We Keep Coding

emails are deliverying in gmail spam folder from my vps, even after adding DKIM and SFP records

I have a VPS, where we have hosted multiple domains. We are facing problem with our email, as emails from few of our domains are always delivering in spam box in gmail. We have added DKIM and SPF for all of the domains. After failing to fix the issue from my end, I had tried to contact with my hosting provider too(Host IT Smart). They are also unable to find out any solution yet. Can you please suggest me to fix this issue. Below are the response from verifier.port25.com
This message is an automatic response from Port25's authentication verifier
service at verifier.port25.com. The service allows email senders to perform
a simple check of various sender authentication mechanisms. It is provided
free of charge, in the hope that it is useful to the email community. While
it is not officially supported, we welcome any feedback you may have at
<verifier-feedback#port25.com>.
Thank you for using the verifier,
The Port25 Solutions, Inc. team
==========================================================
Summary of Results
==========================================================
SPF check: pass
DomainKeys check: neutral
DKIM check: pass
Sender-ID check: pass
SpamAssassin check: ham
==========================================================
Details:
==========================================================
HELO hostname: vps.technowebs.in
Source IP: 23.236.190.220
mail-from: support#easyretail.in
----------------------------------------------------------
SPF check details:
----------------------------------------------------------
Result: pass
ID(s) verified: smtp.mailfrom=support#easyretail.in
DNS record(s):
easyretail.in. SPF (no records)
easyretail.in. 11089 IN TXT "v=spf1 +a +mx +23.236.190.220 ~all"
easyretail.in. 0 IN A 23.236.190.220
----------------------------------------------------------
DomainKeys check details:
----------------------------------------------------------
Result: neutral (message not signed)
ID(s) verified: header.From=support#easyretail.in
DNS record(s):
----------------------------------------------------------
DKIM check details:
----------------------------------------------------------
Result: pass (matches From: support#easyretail.in)
ID(s) verified: header.d=easyretail.in
Canonicalized Headers:
date:Fri,'20'26'20'Feb'20'2016'20'20:12:29'20'+0530'0D''0A'
from:support#easyretail.in'0D''0A'
to:<check-auth#verifier.port25.com>'0D''0A'
subject:t'0D''0A'
dkim-signature:v=1;'20'a=rsa-sha256;'20'c=relaxed/simple;'20'd=easyretail.in;'20's=default;'20't=1456497749;'20'bh=nosD6jtIMS+OOhW+x6qFyWo2Lid2rGvD39dKQAIrzIo=;'20'h=Date:From:To:Subject;'20'b=
Canonicalized Body:
t'0D''0A'
DNS record(s):
default._domainkey.easyretail.in. 14400 IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCsF6ZDVntzQYgh7niTVm4zEGxx3tpKuRDEtjj2lCNSGotO409tcZNAf2TZwsXCMRqOFmlgcRbbvGCI3Ze1l4EiW/msO2/KpFnf0mJ0iDQ4GH7zj7WBIql+yoZAaoYmyYsX7RWeVn9J+yYQcjSYL8/znm1nVZVwi8LLGRyB8+O4ZQIDAQAB"
Public key used for verification: default._domainkey.easyretail.in (1024 bits)
NOTE: DKIM checking has been performed based on the latest DKIM specs
(RFC 4871 or draft-ietf-dkim-base-10) and verification may fail for
older versions. If you are using Port25's PowerMTA, you need to use
version 3.2r11 or later to get a compatible version of DKIM.
----------------------------------------------------------
Sender-ID check details:
----------------------------------------------------------
Result: pass
ID(s) verified: header.From=support#easyretail.in
DNS record(s):
easyretail.in. SPF (no records)
easyretail.in. 11089 IN TXT "v=spf1 +a +mx +23.236.190.220 ~all"
easyretail.in. 0 IN A 23.236.190.220
----------------------------------------------------------
SpamAssassin check details:
----------------------------------------------------------
SpamAssassin v3.4.0 (2014-02-07)
Result: ham (-2.0 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
[score: 0.0000]
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's
domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
0.0 BODY_SINGLE_WORD Message body is only one word (no spaces)
==========================================================
