Trouble creating own mailserver - mail-server

I am creating own mail server. I am using Haraka (http://haraka.github.io/). But I am little confused about the relay thing. How to make relay my mail server so that I can send mail using other domain(DKIM and SPF verified).
I want mail in receiver inbox not in Spam. Right now mail is received in spam. What is relay in particular ? Can anyone help ?

What I've got is that you're having a problem with sending mail on behalf of "other domain".
Given that "other domain" mail reaches its destination (even in SPAM folder) I assume that you've configured your relay right.
Key thing to notice is that DKIM and SPF records not only need to be validated but also need to be aligned with your "other domain". It's a common scenario when SPF/DKIM validations 'pass' but overall DMARC policy 'fails'.
Providing both your message headers (to check how it was processed) and your other domain name (to check how SPF/DKIM/DMARC records configured) would help a lot.

Related

how mail server decide whether sender is a spammer by screening SPF

I tried to find the answer from google but all result is showing why SPF is important instead of explain the working mechanism and how mail server(gmail, microsoft, smartermail, etc) implement it, generally.
Below is the criteria in came out but could find the answer:
SPF record exist, labeled sender & mail server domain aren't same, mail server domain/IP included
SPF record exist, labeled sender & mail server domain aren't same, mail server domain/IP not included
SPF record exist, labeled sender & mail server domain are same, mail server domain/IP not included
SPF record not exist, labeled sender & mail server domain aren't same
SPF record not exist, labeled sender & mail server domain are same
I would like to know, generally, which criteria will mark as junk mail by mail server.
Thank you.
Edit 1:
Lets put the other factor apart, how mail server decide to increase/decrease the level of "points" by looking at SPF only?
SPF is only responsible for identifying sources of email, and has no opinion about content.
You're asking how receiving email servers decide what to do with messages that fail SPF checks. That's a good question, because it's something that a domain owner should be concerned about, and historically this has been undefined (as others have pointed out), and so varied wildly. Fortunately there's now a mechanism whereby the domain owner can say what a receiving server should do with messages that fail SPF checks: DMARC.
DMARC includes a p parameter that tells a receiver what to do with messages that fail checks. Its value can be none (do nothing, or whatever the receiver chooses), quarantine (put in spam or similar), or reject (bounce the message).
DMARC can apply these same policies to DKIM, and it also provides additional validation of the alignment between the SMTP envelope sender and the From message header.
If a domain lacks a DMARC record, you're back to guessing the outcome, and subject to the whims of receiving mail server admins' decisions.

Mail delivery failed :returning message to sender

I got this bounce back email whenever try to send to a specific sender..
Any help would be appreciate..Thanks :D
mail content:
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
example#example.com.mm
No Such User Here
Reporting-MTA: dns; mail.example.net
Action: failed
Final-Recipient: rfc822;example#example.com.mm
Status: 5.0.0
Unless there is something odd going on, the bounce back message is clearly telling you that the email address "example#example.com.mm" doe not exist. Perhaps "No Such User Here" is not the best wording, but it means that the email address is non-existant.
Is the .mm at the end of the email address part of the problem? Are you actually sending email to Myanmar?
I have never seen this bounceback message when the email address actually existed. Since this is unusual, I would send the email headers to the ISP of the intended recipient, since it is highly likely that is where the problem exists, and ask them to investigate. Also, I do think that you can get the same message if the users Inbox is full. Ask the intended recipient about that.
the problem has to do with your websites DKIM and SPF keys (Email deliverability in CPanel), if they are not added to the server it cannot verify the authenticity of your email.
The best solution is to contact your server support or CPanel support to fix the issue. There is almost nothing you can do via programming.
I had this issue and I spoke to my server's support team and it was fixed
At this point my email deliverability has not been marked as VALID, so the email
Mail delivery failed :returning message to sender kept persisting.
so I spoke to the server support team as the tooltip in the image suggested and it was finally fixed
if you noticed the VALID mark there

Spam classification and 127.0.0.1 in email headers

Is it a problem if 127.0.0.1 appears in email headers?
Example: Received: from baobabsmail.baobab.fi ([127.0.0.1])
I ask because emails sent from my server to #outlook.com addresses end up in the spam folder and this is the last thing I can think of. I have properly configured HELO, DKIM, Reverse DNS, SenderID, SPF and DMARC. I don't send out mass emails. My IP is from AWS, but it isn't on any publicly available blacklists. I have verified that everything is set up correctly using DKIMvalidator, MxToolBox and mail-tester.
Edit: for what it's worth, I finally got rid of the 127.0.0.1's in my headers and it did not resolve the issue for me.
Unfortunately, it depends...
Mail systems vary in how they are configured, and it is perfectly legitimate for an MUA (e.g. Thunderbird) to send outgoing mail to an MTA / mail server (e.g. exim) running on the same machine using the localhost address. Unusual, these days, but not "bad by definition".
When you say 'end up in the spam folder', what is it that puts it there: are you using a local mail server? if so is it that server that junks the mail (on send) or outlook.com itself (on receipt). Either way, what error messages or other failure information have you found?
Some random thoughts:
DKIM is a pain to set up correctly. Try disabling it entirely and see if that changes things in interesting ways.
Ditto DMARC.
Have you got SPF set up separately? If so, disable SPF and retry.
Is IPv6 involved in the mix at all? Various things are subtly different if so.
If outlook.com were to do sender verify callbacks (i.e. on receipt, check that mail from address was an acceptable recipient to your server) would it pass?
Is your email system sending RFC-conformant mail: that is, does it have a From: address, To: or Sender: address, Message-ID:, Date: headers and, if using MIME, Content-* headers (and probably a couple I forget!).
If changing DKIM / DMARC / SPF changes things (and remembering DNS timeouts, leave it a while between attempts), re-add SPF first - it is the simplest to get right.
127.0.0.1 can be flagged by Spam filters because it fails to provide an identity trace of the sender. Most common e-mail systems will show the IP address or the host name. The next item will be the recipient e-mail server.
For example:
Received: from [127.0.0.1] (81.27.148.196) by TAE1.agent.com.pk
What is funny about this one is that the top-level domain says it is received initially by a domain in Pakistan, but the IP address is registered to an entity in St. Petersburg, Russia.

