I've had the following DMARC policy setup for over a year, but in the last two weeks I'm suddenly unable to send emails to many people. Yet I haven't changed this record. I am experienced with DNS, server administration and programming yet I cannot find any explanation for this issue.
What are the solutions to this problem?
Existing DMARC Record
v=DMARC1; p=reject; pct=100; rua=mailto:re+something#dmarc.postmarkapp.com; ruf=mailto:me#mydomain.com; sp=none; aspf=r; fo=1;
Error I get when emailing various emails (#gmail.com and custom domains).
https://gist.github.com/s3w47m88/115688a7ecd5a8c762bd3f98932756b2
Headers for Successful Email
MIME-Version: 1.0
Date: Wed, 10 Apr 2019 15:26:48 -0700
References: <BN7PR06MB4116507B5F036C4D175E082CC82E0#BN7PR06MB4116.namprd06.prod.outlook.com> <CAN9OK_OfgXw_mW2+M-=TkHLupnOdBo=VyE=wQOALykc8=EzjXA#mail.gmail.com> <BN7PR06MB411654D8A0AA5D44F92E1D1EC82E0#BN7PR06MB4116.namprd06.prod.outlook.com> <CAN9OK_PMipqHaLK9W-PAn0_dhsD876TpETq85CeVC5NBQpCPig#mail.gmail.com> <BN7PR06MB4116592A4D4E6B4EBE299EF5C82E0#BN7PR06MB4116.namprd06.prod.outlook.com>
In-Reply-To: <BN7PR06MB4116592A4D4E6B4EBE299EF5C82E0#BN7PR06MB4116.namprd06.prod.outlook.com>
Bcc: 5729491#bcc.hubspot.com
Message-ID: <CAN9OK_O-WEFqJysAr8S51LrBa1_fopy1UoFVSxq5JWNeeMuZCQ#mail.gmail.com>
Subject: Re: Your free trial
From: Me <me#mydomain.com>
To: John Doe <someone#asite.com>
Content-Type: multipart/alternative; boundary="000000000000d3115405863490ac"
--000000000000d3115405863490ac
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Related
Using PHPMailer with SMTP, the following email was sent from my VPS (mydomain.com hosted by phpwebhosting) as if it came from my Comcast account (jane.doe#comcast.net) to my Gmail email (john.doe#gmail.com), and Gmail flagged it as spam.
Looking at the email headers, how can I determine what might make a email client flag an email as spam?
Delivered-To: jane.doe
Received: by 10.28.7.197 with SMTP id 188csp518471wmh;
Fri, 8 May 2015 06:51:39 -0700 (PDT)
X-Received: by 10.43.17.135 with SMTP id qc7mr4244827icb.14.1431093098853;
Fri, 08 May 2015 06:51:38 -0700 (PDT)
Return-Path: <john.doe#comcast.net>
Received: from smtp1.phpwebhosting.com (smtp1.phpwebhosting.com. [145.242.148.75])
by mx.google.com with SMTP id ag10si4096698icc.25.2015.05.08.06.51.38
for <jane.doe>;
Fri, 08 May 2015 06:51:38 -0700 (PDT)
Received-SPF: neutral (google.com: 145.242.148.75 is neither permitted nor denied by domain of john.doe#comcast.net) client-ip=145.242.148.75;
Authentication-Results: mx.google.com;
spf=neutral (google.com: 145.242.148.75 is neither permitted nor denied by domain of john.doe#comcast.net) smtp.mail=john.doe#comcast.net;
dmarc=fail (p=NONE dis=NONE) header.from=comcast.net
Received: (qmail 29774 invoked from network); 8 May 2015 13:51:37 -0000
Received: from unknown (HELO test.sites.mydomain.com) (outgoing#mydomain.com#145.242.134.91)
by smtp1.phpwebhosting.com with (DHE-RSA-AES256-SHA encrypted) SMTP; Fri, 08 May 2015 09:51:37 -0400
Date: Fri, 8 May 2015 06:51:36 -0700
To: Jane Doe <jane.doe>
From: John Doe <john.doe#comcast.net>
Reply-To: john.doe#comcast.net
Subject: Mydomain Password for Test Site
Message-ID: <fa1b444df47091d2ca100f40d93b14cc#test.sites.mydomain.com>
X-Priority: 3
X-Mailer: PHPMailer 5.2.9 (https://github.com/PHPMailer/PHPMailer/)
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="b1_fa1b444df47091d2ca100f40d93b14cc"
Content-Transfer-Encoding: 8bit
--b1_fa1b444df47091d2ca100f40d93b14cc
Content-Type: text/plain; charset=us-ascii
Hello Jane,
I have added you to our Mydomain sales tracking and bid solicitation tool.
