I am using Plesk (Onyx) in combination with external DNS.
I configured mail and everything seems to be ok, but I am not sure if my mail configuration is correct, because sometimes a DMARC-report states, that a SPF / DKIM verification did not pass.
My configs:
DNS-Records for domain - mydomain.com AND mail.mydomain.com (created the same dns entries twice, for mydomain.com and subdomain mail.mydomain.com, except MX-entry, which is only configured for mydomain.com):
Reverse DNS: 123.456.1.1 -> mail.mydomain.com
MX: mail.mydomain.com
SPF: v=spf1 +a +mx -all
_dmarc: v=DMARC1; p=none; pct=100; rua=mailto:mailerror#mydomain.com; ruf=mailto:mailerror#mydomain.com; fo=1; adkim=s; aspf=r
domainkey: o=-
default._domainkey: v=DKIM1; p=SIGNATUREHERE;
PLESK/Server related:
Hostname: zeus.mydomain.com
Mailname: mail.mydomain.com
Mail-headers of test mail:
Delivered-To: test-email#gmail.com
Received: by 10.31.48.86 with SMTP id w83csp1454833vkw;
Fri, 6 Oct 2017 01:39:44 -0700 (PDT)
X-Google-Smtp-Source: AOwi7QAKFeawe3fGhxawUkAdVvaqjrBGMTZvJ466CoQNxwFGRk6xInOapHBRt14rI+zpCQmcl4z4
X-Received: by 10.223.184.246 with SMTP id c51mr1352887wrg.250.1507279184077;
Fri, 06 Oct 2017 01:39:44 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1507279184; cv=none;
d=google.com; s=arc-20160816;
b=SignatureHERE
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
h=content-transfer-encoding:mime-version:subject:to:from:date
:dkim-signature:message-id:arc-authentication-results;
bh=4lLj3bndoJBX1fsz99dGcUZLZyWwVlQLXwB3uGl3sKs=;
b=SignatureHERE
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=#mydomain.com header.s=default header.b=RUVEDlBN;
spf=pass (google.com: domain of info#mydomain.com designates 123.456.1.1 as permitted sender) smtp.mailfrom=info#mydomain.com;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=mydomain.com
Return-Path: <info#mydomain.com>
Received: from mail.mydomain.com (mail.mydomain.com. [123.456.1.1])
by mx.google.com with ESMTPS id k10si874730wrg.550.2017.10.06.01.39.43
for <test-email#gmail.com>
(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Fri, 06 Oct 2017 01:39:44 -0700 (PDT)
Received-SPF: pass (google.com: domain of info#mydomain.com designates 123.456.1.1 as permitted sender) client-ip=123.456.1.1;
Authentication-Results: mx.google.com;
dkim=pass header.i=#mydomain.com header.s=default header.b=RUVEDlBN;
spf=pass (google.com: domain of info#mydomain.com designates 123.456.1.1 as permitted sender) smtp.mailfrom=info#mydomain.com;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=mydomain.com
Message-Id: <59d74150.0ac7df0a.a9cd2.2856SMTPIN_ADDED_MISSING#mx.google.com>
Received: from mydomain.com (unknown [188.93.221.133]) by mail.mydomain.com (Postfix) with ESMTPSA id 6821B3C00CF for <test-email#gmail.com>; Fri,
6 Oct 2017 10:39:43 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mydomain.com; s=default; t=1507279183; bh=4lLj3bndoJBX1fsz99dGcUZLZyWwVlQLXwB3uGl3sKs=; l=26539; h=From:To:Subject; b=RUVEDlBNkO7PgHEEmuAlCSgG+batl5Ple/8O94GKLu7StZJLLa01k4rbjlnKX+3R9
mWt8+kOAPthM6lro4Z23B7LMk2ueWDpkFJZX3zRnOUC9E7LiIIQXNz83s8N640T6e7
7a4nFVAWgS9bIu/+TyyInPHOsnbe0/IKZKAyJw9k=
Authentication-Results: zeus.mydomain.com;
spf=pass (sender IP is 188.93.221.133) smtp.mailfrom=info#mydomain.com smtp.helo=mydomain.com
Received-SPF: pass (zeus.mydomain.com: connection is authenticated)
Date: Fri, 06 Oct 2017 10:39:43 +0200
From: MyDomain <info#mydomain.com>
To: test-email#gmail.com
Subject: mydomain.com: Test Subject
MIME-Version: 1.0
Content-Type: text/html; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
What do I have to change, if I want to use f. e. "info#mydomain.com" as from-address/sender address? Do I need to change the mailname to"mydomain.com"? Can I safely delete DNS entries for mail.mydomain.com, if I change mailname to "mydomain.com"? Is there a way to configure the mailname in PLESK/make sure PLESK does not overwrite it, if a new update/upgrade is made?
