I recently noticed my gmail spam folder had some bounced messages to my business email address (which is configured to forward to my gmail). After some investigation it appears as though someone is using my domain name and randomly generated usernames as return address on their spam emails.
Mail.log shows these messages coming in, but not being sent. Is it possible that my server (Postfix or sendmail) is allowing a user to push out emails without generating log entries? What is the likelihood that somebody is spoofing my domain (not a very popular one at all) and not actually sending from my server?
Most importantly, what can I do to prevent spam emails from being sent out with my name on them, if anything? I'm concerned that gmail at least will mark me as a spammer since all the bounced spam messages are going to my gmail as though they were sent from my domain.
You can install the spamassassin in your server and connect it to the postfix. SpamAssassin uses a wide variety of local and network tests to identify spam signatures. This makes it harder for spammers to identify one aspect which they can craft their messages to work around.
It is very easy to config,SpamAssassin requires very little configuration; you do not need to continually update it with details of your mail accounts, mailing list memberships, etc. Once classified, site and user-specific policies can then be applied against spam. Policies can be applied on both mail servers and later using the user's own mail user-agent application.
You can refer the link to know more about the spamassassin
Related
I have a website, with a mailbox using Roundcube. This mailbox is affiliate to my domain name.
I use Cloudflare on my website with a D_marc in DNS section, and this send my own emails as SPAM to anybody.
I don't understand why.
v=DMARC1; p=quarantine; rua=mailto:contact#sp-batiment.com; ruf=mailto:contact#sp-batiment.com; fo=1
whereas I thought it should only send email who are not sent from my domain to SPAM folders.
The first step is to change p=quarantine to p=none (reporting only) as that won't break your own email. Then, once you have SPF and/or DKIM passing and in alignment (using same domain as the visible from) such that DMARC passes for all your legit mail, then cautiously ramp your policy back up to an enforcing policy.
I'd say that changing your policy to none (reporting only) gives the time and space to fix email authentication problems without causing you real problems with your own email deliverability.
Some emails sent by our sever go to spam for certain recipients. E.g when sent to #outlook.com email addresses.
I have been testing our emails using https://www.mail-tester.com
SpamAssassin gives a score of -0.1 for the issue of 'HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different'
This is the only issue reported. Everything else, such as SPF and DKIM, passes. There is no documentation on their website for this issue and I don't understand what it means or how to fix it.
The email is sent using PHPMailer via AWS SES.
I solved this by completing the setup of 'MAIL FROM' in AWS SES. This set the mail from header in emails to be my domain name.
"HEADER_FROM_DIFFERENT_DOMAINS" and mail-tester.com now gives me a score of 10/10.
Note that for some email providers it took a few weeks before we were trusted and emails stopped going to spam.
It means that the envelope sender address (which is used at the SMTP level) is different to the address used in the From header. This is very common, but can be a problem if you try to implement DMARC alignment. For example, you might send a message with a from header containing user#example.com, but your envelope sender might be bouncehandler#mail.example.com. You should be able to see this in the Return path header of a received message. Whether you can change this depends on exactly how you're sending your message, but in PHPMailer the envelope sender defaults to the from address, and you can override it by setting the Sender property.
A -0.1 penalty is unlikely to be the entire cause of your mail being sent to spam.
Its outlooks rubbish filtering system. They have "AI" rules that look at the sending ip address for reputation. They score you on user reportsand lots of other bits they will not tell you about. Make sure you have SPF, DMARC, DKIM, and sign up for their JMRP and SDNS they will tell you. But it still is a game of cat and mouse. Its a slippery slope and even Microsoft trap their own mail to their own outlook users. PITA, to be honest and luckily we managed to get a mitigation to the issue. However some users in different domains still complain of email going to JUNK. Go figure. I hate having to work on issues with Outlook.com. They themselves send out spam and have the audacity to block well configured SMTP senders.
I wish you luck. You will need it.
I have 2 Windows 2008 R2 boxes running in Microsoft Azure. My ASP.NET 4.0 site (let's imagine it's running at "example.com") has a standard Contact Us form.
When a user sends a Contact Us message, I use System.Net.Mail and SmtpDeliveryMethod.Network to deliver mail to an IIS6 SMTP server running on each box, which sends the mail to a Google Apps "enquiries#example.com" account, using the email address the user entered into the Contact Us form as the "From" address.
This was working beautifully for a year until I checked it today, and found this error in a .BDP file in the \Badmail folder:
550-5.7.1 Our system has detected an unusual rate of unsolicited mail originating from your IP address. To protect our users from spam, mail sent from your IP address has been blocked. Please visit http://www.google.com/mail/help/bulk_mail.html to review our Bulk Email Senders Guidelines.
Obviously Google upped their anti-spam strategies in the last 6 months - last time it worked was Feb 2013 (yeah, we don't get much mail luckily... yet).
I've read the Bulk Senders Guidelines linked above, but they're not really suited to my use case. My case is not sending emails from our server to users of our site (I simply use the Gmail API and send from our enquiries#example.com for that), but rather to collect users' enquiries so that we can easily respond by clicking Reply in that inbox.