Explanation of the possible results (from RFC 5451)
==========================================================
SPF and Sender-ID Results
=========================
"none"
No policy records were published at the sender's DNS domain.
"neutral"
The sender's ADMD has asserted that it cannot or does not
want to assert whether or not the sending IP address is authorized
to send mail using the sender's DNS domain.
"pass"
The client is authorized by the sender's ADMD to inject or
relay mail on behalf of the sender's DNS domain.
"policy"
The client is authorized to inject or relay mail on behalf
of the sender's DNS domain according to the authentication
method's algorithm, but local policy dictates that the result is
unacceptable.
"fail"
This client is explicitly not authorized to inject or
relay mail using the sender's DNS domain.
"softfail"
The sender's ADMD believes the client was not authorized
to inject or relay mail using the sender's DNS domain, but is
unwilling to make a strong assertion to that effect.
"temperror"
The message could not be verified due to some error that
is likely transient in nature, such as a temporary inability to
retrieve a policy record from DNS. A later attempt may produce a
final result.
"permerror"
The message could not be verified due to some error that
is unrecoverable, such as a required header field being absent or
a syntax error in a retrieved DNS TXT record. A later attempt is
unlikely to produce a final result.
DKIM and DomainKeys Results
===========================
"none"
The message was not signed.
"pass"
The message was signed, the signature or signatures were
acceptable to the verifier, and the signature(s) passed
verification tests.
"fail"
The message was signed and the signature or signatures were
acceptable to the verifier, but they failed the verification
test(s).
"policy"
The message was signed but the signature or signatures were
not acceptable to the verifier.
"neutral"
The message was signed but the signature or signatures
contained syntax errors or were not otherwise able to be
processed. This result SHOULD also be used for other
failures not covered elsewhere in this list.
"temperror"
The message could not be verified due to some error that
is likely transient in nature, such as a temporary inability
to retrieve a public key. A later attempt may produce a
final result.
"permerror"
The message could not be verified due to some error that
is unrecoverable, such as a required header field being
absent. A later attempt is unlikely to produce a final result.
==========================================================
Original Email
==========================================================
Return-Path: <support#easyretail.in>
Received: from vps.technowebs.in (23.236.190.220) by verifier.port25.com id hq1i5c20i3gi for <check-auth#verifier.port25.com>; Fri, 26 Feb 2016 09:42:30 -0500 (envelope-from <support#easyretail.in>)
Authentication-Results: verifier.port25.com; spf=pass smtp.mailfrom=support#easyretail.in
Authentication-Results: verifier.port25.com; domainkeys=neutral (message not signed) header.From=support#easyretail.in
Authentication-Results: verifier.port25.com; dkim=pass (matches From: support#easyretail.in) header.d=easyretail.in
Authentication-Results: verifier.port25.com; sender-id=pass header.From=support#easyretail.in
Received: from www.easyretail.in (localhost.localdomain [127.0.0.1])
by vps.technowebs.in (Postfix) with ESMTPA id 8C6093C2593
for <check-auth#verifier.port25.com>; Fri, 26 Feb 2016 20:12:29 +0530 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=easyretail.in;
s=default; t=1456497749;
bh=nosD6jtIMS+OOhW+x6qFyWo2Lid2rGvD39dKQAIrzIo=;
h=Date:From:To:Subject;
b=L/XoimrjmAdUbjHxyfObm/LTNlJ25vRQCV91JBE+lv82/WLMCOGSLP56LULw1DvWC
aDM9rpn3oIaS6Pw+Iqo120fFjvbhH1WotrmoknGEVDsqBPh1V0UYFoA7hVkLeUcoIi
y0ZVzMDvcDIjQxN0v+vcqdJ5K10WYUJ7uCOqZHO8=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8;
format=flowed
Content-Transfer-Encoding: 7bit
Date: Fri, 26 Feb 2016 20:12:29 +0530
From: support#easyretail.in
To: <check-auth#verifier.port25.com>
Subject: t
Message-ID: <f3def6547d7c92cb00e29668a7bf7ded#easyretail.in>
X-Sender: support#easyretail.in
User-Agent: Roundcube Webmail/0.8.5
Thanks in advance for your help.
Best Regards,
Rajib Deb

