I have a small problem with a domain and that is that emails arrive to Spam and that the domain is new. I have checked the reputation of that domain and it has nothing out of the ordinary.
Information
I purchased a CLOUD VPS that runs CLOUDLINUX with static ips in a different provider than the one I acquired the domain. and I use WHM to manage my accounts. the emails are sent correctly, but they reach me in the SPAM tray. as additional information I just tried to send an email from the webmail tool offered by CPANEL from my account, and from here if they reach me in the inbox, but if I send from any email client like: (Outlook, Thunderbird) always I get to SPAM.
What could be the problem ?, Where should I start to review? Any help or collaboration is appreciated.
Check if your server's IP is listed in any RBL
This is a good tool for consult in multiples RBL: http://www.anti-abuse.org/multi-rbl-check
See if your reverse DNS or PTR is properly configured
In your apllication always send email by authenticating with SMTP.
We have bought the google apps account for the domain www.amarramesh.com hosted by bluehost.com
As per the google apps suggestion, we altered the CNAME records in bluehost for the domain www.amarramesh.com to sync with google apps.
There is an issue when I send the mail through a PHP file stored in my Bluehost server. I tested the email quality through mail-tester.com and it says the DKIM signature is not valid because in the DKIM signature selector = "default" and suggests I should change to "google.domainkey". Due to this, many of the emails sent from the server are going into people's spam boxes. How do I make this change? This problem doesn't happen when email is sent from Gmail.
I have tried Php-mailer and it worked for some time but Bluehost has now blocked it.
Why do you want to send mail from another host if you're using GoogleApps?
DKIM's purpose is to allow remote hosts to authenticate that your mail was really sent by the server(s) you permit to send them. This prevents a spammer from forging your domain name on spam he is sending out. If it wasn't bounced off of servers you authorized in your DKIM DNS record, remote mail servers won't deliver it -- or maybe send it to the spam folder (provided they look at the DKIM header and DNS record).
It does this by putting a private key encrypted header on the mail, and the public key to decrypt it on the DNS record. If it can be decrypted successfully, then it is assumed to be legit (because the sender knew the private key).
This might help if you want to enable mail being sent from both hosts.
https://blogs.msdn.microsoft.com/tzink/2013/04/26/how-to-set-up-your-dkim-records-if-you-are-outsourcing-some-or-all-of-your-email/
since a few days our internal email info#ourdomain.com seems to go bananas and sends out emails to all sort of email addresses. Some of those emails bounce and we receive Mail Delivery Failed emails every minute.
Here is our setup:
Domain hosted at Germany's 1und1 provider
Nameserver configured on Amazon Route 53
MX server mx01.kundenserver.de and mx00.kundenserver.de
Rails application hosted on heroku
I called the support at 1und1 and they told me to set a SPF record which I did:
"v=spf1 a mx ~all"
after researching the topic via http://www.spf-record.de/
Unfortunately this did not resolve the problem.
Honestly I am cluesless now what to do to prevent this random email sending.
Our account could have been hacked but the password was already changed.
Any of your email account or script/code compromise can cause outgoing spam emails. If outgoing emails are originating from particular email account and you find large outgoing email account from particular email account, you should consider to reset the password of that email account immediately. Also, compromised email sending script/code can can cause outgoing spam.
If "from" email address on spam email is none of your existing account then "From" email address is getting authenticated from any of your existing email account for which you should inspect SMTP logs of mail server(you should have administrative access of mail server)
Mail server IP address should not be blacklisted,please check IP here :- http://mxtoolbox.com/blacklists.aspx
If IP address is blacklisted, you can request IP whitelist after you identify and fix the outgoing spam source as RBL keeps IP address blacklisted until they find the spamming activity relaxed.
SPF and PTR record should be correct so that email recipient server can trust the sender mail server.
Bounce back email and spam email header can help to identify the issue more preciously.
This happened to me before, I had a "refer a friend" feature on my website and someone use an automated script to send emails to a ton of people. My server wasn't comprised, it was just bad coding in the feature that I installed that allowed my mail server to send mail to different people on my behalf.
Since the email is coming from you, your SPF/DKIM will check out just fine.
So thing about all the points on your website that can send email and see if any of them can be compromised.