Mail rejected with "Client host rejected: MX-CIDR"

I am trying to send mails with mailgun. My DNS config (SPF,DKIM) seems to be ok and are being validated in mailgun service. I can send mail to several users with gmail, live and most others mail providers. However, I have a problem when I sent an email for email accounts of my university.
The message is rejected with the following alert:
"554 5.7.1 : Client host rejected: MX-CIDR"
My current DNS settings are:
TXT # "v=spf1 include:mailgun.org ~all"
MX 10 mxa.mailgun.org.
MX 10 mxb.mailgun.org.
DKIM was validated as well. I checked my domain at mxtoolbox and the dns config pass in all tests. I did not find errors related with that alert in others questions. May someone help me to fix it?
Update 1:
Just some more informations:
1) I dont send, and I have absolutely no intention to send spam. I created an educational website, used by students and instructors, and they send messages sometimes between each others. I also send mail to confirm registers, recovery password, as a lot of others websites do. I only send messages to people who was agreed with my terms of service, that includes the information about my mail policy. It is a small service, I never sent more than 2,000 messages in a month (I have 800 registered users so far)
2) I do not believe I was blacklisted, mxtools verify several blacklists databases and my IP have passed in all verifications. Also, the server is not rejecting all messages from my IP, I can send messages with my personal email with the same domain, but I use different services to handle my personal inbox with my domain and the emails send by my website. So, I guess it may be a DNS record mistake.
3) I only use mailgun (or others transactional email services like mandrill or sendgrid) because it is highly recommended (and easy). I use a small VPS and it is hard to configure my own email service (I am a programmer, I am not an expert in that kind of configuration). If exists negative factors about the use of these systems, I really like to know and learn more.
I see no evidence posted that the reason the receiving mail server is rejecting your mail is because of your SPF records.
There isn't even any evidence here that the receiving mail servers are even performing SPF checks on their incoming mail.
Can you explain why exactly you believe that this has anything to do with SPF?
Just because someone's rejecting your mail, and you happen to be messing around with your SPF records, doesn't mean that the reason for your mail being rejected is due to your SPF records.
The only ones who can tell you exactly why your email is being rejected, and what needs to be done to fix it, is the receiving mail servers' administrators, and that's who you should be asking. They are the only ones who know exactly how their mail servers are configured, and how they work. Unless it's evident from the text of the error message, and it's not, anyone else's answer will be nothing but guesswork.
And actually my guess would be that, if anything, the error message seems to suggest that they have simply blacklisted your IP address range, period, for whatever reason. I would interpret "MX-CIDR" as meaning "MX's IP address' (you can Google what "CIDR" means by yourself); i.e.: sending mail server's IP address is explicitly blacklisted from sending them mail.
Now, taking from the referenced domain's web site, I quote:
"Our software automatically manages the delivery process to give your emails the best chance of landing in the inbox."
I would think that the only type of folks who would be concerned about having "the best chance of landing in" someone inbox would be all the typical spamming parasites. I browsed through the referenced website, and I couldn't shake off a slimy feeling I get after typically wandering into a typical spam spewer.
Is this domain being used to send spam?
If so, then you probably know the answer to your question, already.
Certain SPF libraries might reject emails when trying to perform a reverse lookup on the domain that you're sending from.
They usually get this from the MX records attached to the domain and if there's a mismatch it'll fail out with a rejection (more detail here: http://www.zytrax.com/books/dns/ch9/spf.html).
It's usually only a problem if the receiving server is not necessarily configured correctly, or is being super harsh on incoming mail due to an overwhelming amount of spam.

Messages sent to gmail from custom domain going to spam

I know this isnt kind of perfect type of message to post here, but I will give it a try:
When I send an email from my domain to gmail, it automatically goes to spam. On customer support, they told me that my domain isnt on any kind of blacklist.
Here are the headers:
http://pastebin.com/QVYrDQbz
Ask gmail recipients to move messages from [GMAIL]/Junk folder to Inbox folder (IMAP terminology) or mark it as "not spam" via web interface.
As long as recipients do not tell gmail its "classification as (possible) spam" had been wrong gmail assumes it has been right.
It may help to publish spf record for domain of email sender especially when sending host is in another domain
DKIM signing of outgoing messages may help too
https://support.google.com/mail/answer/81126?hl=en#authentication