gmail has its own spam detection system, and your DNS/mail server configuration looks good and solid. From those facts I would assume that
- either you're sending (as a message subject/body) something that is considered as SPAM-related by gmail
- or your domain/ip address has a bad history with gmail (let's say during the process of configuration of your server you've tried to send some test emails with not properly configured mail domain too early). Gmail has recorded those bad attempts, and due to the past history considers them as spam.
I would suggest to send several emails to your own gmail account, and remove those emails from spam folder there (not a spam), that might tell the gmail spam detection engine to stop considering the emails coming from your domain as SPAM.

Gmail have now a postmaster tool you can check your domain/ip Reputation history, spam rate and in the "Authentication" area you can check DKIM/SPF/DMARC works correctly.
https://gmail.com/postmaster/
I recommend to use the CNAME record for authentication, if you are using the default TXT record also on SPF query this entry return.

Setting up DKIM and other DNS records for my mail server with external DNS

ello,
I'm trying to set up a 3rd party domain for my mail server and so far I've struggled making it out of the spam folder for my sent messages. And It's a whole other story with hotmail which blacklists my whole server. My DNS records are externally hosted on another Registrar and so far I've managed to pass some tests (SPF tests) when sending mails to: check-auth#verifier.port25.com. However, I cannot seem to pass the DKIM test where I get permerror. Here's what I did to set it up, I went to cpanel > Email > Authentication. and copied the DKIM record as shown on the page to a DNS entry on my registrar:
default_domainkey # example.com TXT ...
Here's the DKIM report on auth25:
----------------------------------------------------------
DKIM check details:
----------------------------------------------------------
Result: permerror (invalid key: error reading public key: 139806656485120:error:0D07209B:asn1 encoding routines:ASN1_get_object:too long:asn1_lib.c:142:;139806656485120:error:0D068066:asn1 encoding routines:ASN1_CHECK_TLEN:bad object header:tasn_dec.c:1306:;139806656485120:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:381:Type=X509_PUBKEY;)
ID(s) verified:
Canonicalized Headers:
message-id:<8e56704aed7b951ff8fadb1233971857#example.com>'0D''0A'
subject:TEST'0D''0A'
to:check-auth#verifier.port25.com'0D''0A'
from:salwa.fawzi#example.com'0D''0A'
date:Fri,'20'04'20'Dec'20'2015'20'10:56:30'20'+0100'0D''0A'
content-transfer-encoding:7bit'0D''0A'
content-type:text/plain;'20'charset=US-ASCII;'20'format=flowed'0D''0A'
mime-version:1.0'0D''0A'
dkim-signature:v=1;'20'a=rsa-sha256;'20'q=dns/txt;'20'c=relaxed/relaxed;'20'd=example.com;'20's=default;'20'h=Message-ID:Subject:To:From:Date:'20'Content-Transfer-Encoding:Content-Type:MIME-Version;'20'bh=q5cyARPl5zX/knmvCnEy11G7/r6gcljJ44qrvv5DErY=;'20'b=;
Canonicalized Body:
TEST'0D''0A'
DNS record(s):
default._domainkey.example.com. 86400 IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+INdfCMRWPx4Kr2vYS+S11VcN/7GGUBt9ZSgEJQCtesw0v4xFlNjA2N1N+ymshVZOPB76dhzd7CWb2YTYiUl5TjzM69Dp15KSDu5kQNwX/MaIHSNkWlnz+3AcdRG5rCwDxKkWiPlTDREz8bFdIY1+3UZbetZhq70+NQPYjMZHn69KzOnNrYraZ6es5nVDFVJi"
If anybody had experience on setting up Mail Servers on Cpanel/WHM I would really appreciate their help.

