In Gmail when you have an email from a newslist, you get a 'unsubscribe' link next to the email address, like this:
Google+ <noreply-67e4f7ae#plus.google.com> Unsubscribe
There is header named List-Unsubscribe: which identifies the url or email.
In gmail I can see original of email to see headers:
Received-SPF: pass (google.com: domain of root#domain.net designates 123.123.123.123 as permitted sender) client-ip=123.123.123.123;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of root#domain.net designates 123.123.123.123 as permitted sender) smtp.mail=root#domain.net;
dkim=pass header.i=#domain.com
List-Unsubscribe: <http://domain.com/uns.html?test=wdqwqw>
I have List-Unsubscribe header set, spf and dkim verification pass.
What can be wrong? Why gmail does not show unsubscribe link?
The unsubscribe option is only shown for senders with a high reputation:
This only works for some senders right now. We're actively encouraging
senders to support auto-unsubscribe — we think 100% should. We won't
provide the unsubscribe option on messages from spammers: we can't
trust that they'll actually unsubscribe you, and they might even send
you more spam. So you'll only see the unsubscribe option for senders
that we're pretty sure are not spammers and will actually honor your
unsubscribe request. We're being pretty conservative about which
senders to trust in the beginning; over time, we hope to offer the
ability to unsubscribe from more email.
Also note that the preferred list-unsubscribe method is mailto, not http. Outlook.com for example only honors mailto.
Another item to consider, it seems that if you've already clicked the unsubscribe link, it won't show you the link again. So if you're testing and don't see it after the first time, this could be why.
Related
I have an email server with the spf record set up like this:
"v=spf1 ip4:192.0.2.21 ip6:2001:db8::f08c:95ff:feb4:f317 -all"
Actual ip address changed to protect the innocent, but those would be the ips of the mail server.
I have a user who uses yahoo mail, and has set up their 'send-only address' to use their custom domain name that's on my email server (example.com in the example below).
So when they send mail through yahoo, it fails spf with this error (was sent to a gmail address)
Authentication-Results: mx.google.com;
spf=fail (google.com: domain of tlin#example.com does not designate 98.137.69.147 as permitted sender) smtp.mailfrom=tlin#example.com;
dkim=pass header.i=#yahoo.com header.s=s2048 header.b=KXfctSKQ
Received-SPF: fail (google.com: domain of tlin#example.com does not designate 98.137.69.147 as permitted sender) client-ip=98.137.69.147;
The 98.137.69.147 is a yahoo address, but I tried adding include:yahoo.com and include:_spf.mail.yahoo.com to the spf1 record and it failed with those as well. I assume I can't just add that ip, as it will likely change.
What do I need to add to the record to get it so she can email through her yahoo address without spf failing?
I realize a solution will mean allowing anyone with a yahoo address to send through the server, but I don't expect unauthorized users to really be a problem.
Thanks for any help!
Chris
Finally found it, I had to add:
ptr:yahoo.com
This from https://clickwp.com/kb/yahoo-mail-alt-address/
Works!
I have a VPS (Droplet) at DigitalOcean.
I am sending mail from a website, but I have configured PHP to use my SMTP server instead of just the usual PHP Mail().
I have DKIM, DMARC, SPF configured correctly.
Here are some of the relevant headers in my message:
Received-SPF: pass (google.com: domain of stockapi#lfto.me designates 104.236.231.177 as permitted sender) client-ip=104.236.231.177;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of stockapi#lfto.me designates 104.236.231.177 as permitted sender) smtp.mailfrom=stockapi#lfto.me;
dkim=pass header.i=#lfto.me;
dkim=pass header.i=#lfto.me;
dmarc=pass (p=QUARANTINE dis=NONE) header.from=lfto.me
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=lfto.me; s=mail;
t=1452989846; bh=czrEg02FSPEvWjTq3enrcAZrxmaNPmFuwA/aUIJ/fNY=;
h=From:To:Date:Subject:From;
b=hQ/09WMZxJO692Lg7g/1TmOLbwWp2rMoHhl/P5Eb6auvhIjDG6tEYxgksg5qYBYEq
4NmPO9yddeW/JqLHCL4GWFafYGXorfA6oR/uqwwI0Jt6aflEJunFEVxxon8jvxiVp5
BsuxdU0vu7GPDH289L3Lf3/oG1nKrn22L2PcKreo=
According to these, it seems my message is passing all checks, but still is getting into the "spam" folder. What could be the problem?