Your username is: jane.doe.
Click the following link within 24 hours to set your password: https://test.sites.mydomain.com/index.php?cid=25&task=display_p&t=28dba87d5fb8062e40a69f0192660471
Thank you
--b1_fa1b444df47091d2ca100f40d93b14cc
Content-Type: text/html; charset=us-ascii
<p>Hello Alvin,</p>
<p>I have added you to our Mydomain sales tracking and bid solicitation tool.</p>
<p>Your username is: jane.doe.</p>
<p>Click the following link within 24 hours to set your password: https://test.sites.mydomain.com/index.php?cid=25&task=display_p&t=28dba87d5fb8062e40a69f0192660471</p>
<p>Thank you</p>
--b1_fa1b444df47091d2ca100f40d93b14cc--
There is no surefire way to tell why Gmail flags an email as spam. Spam filters in general are black boxes from the perspective of the sender, as only those who know the inner workings and have access to logs can tell for sure what happened to certain email. The reason for flagging can be virtually anything, like violating the sender domain's policies, poor IP reputation, poor reputation of links used, similarity to spam emails, bad standards compliance and so on. Sometimes there is no singular reason either.
It's not that you can't make an educated guess. In this particular case, you are sending an email in the name of a comcast.net user, but you are bypassing Comcast servers entirely. Comcast has SPF and DMARC policies in place and although Comcast's SPF policy evaluation doesn't assert smtp1.phpwebhosting.com either permitted or not (SPF "neutral" result), the DMARC result that Gmail is getting is "fail". The DMARC policy for Comcast is not to flag emails failing email authetication (but report them only), but I'd still guess it's a bad omen. Try sending the email via your authorized Comcast server or use your own domain name for both From: and Return-Path to see if you can avoid getting flagged as spam.
First of all: My reply-to header always worked for 2 years.. Thunderbird never had a problem with it and still doesn't have any problem on my Mac.
My shop contact form sends me the email from info#webshop.com and adds the reply-to header from the customer
The source of the email is:
Return-path: <sterntau#s207.rackspeed.de>
Envelope-to: info#sterntaufe-deutschland.de
Delivery-date: Mon, 04 Nov 2013 18:00:05 +0100
Received: from sterntau by s207.rackspeed.de with local (Exim 4.80.1)
(envelope-from <sterntau#s207.rackspeed.de>)
id 1VdNVV-001tmU-Gn
for info#sterntaufe-deutschland.de; Mon, 04 Nov 2013 18:00:05 +0100
To: =?utf-8?B?aW5mbw==?= <info#sterntaufe-deutschland.de>
Subject: =?utf-8?B?S29udGFrdGZvcm11bGFy?=
Reply-To: customer#gmail.com
From: Sterntaufe-Deutschland <info#sterntaufe-deutschland.de>
Date: Mon, 04 Nov 2013 17:00:05 +0000
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
MIME-Version: 1.0
Message-Id: <E1VdNVV-001tmU-Gn#s207.rackspeed.de>
=0A=0AName: Test=0AE-Mail: customer#gmail.com=0ATelefon: =0A=0AKommentar: Test
Normally it should reply to customer#gmail.com which always worked till yesterday.
From yesterday its not working anymore. On all emails! Even on those where it worked before.
But it works fine if I send a normal E-mail from my Gmail account to my info#webshop.com account.
Reply-To works like it should then. Just not for the contact form
Thunderbird recognizes the reply-to email as it shows "Reply to: customer#gmail.com" below the subject. But still uses my info#webshop.com when I click "reply"
I also tried to re-install thunderbird, install thunderbird on a clean VMware. Install Thunderbird on another laptop.. all the same.
But it still works with Microsoft outlook
Please help me
It is a BUG of Thunderbird 24.1.0 https://bugzilla.mozilla.org/show_bug.cgi?id=933555
I configured an email address with google apps for my company. When I send messages from Gmail to address#hotmail.com the message is received correctly in the inbox folder.