EDIT: Test of unlocktheinbox: https://www.unlocktheinbox.com/mail-tester/9YBYhi8wpqo=/
#mfuesslin,
You should run your email through this email tester, it's recognized as the #1 email authentication and configuration testing platform. All you have to do is send an email to mailtest#unlocktheinbox.com and it will auto-respond in minutes.
Once you get the results and if you need help fixing any of the items it points you, everyone will be able to help you more because it's more specific.
mydomain.com is the from domain you're using, right? You should make sure to have SPF, DKIM, and perhaps DMARC with domain alignment with the envelope from.
As a side note, is this all that's in your SPF record? What services do you want to be able to send email out on your behalf? Why not get more specific?
v=spf1 +a +mx -all
Related
Gmail moves messages to spam folder. PTR records for ipv4 and ipv6 are available. I have the headers:
SPF: PASS с IP-адресом 2a05:480:0:992f:0:0:0:2.
DKIM: 'PASS', domain drom.com.ua
DMARC: 'PASS'
Delivered-To: vostoknefteproduct#gmail.com
Received: by 2002:a9d:522:0:0:0:0:0 with SMTP id 31csp351612otw;
Fri, 5 Apr 2019 05:26:18 -0700 (PDT)
X-Google-Smtp-Source: APXvYqzWa1UxYEepV1tor3akYHi1DLXojOZnr61fkANdKlbOkDM880aGrAB9RzQdjipusdfEcAVt
X-Received: by 2002:a2e:87d2:: with SMTP id v18mr7262855ljj.4.1554467178382;
Fri, 05 Apr 2019 05:26:18 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1554467178; cv=none;
d=google.com; s=arc-20160816;
b=TTDI9m3Rt73dRkcImzRRAM5n98TJgwNxCnrbvKNVMAIOdrWk/iG+NU2OrR3/vDr7Gp
fQmPmqt5QyEdZpO1G+He8uYckwETdCQFhVACDVcC5FJ8GWnWsys5p9vbFYzlYh89OZR+
gFfJkt+lb5z607n03Sr9zMW9HiJVBGKLr+SFCsG8u/AOmZCF9wZtGwaP69E+7b916njn
WZ+Pz9Q/+DyDKaCOQWrdUlTS5GvrfK/c86/5lA0AjoZN90/Rj+uGlbIROqKUXoLbA/z3
G9LM9df3a6/kfAZBkzHB3PqCaiUhEKbSrcpLj1gT1fKHZKWOnkqb9hlcYwMX2OcHbpA8
zTtg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
h=content-language:thread-index:mime-version:message-id:date:subject
:to:from:dkim-signature;
bh=qI0pd1OCLQLqqFvztD8zxwZ0XJBtraToDzc2t4i88s0=;
b=uLJIPEtdroC8P6tqoyfOikNhNzEmtmNRGpgoOefyyN/0wdAqExsSoUxZ9UKLL31lST
AT7J8/ZOEMuGa/wn1dSUHfwRqiZl7d/rxM+AtT2a1PaSSLulOgz9HQDGw1r81QXKnZMI
XzsGpuPmz9e3apEtczYBM0E3zYjm5Z2ITmpnrk9MluAnEuqE370R/24ixS1W2+EEG4mY
FXZ6AsImGfZGFr75zc9kLTPgBxa1hxghD0mu6RIACf45b5ljQZQuspj8kRyhw5NX30SA
FRwg1TwRjm3N+kmaUiDv4M64Y7s1d/PU7Gr4rb33v8Ia/aEOpeFfKLs2NfKmiiuvqBh7
94vg==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=#drom.com.ua header.s=dkim header.b=G8nYIwzB;
spf=pass (google.com: domain of shop#drom.com.ua designates 2a05:480:0:992f::2 as permitted sender) smtp.mailfrom=shop#drom.com.ua;
dmarc=pass (p=NONE sp=REJECT dis=NONE) header.from=drom.com.ua
Return-Path: <shop#drom.com.ua>
Received: from drom.com.ua (drom.com.ua. [2a05:480:0:992f::2])
by mx.google.com with ESMTPS id z24si17168655ljj.124.2019.04.05.05.26.18
