Abuse contact

scan.mx reads public DNS records and, when requested, makes a brief SMTP connection to a domain published mail servers to confirm they answer. This traffic is diagnostic and low volume. If you are seeing it in your logs, this page explains what it is and how to stop it.

What the traffic is

Two kinds of requests originate from scan.mx checks: DNS-over-HTTPS lookups (through public resolvers, so they do not reach your servers directly) and, only when a live SMTP probe is requested, a single short SMTP connection to each MX host to check that it accepts connections and offers STARTTLS. No mail is sent and no content is delivered.

Report abuse

To report misuse of the service, or traffic you believe is abusive, email abuse@scan.mx with the relevant timestamps and log excerpts.

Stop scanning a domain

Domain owners can block scanning of a domain entirely, or keep reports out of search results, on the opt-out page. A block takes effect immediately.

Frequently asked questions

Does scan.mx send email to my server?
No. The optional SMTP probe opens a connection and reads the server greeting and STARTTLS capability, then disconnects. It never issues MAIL FROM or RCPT TO and never delivers a message.
How do I stop the checks?
Use the opt-out page to block a domain. For questions about a specific case, email abuse@scan.mx.