximately 138 Pfizer IP Addresses have been blacklisted so far.

Update: As of Feb, 5th 2009 the MxToolBox Forums have moved to http://community.mxtoolbox.com/forums

Storm Worm Continues to Rage

Joel — Thu, 30 Aug 2007 14:46:00 GMT

The Storm Worm is proving to be among the most resilient, persistent pieces of malware ever. If you don't remember, the Storm Worm first burst onto the IT Security scene in January 2007. The worm got it's name because the first wave of propogtion spam that flooded inboxes had subject lines referencing a large storm that was pounding Europe at the time. Since then, the Storm Worm has morphed again and again, bringing an estimated 1.7 Million PCs into its Botnet in the process. Bot Herders have generally pushed the worm via a combination of emails containing links to worm infected websites. This of course means that IT must filter the worm at the email level and the browser level. Herders have also used infected zip file and excell file attachments to push the worm. Campaigns have varied: Virginia Tech Massacre, Greeting Card Spam, Password Protected Zip Files are just a few examples.

Currently, the Storm Worm herders are using emails with subject lines suggesting that the recipient is in a You Tube video. Anyone unsuspecting enough to click the link is taken to a malicious web page where they are attacked (and most likely infected) by the worm. Herders have also infected hundreds, possibly thousands, of Blogger Blogs with the malware.

This Storm just keeps on raging. An organization needs three elements to fight it: Robust email filtering. Robust web filtering. Security Conscious Employees that are trained to spot scams and not click on links or open attachments in suspect emails (the hardest part).

Update: As of Feb, 5th 2009 the MxToolBox Forums have moved to http://community.mxtoolbox.com/forums