for <vostoknefteproduct#gmail.com>
(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Fri, 05 Apr 2019 05:26:18 -0700 (PDT)
Received-SPF: pass (google.com: domain of shop#drom.com.ua designates 2a05:480:0:992f::2 as permitted sender) client-ip=2a05:480:0:992f::2;
Authentication-Results: mx.google.com;
dkim=pass header.i=#drom.com.ua header.s=dkim header.b=G8nYIwzB;
spf=pass (google.com: domain of shop#drom.com.ua designates 2a05:480:0:992f::2 as permitted sender) smtp.mailfrom=shop#drom.com.ua;
dmarc=pass (p=NONE sp=REJECT dis=NONE) header.from=drom.com.ua
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=drom.com.ua ; s=dkim; h=Content-Type:MIME-Version:Message-ID:Date:Subject:To:From:Sender: Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=qI0pd1OCLQLqqFvztD8zxwZ0XJBtraToDzc2t4i88s0=; b=G8nYIwzBB+jpn8qK83ZCo7vu+m AM/RFrxq/PP8dITX1PNXqINAjHPSu2rBVsdE5QTMPDoaHYPbOeC9wFHFMfYspdy/JyQAh4A8hmSNz HgtnwRBVR14Nht8DAqeql7CCrOom0KNS0SQ95dTnOy42/5bFommziwUghHGgzyzjUav4=;
Received: from [176.98.31.190] (helo=DESKTOPV2831BB) by drom.com.ua with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.91) (envelope-from <shop#drom.com.ua>) id 1hCNvF-0000Rn-J9 for vostoknefteproduct#gmail.com; Fri, 05 Apr 2019 15:26:17 +0300
From: "DROM - служба обработки заказов" <shop#drom.com.ua>
To: <vostoknefteproduct#gmail.com>
Subject: Test title
Date: Fri, 5 Apr 2019 15:26:17 +0300
Message-ID: <005901d4ebaa$c4b3ea80$4e1bbf80$#drom.com.ua>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_005A_01D4EBC3.EA0197B0"
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AdTrqr/vXGG/i/4HRdu0LENUGEwBuw==
Content-Language: ru
X-Scanned-By: ClamAV 0.101.1; Fri, 05 Apr 2019 15:26:17 +0300
Where can be the problem? Thanks
Unfortunately this seems to be business as usual with gmail. Their spam filter seems entirely arbitrary and uncontrollable by recipients - for example adding addresses to your address book, marking messages as "not spam", or repeatedly moving messages from spam to your inbox does not help, and nor does following their guidelines, which include implementing measures such as SPF, DKIM and DMARC, just as you've done. On my own gmail account, I often find messages sent to myself end up in spam!
Their postmaster tools are also broken - this is supposed to provide a feedback mechanism that allows server admins to see why IPs or domains are being blocked or spam filtered, however, it doesn't work properly, and it's very common to see domains & IPs marked as "bad" despite having zero spam reports. There is also no support available for postmaster tools, so you can't even report such problems. It might be worth trying anyway just see what they think of you.
In short, you are entirely at google's mercy - even if you're doing everything that they ask, your messages may still get spam filtered, and you have no recourse.