When I moved to Amazon SES, I configured correctly SPF and DKIM so that it may work fine. The big problem is that when I send from SES emails go allways into the spam folder!!!
This is the hotmail header of a message that is falled into the spam folder:
x-store-info:CnuewmGKkJzNjuOw4Ko28wB3rXpWYbsxTq8bIGVpexou/aH5YlneZSXtbrTNbKJ4GoT+OaKU2vnoHLIPY7tpJ7yfD4ei7NGnJPMqwC1IOiYDYaHi7z9UqM7HFUFg9PvdD/GTLm1Joes=
Authentication-Results: hotmail.com; spf=pass (sender IP is 54.240.8.95) smtp.mailfrom=0000014191bce21d-5857cbb3-7185-4a04-a62d-02029457d42b-000000#amazonses.com; dkim=pass header.d=beaudience.com; x-hmca=pass header.id=support#beaudience.com
X-SID-PRA: support#beaudience.com
X-AUTH-Result: PASS
X-SID-Result: PASS
X-Message-Status: n:n
X-Message-Delivery: Vj0xLjE7dXM9MDtsPTE7YT0xO0Q9MjtHRD0xO1NDTD00
X-Message-Info: 11chDOWqoTmYiARgB8x0CqssYC30R1hAxykCxY7lMqvPXk+fm44PmUeqp2eso9uKqBo8WFDhDk3rZsgJn8uSIHpUqpn7/N+/COouobxjVl2F7FiiDMh/AjlIDYLoKhZeWqATlTzu9cdwruznM5Eh3gOw+h4szTV5OcHunEoeFZeggqKm4r8Wd97fzBr3wpj6Xji14R+Xo8C7zTF5xkQAV15Ns/IGAE0R
Received: from a8-95.smtp-out.amazonses.com ([54.240.8.95]) by COL0-MC3-F51.Col0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4900);
Mon, 7 Oct 2013 00:06:18 -0700
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;
s=fzsj4xlkgrzw4njd7a4n5dv47w5dmrc5; d=beaudience.com; t=1381129577;
h=Date:To:From:Reply-To:Subject:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding;
bh=d9cLexwYe6DbP7/N2SXpl7aOUi58tQ37WMdTDDTQtvA=;
b=rR0at2KyIFuhpI6HFSd56LbiVPS2uPzECnYlscb7UliQraxznWxjRKrDCF3HVNJj
1/s3xjXaOLoCLk0H0B8xa76KzWgMwtxDulEFn39G06yRd9/r/17xTYzQ/MpMMn9lUlv
VT75xxTBO7iwm8hZ4ntQtBsMnnvybLC89tAoVXNE=
Date: Mon, 7 Oct 2013 07:06:17 +0000
Return-Path: 0000014191bce21d-5857cbb3-7185-4a04-a62d-02029457d42b-000000#amazonses.com
To: luca.pennisi#live.com
From: support BeAudience <support#beaudience.com>
Reply-To: support#beaudience.com
Subject: We remember you!
Message-ID: <0000014191bce21d-5857cbb3-7185-4a04-a62d-02029457d42b-000000#email.amazonses.com>
X-Priority: 3
X-Mailer: PHPMailer 5.2.6 (https://github.com/PHPMailer/PHPMailer/)
MIME-Version: 1.0
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-SES-Outgoing: 2013.10.07-54.240.8.95
X-OriginalArrivalTime: 07 Oct 2013 07:06:18.0240 (UTC) FILETIME=[B83DF000:01CEC32B]
<html><head></head><body><b>Account
details:</b><p>username: tryHard<br />password:
porcodio</p><hr /><a
href="http://www.beaudience.com/joinus.php">Click
here to log-in</a><br /><br /><p>BeAudience
staff.</p></body></html>
I'm desperate, don't know what to do! I have configured SPF and DKIM but is useless! It not depends on the email content, I tried with different contents, html/non html but nothing to do with ses!!
It's not a problem on Amazon SES side, Microsoft filters are flagging your message based on multiple variables, like headers, content, domain age, etc.