This:
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+INdfCMRWPx4Kr2vYS+S11VcN/7GGUBt9ZSgEJQCtesw0v4xFlNjA2N1N+ymshVZOPB76dhzd7CWb2YTYiUl5TjzM69Dp15KSDu5kQNwX/MaIHSNkWlnz+3AcdRG5rCwDxKkWiPlTDREz8bFdIY1+3UZbetZhq70+NQPYjMZHn69KzOnNrYraZ6es5nVDFVJi
is not a valid DKIM public key. How did you generate this value?

Mail goes into spam box (included isnotspam log)

When i try to send mail from my server,it goes into spam box of gmail.I checked with Isnotspam website.Everything looks good expect DomainKeys Check.Can you verify my log and tell me how to solve this problem.
==========================================================
Summary of Results
==========================================================
SPF Check : pass
Sender-ID Check : pass
DomainKeys Check : neutral
DKIM Check : pass
SpamAssassin Check : ham (non-spam)
==========================================================
Details:
==========================================================
HELO hostname: mail.cybapps.com
Source IP: xxx.xxx.xxx.xxx
mail-from: mailme#cybapps.com
Anonymous To: ins-ywhteogz#isnotspam.com
---------------------------------------------------------
SPF check details:
----------------------------------------------------------
Result: pass
ID(s) verified: smtp.mail=mailme#cybapps.com
DNS record(s):
cybapps.com. 300 IN TXT "v=spf1 a mx ip4:xxx.xxx.xxx.xxx ~all"
----------------------------------------------------------
Sender-ID check details:
----------------------------------------------------------
Result: pass
ID(s) verified: smtp.mail=mailme#cybapps.com
DNS record(s):
cybapps.com. 300 IN TXT "v=spf1 a mx ip4:xxx.xxx.xxx.xxx ~all"
----------------------------------------------------------
DomainKeys check details:
----------------------------------------------------------
Result: neutral (message not signed)
ID(s) verified: header.From=mailme#cybapps.com
Selector=
domain=
DomainKeys DNS Record=
----------------------------------------------------------
DKIM check details:
----------------------------------------------------------
Result: pass
ID(s) verified: header.From=mailme#cybapps.com
Selector=mail
domain=cybapps.com
DomainKeys DNS Record=mail._domainkey.cybapps.com
----------------------------------------------------------
SpamAssassin check details:
----------------------------------------------------------
SpamAssassin 3.4.1 (2015-04-28)
Result: ham (non-spam) (03.6points, 10.0 required)
pts rule name description
---- ---------------------- -------------------------------
* 3.5 BAYES_99 BODY: Bayes spam probability is 99 to 100%
* [score: 1.0000]
* -0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay
* domain
* -0.0 SPF_PASS SPF: sender matches SPF record
* 0.2 BAYES_999 BODY: Bayes spam probability is 99.9 to 100%
* [score: 1.0000]
* -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's
* domain
* -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
* 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
* valid
X-Spam-Status: Yes, hits=3.6 required=-20.0 tests=BAYES_99,BAYES_999,
DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,SPF_PASS,T_RP_MATCHES_RCVD autolearn=no
autolearn_force=no version=3.4.1
X-Spam-Score: 3.6
To learn more about the terms used in the SpamAssassin report, please search
here: http://wiki.apache.org/spamassassin/
==========================================================
Explanation of the possible results (adapted from
draft-kucherawy-sender-auth-header-04.txt):
==========================================================