I created an instance on AWS Amazon an installed Plesk trial for a month
First problem that I discovered is that I coulnd't register my DNS on the plesk panel, cause I had just one IP and my domain provider (registro.br) requires 2 ips for dns (I know that Route53 is an option, but I have so many domains, it'd be expensive), so I had to duplicate all dns records generated by plesk to my registro.br dns manager
Second problem is that all my e-mails is going to spam on gmail and been rejected by outlook, I searched on the gmail headers message to find out why, first I solved an DKIM that wasn't passing, but now, SPF, DKIM and DMARC pass but it still with the same problem
Here is my gmail message header
Delivered-To: andreluismonteiro33#gmail.com
Received: by 2002:a5d:43cb:0:0:0:0:0 with SMTP id v11csp5983036wrr;
Wed, 27 Mar 2019 04:35:17 -0700 (PDT)
X-Google-Smtp-Source: APXvYqzW3R3CzTzXlriAjBGdijdyPfwAG3wrCpYA0ZCMDWW/unHc0BcyC6cgpv207SK3aOu5rLYz
X-Received: by 2002:a37:7b02:: with SMTP id w2mr254415qkc.225.1553686516947;
Wed, 27 Mar 2019 04:35:16 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1553686516; cv=none;
d=google.com; s=arc-20160816;
b=ewYQPERXxFgaiVzPRplhOFb8IOtrKS/E+YiLV4q07h/wNKMVZ2RTowMacTmSs9hxS2
7K0tIavCxfCHJpGXbVKe7d20DHQPeO2X2RV763F3zoLdfmunK4xiEL2itH6n60VJBi10
OPrM7g7v2p/boWL2gr29m20hxkOv2TYvYNLS27N4Bx3u0pmha4LwpmeLupOlVshQPlL1
OrEFCYqa92s4goJSun31OuzKK18r4qivvHpk/9Ntln76mE9oAj/66Zti/9DULljXm9tQ
bRs+QTgu7SqFc8qAQ/rZ80otgaIOmihI6K3Eh+UeeeRl//T33Y1udZXCtz3tc1b9RoeS
mjTw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
h=user-agent:message-id:subject:to:from:date
:content-transfer-encoding:mime-version:dkim-signature;
bh=IZzGk5hdbwv1XsfTE2Dngp1hMDfBwbnO3RaSFfeDt+k=;
b=VM37h+XoHJK20uNPocaVd4DkXTBDvFA2kSPWQbw0E9YVjKS12PcHLq4cbXaxj4zMsr
ZHW5jlLFkdfAl/x66rY7u8NozQy3jNMXWxgL5fEs7i5PP4G20icV4r4Wy0Vkf4IFKINp
0xN7ytoI2XnIyC6gKO1UAnqoAGjc/KYPfgdEmfYr8UBAHTwNXI4WmR4CJAkr8K1Q+i8Z
dCq9ZcpqBND40dPavJ6+cw5+RuD04pTN/Py4OY1pUbTdNPQ4aSsBMrgijvjtgwc5p2Mj
N9KYHo8a3bxruORfAhGXWuJa/uMRuJc8Drqd34i58YdXe0ws3551ZhXFAdIxB4K6gsAb
2GAg==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=#naifersistemas.com.br header.s=default header.b=jZvGchWi;
spf=pass (google.com: domain of contato#naifersistemas.com.br designates 3.209.102.205 as permitted sender) smtp.mailfrom=contato#naifersistemas.com.br;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=naifersistemas.com.br
Return-Path: <contato#naifersistemas.com.br>
Received: from naifersistemas.com.br (ec2-3-209-102-205.compute-1.amazonaws.com. [3.209.102.205])
by mx.google.com with ESMTPS id y27si3573136qth.174.2019.03.27.04.35.16
for <andreluismonteiro33#gmail.com>
(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Wed, 27 Mar 2019 04:35:16 -0700 (PDT)
Received-SPF: pass (google.com: domain of contato#naifersistemas.com.br designates 3.209.102.205 as permitted sender) client-ip=3.209.102.205;
Authentication-Results: mx.google.com;
dkim=pass header.i=#naifersistemas.com.br header.s=default header.b=jZvGchWi;
spf=pass (google.com: domain of contato#naifersistemas.com.br designates 3.209.102.205 as permitted sender) smtp.mailfrom=contato#naifersistemas.com.br;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=naifersistemas.com.br
Received: from webmail.naifersistemas.com.br (localhost.localdomain [IPv6:::1]) by naifersistemas.com.br (Postfix) with ESMTPSA id 8FECF8BFD0 for <andreluismonteiro33#gmail.com>; Wed, 27 Mar 2019 11:35:16 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=naifersistemas.com.br; s=default; t=1553686516; bh=IZzGk5hdbwv1XsfTE2Dngp1hMDfBwbnO3RaSFfeDt+k=; l=7; h=From:To:Subject; b=jZvGchWishigWIDTPn07tRDJTCnWVyMo45TbK1VACsi2uqHNBhA38iJqKtQuxRKfG
