So I have this weird problem at my company with our email system.
(And I'll preface this by saying that I'm a web/graphic designer forced into an IT role as well, so forgive my noobish-ness please)
I just switched our company over to Google Apps for Business to take advantage of all of Google's apps and features.
The MX records for all six of our domains have been switched over to Google for days now, and it seems to be working very well except for a couple of things...
Those users in the organization who haven't switched their Outlook/Thunderbird/Mail App to Google's settings are still sending and receiving mail through the old system, which is hosted by MyHosting.com, even though the MX records clearly show that mail should be going to Google's servers.
Our website contact forms are still sending through the old system as well and NOT Google. For instance, woodshedsmokehouse.com contact form sends an email to info#woodshedsmokehouse.com on the old system, instead of sending it to info#woodshedsmokehouse.com at our Google Apps account (which is a 'nickname' of info#cheftimlove.com).
Now, here's where I think there might be some confusion... maybe, again I'm a noob.
All six of our domains have A Records of SMTP and MAIL that still point to MyHosting.com's mail servers.
Is this the issue? If so, how can I fix it? Google Apps support has not said a word about altering A Records
Any insight and help is more than greatly appreciated. Thank you!
I can understand why it's sending through the old domain, but I can't understand the receiving part. Are the emails they are receiving through the old domain a "Reply To Email" Or "New Emails".
I know A records are used as backup MX Records. And MX record are not needed at all, if your hosting the mail server off the A record location.
I'm curious, if you found a solution and an explanation. I checked your MX Records and they seem fine of the 2 domains you listed. I also use MyHosting, but I host my own email servers.
If you can post the headers of the email on the ones they receive and send, that would be helpful.
Related
So today a client of mine sent out a marketing newsletter to around 140k clients that included a link to our web app.
What happened next was my web app experienced a flood of traffic (over 9000 requests in 15 minutes) from Microsoft-owned IP addresses in the range 40.94././ requesting that specific page on my site. This took the app down for all my clients until I managed to restart it.
It seems like the scan took place regardless of whether a user clicked on the link or not, as there are no other IP addresses in the request logs for the same url during this period.
So my question is, was this Microsoft pre-emptively scanning that link as it was delivered to newsletter subscribers? Or does the scan only happen when the link is clicked - I've found conflicting information on this, and as mentioned I see no other IP address requests during this period.
And secondly, how can I stop this from happening in the future - is my only option to blacklist this IP range, or are there other strategies?
So for anyone struggling with something similar I can confirm that Microsoft pre-emptively scans the links inside a received email before it lands in the recipients inbox.
The effect of this is that if a huge newsletter is sent to hundreds of thousands of recipients, Microsoft effectively triggers a wave of traffic to your server.
It would appear the only solution is to black-list their range of IPs, or ensure you have some throttling mechanism in place.
One of the solution as mentioned in the other answer is to block the range of ip addresses that belong to Microsoft Safelink in order to prevent the scans from accessing the website.
Other solution might be to use JS Challenge such as this available in Cloudflare. With such a solution each user has to go through a website that first verifies if he/she is using a real browser and only if that is the case he/she is redirected to the target website.
Such a JS Challenge can be enabled only for those accessing website from links in the email so that anyone using browser to directly access a website won't be affected
Some email clients consider our emails as a phishing (in Office 365). The only thing that was missing based on the https://mxtoolbox.com/SuperTool.aspx?action=mx was DMARC entry missing.
I've added TXT DNS record like this (TTL 1hr):
v=DMARC1;p=none;pct=100;rua=mailto:postmaster#mydomain.com
Can it resolve the issue? Is there any specific action required to make it work with Mailgun / GoDaddy?
Thanks in advance for any help/info.
Since you have p=none, it won't resolve the issue, you need to inform the mail server to reject the email. Basically, you're just in monitoring mode with p=none.