Also you'll want to do a blacklist scan, I use this service it does more then 200+ blacklist: https://www.unlocktheinbox.com/blacklist/bl/
Make sure you scan both your domain name and IP address. But before you take any action to remove yourself, you should wait 24 hours until after you fix the exploit on your system. Requesting removal and popping up again can get you permanently listed.
We have custom cms that currently sits on a vendor's subdomain, such as cms.vendor.com. It sends email out as coming from user#vendor.com and it seems to be working fine (using Email Queuing + SwiftMailer)
Our vendor asked us to put in the functionality for his users to be able to select from a dropdown, 3-4 other emails address associated with them from other domains he owns. Basically we need to be able to send out emails from our server labeled as being sent from #hisdomains.com, multiple domains.
I am a web programmer and have no clue when it comes to relaying messages. How would I go about being able to send out emails from his other domains? Does he need to setup permissions on his mail servers, or do I need to get into his SMTP servers to send out?
What are some things I should look out for when it comes to SPAM and gmail trusting us?
EDIT:
Not sure if my original question was clear enough. Vendor owns three domains: mysite.com, myothersite.com, mythirdsite.com. He wants a user from our crm to be able to send emails he has on those domains. So my dedicated server will be trying to send an email out as user#mysite.com, user#myothersite.com, and user#mythirdsite.com in the FROM: header.
As long as your server is allowed to send on behalf of a domain your vendor owns, you should not have a problem; just change the From: header to something else when you send out the e-mail.
Stuff like SPF, Sender ID and DKIM have to be properly configured to allow your server to send on behalf of any domain.
See also: http://en.wikipedia.org/wiki/E-mail_authentication
Any domain where the mx record resolves to the same server will work. so user#any.domain will email the same user on the mx contingent server.
To answer your question - just make sure that the mx records in the DNS zone file for each domain name points to the same server as the domain you want to share emails on.
also dependent on server configuration (like shared or whatever) I'm assuming it's dedicated with a simple email server installed. I'm not sure on cPanel/shared servers. but possibly the same.
For the past few weeks, I've been trying to learn about just how email works. I understand the process of a client receiving mail from a server using POP pretty well. I also understand how a client computer can use SMTP to ask an SMTP server to send a message. However, I'm still missing something...
The way I understand it, outgoing mail has to make three trips:
Client (gmail user using Thunderbird) to a server (Gmail)
First server (Gmail) to second server (Hotmail)
Second server (Hotmail) to second client (hotmail user using OS X Mail)
As I understand it, step one uses SMTP for the client to communicate. The client authenticates itself somehow (say, with USER and PASS), and then sends a message to the gmail server.
However, I don't understand how gmail server transfers the message to the hotmail server.
For step three, I'm pretty sure, the hotmail server uses POP to send the message to the hotmail client (using authentication, again).
So, the big question is: when I click send Mail sends my message to my gmail server, how does my gmail server forward the message to, say, a hotmail server so my friend can recieve it?
Thank you so much!
~Jason
Thanks, that's been helpful so far.
As I understand it, the first client sends the message to the first server using SMTP, often to an address such as smtp.mail.SOMESERVER.com on port 25 (usually).
Then, SOMESERVER uses SMTP again to send the message to RECEIVESERVER.com on port 25 (not smtp.mail.RECEIVESERVER.com or anything fancy).
Then, when the recipient asks RECEIVESERVER for its mail, using POP, s/he recieves the message... right?
Thanks again (especially to dr-jan),
Jason
The SMTP server at Gmail (which accepted the message from Thunderbird) will route the message to the final recipient.
It does this by using DNS to find the MX (mail exchanger) record for the domain name part of the destination email address (hotmail.com in this example). The DNS server will return an IP address which the message should be sent to. The server at the destination IP address will hopefully be running SMTP (on the standard port 25) so it can receive the incoming messages.
Once the message has been received by the hotmail server, it is stored until the appropriate user logs in and retrieves their messages using POP (or IMAP).
Jason - to answer your follow up...
Then, SOMESERVER uses SMTP again to send the message to RECEIVESERVER.com on port 25 (not smtp.mail.RECEIVESERVER.com or anything fancy).
That's correct - the domain name to send to is taken as everything after the '#' in the email address of the recipient. Often, RECEIVESERVER.com is an alias for something more specific, say something like incoming.RECEIVESERVER.com, (or, indeed, smtp.mail.RECEIVESERVER.com).