QFAdtdy25lJONMIMkmMjL8A29wjkUN2Cg7kjgpbm6UP5QNqVKGIJYwoxRNtb5vd3da
Wi4M/PHk3P4vcjKKGfg4Cq1JPC/e4+6dLr0TqkZU=
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII; format=flowed
Content-Transfer-Encoding: 7bit
Date: Wed, 27 Mar 2019 08:35:16 -0300
From: "André Luis Monteiro" <contato#naifersistemas.com.br>
To: andreluismonteiro33#gmail.com
Subject: teste
Message-ID: <5b66270df1b5aebef561a898e2c8c4d3#naifersistemas.com.br>
X-Sender: contato#naifersistemas.com.br
User-Agent: Roundcube Webmail/1.3.6
teste
Here is my outlook reject message
This is the mail system at host naifersistemas.com.br.
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to postmaster.
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The mail system
<andre_luis_monteiro1998#hotmail.com>: host
hotmail-com.olc.protection.outlook.com[104.47.46.33] said: 550 5.7.1
Unfortunately, messages from [3.209.102.205] weren't sent. Please contact
your Internet service provider since part of their network is on our block
list (S3140). You can also refer your provider to
http://mail.live.com/mail/troubleshooting.aspx#errors.
[BN3NAM04FT044.eop-NAM04.prod.protection.outlook.com] (in reply to MAIL
FROM command)
Reporting-MTA: dns; naifersistemas.com.br
X-Postfix-Queue-ID: 8FC9A8BFD1
X-Postfix-Sender: rfc822; contato#naifersistemas.com.br
Arrival-Date: Wed, 27 Mar 2019 11:33:09 +0000 (UTC)
Final-Recipient: rfc822; andre_luis_monteiro1998#hotmail.com
Original-Recipient: rfc822;andre_luis_monteiro1998#hotmail.com
Action: failed
Status: 5.7.1
Remote-MTA: dns; hotmail-com.olc.protection.outlook.com
Diagnostic-Code: smtp; 550 5.7.1 Unfortunately, messages from [3.209.102.205]
weren't sent. Please contact your Internet service provider since part of
their network is on our block list (S3140). You can also refer your
provider to http://mail.live.com/mail/troubleshooting.aspx#errors.
[BN3NAM04FT044.eop-NAM04.prod.protection.outlook.com]
Assunto teste
De André Luis Monteiro
Para andre_luis_monteiro1998#hotmail.com
Data Hoje 08:33
teste
You can try couple of more thing:
1.Publish PTR for 3.209.102.205 to naifersistemas.com.br (or the value you're sending in EHLO) instead of ec2-3-209-102-205.compute-1.amazonaws.com.
Since this IP belongs to an Ec2 instance, Outlook may have blacklisted this (It does stupid things until you build the reputation).
https://support.microsoft.com/en-us/supportrequestform/8ad563e3-288e-2a61-8122-3ba03d6b8d75
You can see if you can whitelist the IP using above link.
With Gmail, try to add some good message body and test it again , you can use this to check the score:
https://www.mail-tester.com/
Recently decided to move away from google mail services and to establish private mail server. What I came up to was that email sent from one me#example.com to inbox#gmail.com and spam#gmail.com was put in Inbox and Spam folders accordingly.
Problem
Why is the mail distributed to different folders? Does the mail destination folder (*#gmail.com) depends on
account settings - I was able to receive mail to Inbox from me#example.com when marked as non-spam in my gmail account ?
service settings - some specific requisites for gmail, for example, headers like Received-SPF, DKIM-Signature ?
global settings - superclass, other services (yahoo, hotmail, outlook), more/less headers ?