Chiefly, to avoid a spam engine classifying your messages as spam you should:
Make sure they aren't spam (i.e. ensure that only users who have really opted in get mailed - make sure you keep an opt-in audit log)Make sure they don't look too much like spam - $$$ MAKE MONEY FAST is not a good subject lineEnsure that the sender address is not spoofed and does not appear to be spoofed. Use a domain that you are authorised to send from (add valid SPF records if you like)Not do anything that looks malware-ish (e.g. HTML emails containing scripts, forms, flash etc)
But by and large the main one is:
Do not send them from an IP address which is known for sending spam.
The last point means that YOU CANNOT USE SHARED HOSTING. Almost all shared hosting providers allow the sending of mails which don't conform to any of the above. Shared hosting providers' relays are almost always on lots of blacklists.
It only takes one vulnerable web app on your shared hosting for it to turn into a spam gateway - something which you can't afford.
It seems like most of the email from unlisted (the list is held by Google) IP addresses will go to junk folder in Gmail, even the sent email are valid according to SMTP.
I'm attempting to help a client get their Google+ profile logo to display as the sender image in Gmail's grid view. I've gone over Google's documentation and I'm obviously missing something… The promotional image does come through so the schema code should be good.
I have verifed the following…
The Google+ Page shows as verified
The sending domain is a delegated subdomain of the verified domain
More than 1,000 emails a week are sent from this domain
Which just leaves the DKIM portion and it's here that I know nothing about what I should be checking. I know I can go into the source of a gmail email and see the following
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of xxxxxxxx.xxxxx#xxxxxx.xxxxx.com designates ###.#.###.### as permitted sender) smtp.mail=xxxxxxxx.xxxxx#xxxxxx.xxxxx.com;
dkim=pass header.i=#x.xxxxxxxx.com;
dmarc=pass (p=NONE dis=NONE) header.from=x.xxxxxxxx.com
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=xxxxxxxx; d=x.xxxxxxxx.com;
The problem here is I don't really know how to verify that this is correctly setup against the sending domain/company domain or really whatever else I should be checking.
Can someone please guide me through what I should be looking for here?
Just to be sure, do you know for certain that the page is verified? I thought ours was verified because it showed a little icon next to our web address, but it needs to be the little shield icon next to your logo image on the Google+ page.
As far as the email signing goes, it can either be DKIM or SPF, and it looks like both headers are found. They even use a DMARC header, good stuff! :)
We are currently using a webapp that generates outbound emails, but are experiencing a few issues.
When the system sends an email directly to a Gmail user (eg. john.smith#domain.com) it is received fine. If the email is sent to a Google apps group (eg. finance#domain.com) it is never received by any of the group members.
The "finance#domain.com" propogates to approximately 6 users. I have reviewed the Spam folder for a few of them and the email still isn't there either.
If the Google engine does indeed classify the inbound email as spam for a Google group, what does it do with it?
Here's a snippet of the header showing that SPF passes:
Received-SPF: pass (google.com: domain of XXXX designates XXX.XXX.XXX.XXX as permitted sender) client-ip=XXXXX;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of XXXX designates XXX.XXX.XXX.XXX as permitted sender) smtp.mail=XXXXXXX
This could be an issue of the mail being marked as spam by the Group, not the users. Essentially, when you leave spam on for a group, it'll get checked there and also at the user level. More informaiton about this can be found here.
If that doesn't seem to be the root cause, I would check at the Email log search within the Admin console to see what's going on with a bit more detail.
Hope this helps!
Due to spoofing problem, I have recently set up DKIM, and SPF record on my domain. I am using Google APPS for our organization. My emails are now getting checked, and I get a hard-fail SPF message, when I try to spoof my email using: https://emkei.cz/
I have noticed the following behaviour:
Email send from my organisation using Google Apps to a gmail.com account.
Message gets to inbox
Received-SPF: pass
Authentication-Results: mx.google.com; spf=pass dkim=pass
Email send from https://emkei.cz/ to gmail.com account, using a "from" email that does not exist in my organisation.
Message usualy goes to spam
Received-SPF: fail
Authentication-Results: mx.google.com; spf=hardfail
Email send from https://emkei.cz/ to gmail.com account, using a "from" email that does exist in my organisation.
Message goes to inbox
Received-SPF: fail
Authentication-Results: mx.google.com; spf=hardfail
Now, since in 3., the spoofed email message made it to inbox although the SPF has hard-failed (why google?), what happens when I mark this message as spam? I do not feel at ease marking spoofed emails, which made it to inbox, as spam. I Am afraid my real email will not make it next time.
This is also a problem for my organization, because the spoofed emails that we try to prevent are done by people, not bots.
It may happen if the spoofed email comes from an IP configured as whitelisted or as an inbound mail gateway.
Check those settings at https://admin.google.com/ ||insert your domain here|| /AdminHome?fral=1#ServiceSettings/service=email&subtab=filters