You can use nslookup to query your local DNS servers (this works in Linux and in a Windows cmd window):
nslookup
> set type=mx
> stackoverflow.com
Server: 158.155.25.16
Address: 158.155.25.16#53
Non-authoritative answer:
stackoverflow.com mail exchanger = 10 aspmx.l.google.com.
stackoverflow.com mail exchanger = 20 alt1.aspmx.l.google.com.
stackoverflow.com mail exchanger = 30 alt2.aspmx.l.google.com.
stackoverflow.com mail exchanger = 40 aspmx2.googlemail.com.
stackoverflow.com mail exchanger = 50 aspmx3.googlemail.com.
Authoritative answers can be found from:
aspmx.l.google.com internet address = 64.233.183.114
aspmx.l.google.com internet address = 64.233.183.27
>
This shows us that email to anyone at stackoverflow.com should be sent to one of the gmail servers shown above.
The Wikipedia article mentioned (http://en.wikipedia.org/wiki/Mx_record) discusses the priority numbers shown above (10, 20, ..., 50).
You're looking for the Mail Transfer Agent, Wikipedia has a nice article on the topic.
Within Internet message handling services (MHS), a message transfer agent or mail transfer agent (MTA) or mail relay is software that transfers electronic mail messages from one computer to another using a client–server application architecture. An MTA implements both the client (sending) and server (receiving) portions of the Simple Mail Transfer Protocol.
The terms mail server, mail exchanger, and MX host may also refer to a computer performing the MTA function. The Domain Name System (DNS) associates a mail server to a domain with mail exchanger (MX) resource records containing the domain name of a host providing MTA services.
You might also be interested to know why the GMail to HotMail link uses SMTP, just like your Thunderbird client. In other words, since your client can send email via SMTP, and it can use DNS to get the MX record for hotmail.com, why doesn't it just send it there directly, skipping gmail.com altogether?
There are a couple of reasons, some historical and some for security. In the original question, it was assumed that your Thunderbird client logs in with a user name and password. This is often not the case. SMTP doesn't actually require a login to send a mail. And SMTP has no way to tell who's really sending the mail. Thus, spam was born!
There are, unfortunately, still many SMTP servers out there that allow anyone and everyone to connect and send mail, trusting blindly that the sender is who they claim to be. These servers are called "open relays" and are routinely black-listed by smarter administrators of other mail servers, because of the spam they churn out.
Responsible SMTP server admins set up their server to accept mail for delivery only in special cases 1) the mail is coming from "its own" network, or 2) the mail is being sent to "its own" network, or 3) the user presents credentials that identifies him as a trusted sender. Case #1 is probably what happens when you send mail from work; your machine is on the trusted network, so you can send mail to anyone. A lot of corporate mail servers still don't require authentication, so you can impersonate anyone in your office. Fun! Case #2 is when someone sends you mail. And case #3 is probably what happens with your GMail example. You're not coming from a trusted network, you’re just out on the Internet with the spammers. But by using a password, you can prove to GMail that you are who you say you are.
The historical aspect is that in the old days, the link between gmail and hotmail was likely to be intermittent. By queuing your mail up at a local server, you could wash your hands of it, knowing that when a link was established, the local server could transfer your messages to the remote server, which would hold the message until the recipient's agent picked it up.
The first server will look at DNS for a MX record of Hotmail server. MX is a special record that defines a mail server for a certain domain. Knowing IP address of Hotmail server, GMail server will sent the message using SMTP protocol and will wait for an answer. If Hotmail server goes down, GMail server wiil try to resend the message (it will depend on server software configuration). If the process terminates ok, then ok, if not, GMail server will notify you that he wasn´t able to deliver the message.
If you really want to know how email works you could read the SMTP RFC or the POP3 RFC.
All emails are transferred using SMTP (or ESMTP).
The important thing to understand is that the when you send message to someguy#hotmail.com this message's destination is not his PC. The destination is someguy's inbox folder at hotmail.com server.
After the message arrives at it's destination. The user can check if he has any new messages on his account at hotmail server and retrieve them using POP3
Also it would be possible to send the message without using gmail server, by sending it directly from your PC to hotmail using SMTP.
Step 2 to 3 (i.e. Gmail to Hotmail) would normally happen through SMTP (or ESMTP - extended SMTP).
Hotmail doesn't send anything to a client via POP3. It's important to understand some of the nuances here. The client contacts Hotmail via POP3 and requests its mail. (i.e. the client initiates the discussion).