Message
Checked the pass'es in some header fields. That IMHO seems to be fine as well. The respective IP's are hidden.
Delivered-To: spam#gmail.com
Received: by [example.com] with SMTP id s194csp2015594wmd;
Tue, 16 Jun 2015 03:43:40 -0700 (PDT)
X-Received: by 10.66.154.233 with SMTP id vr9mr57332135pab.124.1434451419946;
Tue, 16 Jun 2015 03:43:39 -0700 (PDT)
Return-Path: <me#example.com>
Received: from mail.example.com (example.com. [[example.com]])
by mx.google.com with ESMTP id hf2si854902pbb.140.2015.06.16.03.43.38
for <spam#gmail.com>;
Tue, 16 Jun 2015 03:43:39 -0700 (PDT)
Received-SPF: pass (google.com: domain of me#example.com designates [example.com] as permitted sender) client-ip=[example.com];
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of me#example.com designates [example.com] as permitted sender) smtp.mail=me#example.com;
dkim=pass header.i=#mail.example.com;
dmarc=pass (p=QUARANTINE dis=NONE) header.from=example.com
Received: from [spam#gmail.com] (unknown [[gmail.com]])
by mail.example.com (Postfix) with ESMTPSA id 7D2CB12164B
for <spam#gmail.com>; Tue, 16 Jun 2015 06:43:36 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mail.example.com;
s=default; t=1434451416;
bh=EmposAsl9Yoxe9cb6dijtNnJsjZ0DuYCuwTZhRF2GXU=;
h=Date:From:To:Subject:From;
b=cjR7tpLvJ1JFVPf/ddLM4rpooeo95kFlu3ybHSHW8IK6oOTA1QfKy/Q14U9CojrDL
IDf9s2fqNIBBAhH81ivwdNQQFo64hw4/rstljealG1lNQRiIl0zUvD3bm8WbC1CfWb
i3/d8CgiAYkixStNSYEYQhNaUEixWMmznk/bUJJg=
Message-ID: <557FFDD8.2070201#example.com>
Date: Tue, 16 Jun 2015 13:43:36 +0300
From: =?UTF-8?B?TcSBcnRpxYbFoSBFZ2zEq3Rpcw==?= <me#example.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: spam#gmail.com
Subject: Some test subject
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
This is some message, however the mail is put to Spam folder...
DNS
MX 50 mail.example.com.
TXT # "v=spf1 a mx ip4:[example.com] -all"
TXT _dmarc "v=DMARC1; p=quarantine; rua=mailto:postmaster#example.com"
TXT default._domainkey.mail "v=DKIM1; k=rsa; p=[some_long_string]"
Outro
Was following an quite nice tutorial and related posts here and here. Also checked DNS setup with public tools - everything was fine.
Update
The same email sent to yahoo was put into Inbox folder...
The answer to the problem is this line:
TXT _dmarc "v=DMARC1; p=quarantine; rua=mailto:postmaster#example.com"
As stated here the policy can be one of
none - the so-called monitor mode
quarantine - to treat the message with suspicion according to the receiver capabilities
reject - to reject the message outright
I am using HelpScout and sending through SendGrid (in order to track opens, bounces etc). I am having issue because eBay, which sends member messages to our customer support HelpScout app, rejects our replies with messages such as:
bounces+544081-5160-me=example.org#sendgrid.info
is not a registered email address...
add to whitelist etc..
Here are some of the headers from a HelpScout reply sent through SendGrid. As you can see it has this bounces... email address everywhere.