That seems to be a Welcome Message, so the best way to go about it is to instruct the user to check the spam folder and mark the message as "not junk". Eventually and hopefully, Microsoft will learn from multiple user decisions and will start delivering your messages to the inbox.
Another advice, you are sending the message using PHPMailer. That header (X-Mailer: PHPMailer 5.2.6) may be triggering a flag on Microsoft side before even getting to your content.
I had the same problem. But I've fixed it. My steps:
add text/html version for mail;
check your html in email, make sure that is correct;
verify your domain in SES dashboard;
I'm working on a system which parses DMARC reports and I figured the following issue:
Sometimes, Google sends nonstandard e-mails, as can be seen below:
MIME-Version: 1.0
X-Received: by x.x.x.x with SMTP id xxxx.xx.xxxx;
Thu, 22 Aug 2013 02:13:03 -0700 (PDT)
Message-ID:
Date: Thu, 22 Aug 2013 09:13:03 +0000
Subject: Report domain: example.com Submitter: google.com Report-ID: xxxxx
From: noreply-dmarc-support#google.com
To: postmaster#example.com
Content-Type: application/zip;
name="google.com!example.com!1377043200!1377129599.zip"
Content-Disposition: attachment;
filename="google.com!example.com!1377043200!1377129599.zip"
Content-Transfer-Encoding: base64
UEsDBAoAAAAIAEJIFkMWecIj/AEAAKkEAAAvAAAAZ29vZ2xlLmNvbSFsYW50aWFuLmV1ITEzNzcw
...
AAABAAEAXQAAAEkCAAAAAA==
Please take a look at the unusual break line between Content-Disposition and Content-Transfer-Encoding headers.
After the MIME standard, the content of the email should look like:
Content-Type: application/zip;
name="google.com!example.com!1377043200!1377129599.zip"
Content-Disposition: attachment;
filename="google.com!example.com!1377043200!1377129599.zip"
Content-Transfer-Encoding: base64
UEsDBAoAAAAIAEJIFkMWecIj/AEAAKkEAAAvAAAAZ29vZ2xlLmNvbSFsYW50aWFuLmV1ITEzNzcw
...
AAABAAEAXQAAAEkCAAAAAA==
This break line should not be there (you can see http://en.wikipedia.org/wiki/Multipurpose_Internet_Mail_Extensions ).
So, why Google do this?
If you were to join dmarc-discuss#dmarc.org and post this question there, I can assure you it would be read by a Google engineer that works on DMARC. When I wrote my DMARC implementation, I too discovered a number of variances between the reports I received and the DMARC draft spec. Not too long after reporting the variances on that list, they were all corrected.
I am battling to find a definitive answer and solution to this problem, pulling my hair out stage.
I have several Wordpress sites that have forms within these. Essentially, the form is completed and an employee receives a notification with the details, pretty simple. The employees do not receive the notification emails at all, but when I use my personal email or Gmail it works perfectly!
I am seeing the No Such User Here error via my hosts webamail as per the below. I'm told that all emails are whitelisted and shouldnt be block, but they say they dont see the emails hitting their gateway.
I'd really appreciate some help here to move on with this thing, thanks in advance.
Error message:
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
rcook#csgroup.org.au
No Such User Here
------ This is a copy of the message, including all the headers. ------
Return-path: <gravityforms#ampedmediaworks.com>
Received: from amwrrc by gator41.hostgator.com with local (Exim 4.80)
(envelope-from <gravityforms#ampedmediaworks.com>)
id 1ThUzf-0007gH-00
for rcook#csgroup.org.au; Sat, 08 Dec 2012 18:43:42 -0600
Received: from 60.228.85.149 ([60.228.85.149])
(SquirrelMail authenticated user gravityforms#ampedmediaworks.com)
by gator41.hostgator.com with HTTP;
Sat, 8 Dec 2012 18:43:42 -0600
Message-ID: <ec0f41d26aad8a08452d013018cd32db.squirrel#gator41.hostgator.com>
Date: Sat, 8 Dec 2012 18:43:42 -0600
Subject: test
From: gravityforms#ampedmediaworks.com
To: rcook#csgroup.org.au
User-Agent: SquirrelMail/1.4.22
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
test
It may have something to do with Your IP being on blacklist
http://www.mxtoolbox.com/SuperTool.aspx?action=blacklist%3a60.228.85.149