I am looking for the easiest solution here. In response to the ones in Google's Bulk Senders Guidelines:
Use a consistent IP address to send bulk mail: I already do, doesn't seem to help
Reverse DNS: Godaddy, my domain and DNS provider doesn't seem to support them: http://support.godaddy.com/groups/domains-management-and-services/forum/topic/how-do-i-setup-reverse-dns/ Anyone know if there's a way?
Use the same address in the 'From:' header on every bulk mail you send: This is totally not my use case. I'll have different From headers in every email
SPF record: I think this only works if I am sending From ...#example.com every time. Is that right? My feeling is SPF doesn't help me here. Would love someone to enlighten me.
DKIM: This looks hellishly complicated, but I'll pursue it if someone thinks it can work in this case. Specifically is it OK that the From address doesn't match the "signing domain"? Anyone got any good "how to" links? And will this be sufficient for Google to un-blacklist me?
Sendgrid: Azure's preferred mail sending app. This means signing up, code changes, testing, and unknowns like "does Sendgrid allow any From address? It's non-trivial, and I'd like to avoid this, but again, will go there if it's what people think is the sanest option.
As a general answer to your questions, sending email on behalf of many different domains from one IP (e.g. example.net, example.org, and ex.co from 10.0.0.1) is generally seen as spammy behavior (and therefor not recommended).
Your points 1-5 only apply if you're sending from one domain. rDNS, SPF, and DKIM only improve delivery for one IP to one domain (in a generally 1:1) relationship.
Generally, the best way to avoid getting marked as spam in a situation like this is to set the From email as a consistent one that you actually control (e.g. enquery-sender#example.com), and then setting the Reply-To as the entered address (e.g. enquirer#someprovider.com). This way you consistently send from one domain, while still getting the benefit of replies going to the message originator (for example LinkedIn does it this way). Doing this will allow you to setup rDNS, SPF, and DKIM with benefit.
That said, if you decide that you don't want to use the recommended Reply-To method, you can use SendGrid to send from any arbitrary domain. It should not require any significant code change (just switching your current SMTP credentials to SendGrid's).
Disclaimer: I am a SendGrid employee.
I am sending a large number (over 70 within 1-2 minutes) emails with identical subject and content to the same Gmail account from a third-party email server. Address is formatted as 'gmailusername+person.name#gmail.com', where 'gmailusername' is the same for all messages, and 'person.name' is different for every message.
The first 3 messages arrived normally, but the rest seem to have disappeared.
Is where a Gmail limitation on recieving multiple nearly identical messages? Where can I find info on it?
The email content is a few lines of plain text. The account is used for testing, in production setting these emails will go to different addresses. These 70+ emails to the same address are the only emails that are being sent by the server at the time, i.e. there is not much other activity sending email from the same server to other Gmail addresses.
Technically, it's not a limit that's stopping you, it's their anti-spam filters; if their servers receive many identical e-mails differing only be recipient within a short space of time from a single sender, they'll often or not block them, obviously there are some algorithms going on behind the scenes to establish if it is actually spam (i.e. is the sender server part of a known spam network, is the sender on the trusted senders list of the recipients etc.) although we'll know exactly what goes in to deciding if the e-mail should be considered spam or not. ;)
You'll find most of the popular e-mail providers (Yahoo, Gmail etc.) do this.
Most mailing list providers get around this by automatically fragmenting how many e-mails are sent to a single provider in an hour - not to mention the bigger mailing providers are often or not more trusted by the e-mail providers that their content is legitimate.
While I think you're in the sending limit, do be aware Google will disable your account for 24 hours if they believe you are spamming. More information here.
I have seen Gmail limit emails, yes. But since you're testing, can you just change the subject with a time stamp, number, or guid? That might help.
"Testing Message 1", "Testing Message 2", etc.
Edit:
You won't run into limiting problems if you can either a) setup your own relay (very hard, but refer to this for a little help) or b) use an email campaign service provider such as MailChimp or Postmark. Note that it's good to be educated on the difference between "transactional" email and normal, bulk-advertising email.
In my website (under development), the members can send messages to each other which are sent directly to their email, now I'm worried that some members can send spam to other members (I have a spam filter but it doesn't give 100% protection as you know), I'm worried that my domain might get blacklisted on Yahoo, Gmail, Hotmail or AOL which will cause any messages sent from my domain to end up in the spam folder, this is why I want to add the domain of my website to their whitelists (if they exist).
P.S. I don't want to use private messages that members check on the site and I have my reason for this.
Thanks
Your email might not be considered "bulk" because it sounds like it's one->one as opposed to one->many, but these bulk mail help resources might still be helpful:
Yahoo! Mail Postmaster Help
GMail Bulk Sender Guidelines
Windows Live Hotmail Postmaster Services
AOL Postmaster Website
As Bevan mentioned, your task will be an ongoing one to keep your site clean on various services.
Not sure if you're already considering this, but you can send the email "on behalf of" the requesting user (i.e., set the from and reply-to fields to the user who is sending the message).
While there may be whitelists used by those sites, I suspect that they only contribute to whatever scoring system is in use - being on the list won't be sufficient in itself.
The overall controlling factor will be the "reputation" of your site - you need to work to ensure that reputation stays sound.
Unfortunately for your workload, I think this will be an ongoing task, not a one-off.