Delivered-To: me#example.org
Return-Path: <bounces+544081-5160-me=example.org#sendgrid.info>
Received: from o1638913x156.outbound-mail.sendgrid.net (o1638913x156.outbound-mail.sendgrid.net. [163.89.13.156])
by mx.google.com with ESMTPS id ly8si1461978wjb.40.2015.05.19.16.22.21
for <me#example.org>
(version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Tue, 19 May 2015 16:22:22 -0700 (PDT)
Received-SPF: pass (google.com: domain of bounces+544081-5160-me=example.org#sendgrid.info designates 163.89.13.156 as permitted sender) client-ip=163.89.13.156;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of bounces+544081-5160-me=example.org#sendgrid.info designates 163.89.13.156 as permitted sender) smtp.mail=bounces+544081-5160-me=example.org#sendgrid.info;
dkim=pass header.i=#sendgrid.me
Received: by filter0448p1mdw1.sendgrid.net with SMTP id filter0448p1mdw1.14711.555BC5AB1
2015-05-19 23:22:20.183545946 +0000 UTC
Received: from secure.helpscout.net (unknown [10.100.60.108])
by ismtpd-019 (SG) with ESMTP id 14d6e7c27b3.1336.1b3f18
for <me#example.org>; Tue, 19 May 2015 23:22:19 +0000 (UTC)
From: Customer Support <help#oursite.com>
To: me#example.org
Subject: Fwd: Your message to ebayuser123 was blocked, because it wasn't sent from your registered email address.
Message-Id: <reply-8673-92216597-234152896-1432077739-1043083945#helpscout.net>
Why is SendGrid creating this address and is there a way to prevent it - I need an address that doesn't change so that I can whitelist.
I've been struggling to figure out why this is happening, but my emails are being marked as spam by Gmail and Hotmail (they work in Yahoo.)
SPF, DKIM, rDNS, and sender-id all pass. What's weirder is I've send the EXACT same email with its exact contents from my dev server and Gmail accepts it as not spam even though every one of those checks which passes in production fails in dev. Hotmail still marks it as spam though.
Any idea what could be going on? Here is an example header from Gmail (with IPs and domains changed for privacy):
Delivered-To: REMOVED#gmail.com
Received: by 10.194.16.130 with SMTP id g2csp192349wjd;
Mon, 13 Aug 2012 14:04:10 -0700 (PDT)
Received: by 10.236.193.105 with SMTP id j69mr12819871yhn.21.1344891849751;
Mon, 13 Aug 2012 14:04:09 -0700 (PDT)
Return-Path: <mailer#mydomain.com>
Received: from mail.mydomain.com (mydomain.com. [xxx.xxx.xxx.xxx])
by mx.google.com with ESMTPS id e22si563514yhh.132.2012.08.13.14.04.08
(version=TLSv1/SSLv3 cipher=OTHER);
Mon, 13 Aug 2012 14:04:09 -0700 (PDT)
Received-SPF: pass (google.com: domain of mailer#mydomain.com designates xxx.xxx.xxx.xxx as permitted sender) client-ip=xxx.xxx.xxx.xxx;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of mailer#mydomain.com designates xxx.xxx.xxx.xxx as permitted sender) smtp.mail=mailer#mydomain.com; dkim=pass header.i=#mydomain.com
Received: from mydomain.com (localhost [127.0.0.1])
by mail.mydomain.com (8.14.4/8.14.4/Debian-2ubuntu1) with ESMTP id q7DL48tq019625
for <REMOVED#gmail.com>; Mon, 13 Aug 2012 17:04:08 -0400
X-DKIM: OpenDKIM Filter v2.3.2 mail.mydomain.com q7DL48tq019625
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mydomain.com;
s=server; t=1344891848;
bh=lpw+5POmINBjQYgQBdJvY2d+m84MY8hwTqZ6riNfH8I=;
h=Date:From:To:Message-ID:Subject:Mime-Version:Content-Type:
Content-Transfer-Encoding;
b=KnYSvSzFewOGFyYWvP1DfCvyRfp6y31BfOPTOgRsZ7nGB4PXuau84euzuhs82V4lx
++DjN3iPxSj07euW+y7aRe9R2YiXKJFVNh7cbcJX8+tc3LMmnR7Cv27iP3Yvv6mQMd
uz4Engql3bXLVVDKcLLj/Fj2eiwtWzW4chA2GNTQ=
Received: (from root#localhost)
by mydomain.com (8.14.4/8.14.4/Submit) id q7DL48Dm019624
for REMOVED#gmail.com; Mon, 13 Aug 2012 17:04:08 -0400
Date: Mon, 13 Aug 2012 17:04:08 -0400
From: "Website" <mailer#mydomain.com>
To: REMOVED#gmail.com
Message-ID: <50296bc866dfc_4b8593bd18556b8#mydomain.com.mail>
Subject: You've received a message from Bob.