I did a DNS lookup to your domain and found it:
$ host -t txt cybapps.com
cybapps.com descriptive text "google-site-verification=r3eFsCxzevI8CjwQsDi21PbKILrMc-EQjfQsSe301Wk"
cybapps.com descriptive text "v=spf1 a mx ptr ip4:172.110.8.33 mx:cybapps.com ~all"
So, you're adding a Google verification TXT, which conflicts with SPF. Can you do Google verification via a file instead and try again? Note you'll need to wait until TTL expires.
Also note: a fail or neutral result on DKIM or DomainKey results does not turn your mail into SPAM. It's more likely that your MX server is/was on some blacklist. Also note your PTR record for given mail IP does not point to your mail server, but to your plain domain (it should be mail.cybapps.com instead):
$ host mail.cybapps.com
mail.cybapps.com has address 172.110.8.33
$ host 172.110.8.33
33.8.110.172.in-addr.arpa domain name pointer cybapps.com.
EDIT:
I usually use mxtoolbox to check my mail installation:
http://mxtoolbox.com/domain/cybapps.com/
Hope it helps!

Mails from my website goes to spam folder

This is a result from isnotspam.com
========================================================== Summary of Results
SPF Check : softfail Sender-ID Check : neutral DomainKeys Check : neutral DKIM Check : neutral SpamAssassin Check : ham (non-spam)
========================================================== Details:
HELO hostname: in6.hostgator.in Source IP: 119.18.60.5 mail-from: info#propertyfirst.in Anonymous To: ins-kgqo0hhz#isnotspam.com
--------------------------------------------------------- SPF check details:
Result: softfail ID(s) verified: smtp.mail=info#propertyfirst.in DNS record(s): propertyfirst.in. 14394 IN TXT "v=spf1 a mx include:websitewelcome.com ~all"
---------------------------------------------------------- Sender-ID check details:
Result: neutral
ID(s) verified: smtp.mail=info#propertyfirst.in DNS record(s): propertyfirst.in. 14394 IN TXT "v=spf1 a mx include:websitewelcome.com ~all"
---------------------------------------------------------- DomainKeys check details:
Result: neutral (message not signed) ID(s) verified: header.From=info#propertyfirst.in Selector= domain= DomainKeys DNS Record=
---------------------------------------------------------- DKIM check details:
Result: neutral (message not signed) ID(s) verified: header.From=info#propertyfirst.in Selector= domain= DomainKeys DNS Record=
---------------------------------------------------------- SpamAssassin check details:
---------------------------------------------------------- SpamAssassin v3.3.1 (2010-03-19)
Result: ham (non-spam) (05.9points, 10.0 required)
pts rule name description
Can someone please tell me what is the issue here and what spf and how do I set it up.
Will setting up a spf help me in anyways ?

Indeed, an SPF SoftFail can cause your email to be classified as spam.
Judging from the current state of the TXT record for propertyfirst.in, you have already figured it out on your own, but for future reference, SPF is a way for the domain administrator to designate hosts as legitimate senders for the domain in question. The policy is published in DNS using a TXT or SPF RR.
In this particular case, the SPF policy of propertyfirst.in did not designate your web server 119.18.60.5 as a permitted sender. Consequently, emails from your web server were considered to be forged and marked as spam.
Your current SPF policy is v=spf1 +a +mx +ip4:119.18.60.5 +include:propertyfirst.in ~all, which explicitly permits 119.18.60.5 to send emails in the name of propertyfirst.in.
By the way you can lose the "+" PASS qualifiers, SPF mechanisms default to that.

DKIM amavisd test failed

I have configured a new email server for my company, we are using a cloud server on theplanet.com and a shared hosnting on bluehost.com, I configured the server using iredmail, all works great but when I try to test the dkim keys with amavisd testkeys it returns:
TESTING#1: dkim._domainkey.mydomain.com => invalid (public key: not available)
I set the dns record on dns panel in blehost
name: mail._domainkey
type: txt
value:"v=DKIM1; p=MIGfM......"
when I try to validate via auth#verifier.port25.com it returns
DKIM check details:
----------------------------------------------------------
Result: permerror (key "dkim._domainkey.mydomain.com" doesn't exist)
Please help me with this error

You created a DNS record of mail._domainkey.mydomain.com but your DKIM signer is using a selector of dkim therefore it's looking up dkim._domainkey.mydomain.com. If you rename the DNS record so that they match up it should work.