Mime-Version: 1.0
Content-Type: text/html;
charset=UTF-8
Content-Transfer-Encoding: 7bit
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mydomain.com; q=dns/txt; s=server; t=1344891848; bh=LfadLl6eJEB+NgiTbBlcBhOt/9NKcG0wapkrAjlGqfg=; h=content-transfer-encoding:content-type:date:from:message-id:mime-version:subject:to; b=mTB8TBb+gG7ESxeVbfqHANKUMeNbdwK/hSIq58oin5ERNSMKOIvZKY9cQJRoY/Q96PQ7J+7b3ZkZuwcg+zMkQyhK7YACvFAz4SUWqpdqiZrBDw8Vqy3PjkGFcz2V5vyUOjI6vN/Y6iOj1zlocC+/p8lkpw3upwxr7cNoe5/Kwu8=
The other guy doesn't know what he's talking about and just guessing.
'Received: (from root#localhost)' is your problem. That needs to reflect the from email...
You problem is:
domain: mydomain.com
ip: xxx.xxx.xxx.xxx
and root#localhost too
You need change informations in your mail client!
I have the exact same problem. In my case, I have configured my mail client correctly. I have one main domain (mydomain.com), my mail server also supports another domain (mydomain2.com) using virtual_domains. However, the emails for (mydomain2.com) always end up in Spam in Gmail. The mail-tester score for mydomain2.com is 9.7/10. Here is the original header from Gmail (i have replaced IP and email address with example ips)
Delivered-To: myemail#gmail.com
Received: by 10.80.177.154 with SMTP id m26csp9759783edd;
Sat, 7 Jan 2017 16:28:58 -0800 (PST)
X-Received: by 10.84.128.67 with SMTP id 61mr108683153pla.153.1483835337902;
Sat, 07 Jan 2017 16:28:57 -0800 (PST)
Return-Path: <noreply#mydomain2.com>
Received: from mail.mydomain.com (xx-xxx-x-xxx.com. [xx.xxx.x.xxx])
by mx.google.com with ESMTPS id s186si84168719pgb.6.2017.01.07.16.28.57
for <myemail#gmail.com>
(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Sat, 07 Jan 2017 16:28:57 -0800 (PST)
Received-SPF: pass (google.com: domain of noreply#mydomain2.com designates xx.xxx.x.xxx as permitted sender) client-ip=xx.xxx.x.xxx;
Authentication-Results: mx.google.com;
dkim=pass header.i=#mydomain2.com;
spf=pass (google.com: domain of noreply#mydomain2.com designates xx.xxx.x.xxx as permitted sender) smtp.mailfrom=noreply#mydomain2.com;
dmarc=pass (p=REJECT dis=NONE) header.from=mydomain2.com
Received: from myhomerouter by mail.mydomain.com (Postfix) with ESMTPSA id 284538419F for <myemail#gmail.com>; Sun,
8 Jan 2017 00:28:57 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mydomain2.com; s=mail; t=1483835337; bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=; h=From:Subject:Date:To:From; b=rwN/rSaqojz5pKVoYwb99Ec0TZzkHCo140KMlFVe47jl7Ui64w4DoNpCgZFeYEX87
8NZuBQdfnrirZWbZ7ibydoi07Poz6PZjKoLdRToMcqrtcGVfA+UrJPGQ3EE/QrnYf4
W0Hyb3PpUO+WVcwDL/rvvVm6ZnfjdIjobJpFj1fU=
From: First Name lastname <noreply#mydomain2.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (Mac OS X Mail 10.2 \(3259\))
Subject: Test
Message-Id: <8D89561C-0226-4C6B-A8D1-54A2F210F031#mydomain2.com>
Date: Sat, 7 Jan 2017 19:28:56 -0500
To: First Name <myemail#gmail.com>
X-Mailer: Apple Mail (2.3259)
test