What that being said, it sounds like you're saying Office 365 is regarding your emails as a phishing attempt. I think you might be hitting their spam filter based on certain keywords. Send an email to yourself and look at the PCL in the email headers in the outlook account and see what it says.
If you don't know how to see view the headers and just want to make it easy, you can use an inbox tester that will show you the headers.
You can also open a ticket with Microsoft and ask them why the PCL is high on your emails. They might be able to assist.
Link to: Microsoft Sender Support
Another good thing to do is to go through this Email Checker Guide, it touches on every aspect of sending email. You might have a mis-configuration someplace that's causing the issue.
This is a question that was asked a while ago on Server Fault, but was never really answered.
I have attempted to follow multiple guides, however, every single time I test it out I get
The error that the other server returned was:
550 5.7.1 Relaying denied
Does anyone have any advice on using Mailgun to achieve split delivery for Google Apps?
The way I do it, is setup a subdomain that has the mx records set to point at mailgun, then on the main domain, any addresses I want to go to mailgun I setup to forward to the subdomain
so say I want website#example.com to go to mailgun, i set this to forward to website#mailgun.example.com
You just need to make sure your code swaps out #mailgun.example.com with #example.com in the to fields if that matters to what you are doing
Hope that helps
I have a site on a dedicated server with it's own IP range that has been running for a good few years. We have a notification email address (mailout#domain.com) which we use to send automated emails (activation emails when a user signs up and notification emails if something relevant to them happens, eg someone befriends them or comments on their picture etc). Users can select whether to receive these notifications or not. We have SPF and RDNS setup.
Email from all our other email accounts go to hotmail/gmail/yahoo mail etc correctly into the inbox. However any mail sent from the mailout#domain.com account (whether automatically by the server or manually via outlook) is delivered correctly to the inboxes for yahoo and gmail however goes into Junk in Hotmail (but other #domain.com addresses deliver to hotmail's inbox correctly). It says at the top of the message that MS Smartscreen marked this message as junk. I signed up for MS Smart Network Data Services to monitor the IP and it says it's not blocked but it displays Bot-like behaviour (which kind of makes sense as our notifications are kind of bot like even though they're not spam).
I can't work out what to do to prevent this from happening, we've authenticated the email, there's obviously not a general block on the IP as emails from different accounts on the same domain are going through successfully. It doesn't seem to be the format of the email either because if I send identical emails from mailout#domain.com and contact#domain then the one from contact# gets through to the inbox but the one from mailout# goes through to junk.
I can't really work out what to do and obviously trying to get MS to sort it out is never going to happen and i've used all their available tools. I can obviously try setting up a new email address (eg noreply#domain.com) and using that for notifications but i assume it will only be a matter of time before that gets blocked as well.
I would be immensely grateful for any suggestions anyone has!
Thanks so much,
Dave
You don't have many options. Try to do as many of the following as you can:
Reach out to MS support (don't discard this notion)
Implement DKIM and possibly DMARC (which are vastly more informative than SPF)
Change your IP address to something cleaner
Find and follow bulk sender best practices, e.g. M³AAWG's BCPs, perhaps the Help – I'm on a Blocklist doc
I am developing a website -- in the prototype stage, soon to be alpha. I will provide an email address to each account that allows the user to deposit stuff -- not a real email account, just an endpoint for sending things to the site. Many sites provide this kind of service nowadays. I think the first one I saw was Photobucket, which let's you send photos as email attachments.
My question is, what is the best way to implement this kind of service?
In my prototype, I have written a POP3 client which fetches all newly delivered mail (currently from a test Gmail account). My service processes each new mail and attachments, and immediately removes it from the email server.
I could certainly outsource to an email service with POP3 and be done with it. The problem is cost. Most services I have seen provide much more than I need, and they charge per account. I expect to have many accounts and low traffic volume.
So I'm leaning towards hosting email receipt myself. I am open to Windows or Linux. The code that processes incoming emails runs on Windows, but I have other services running on Linux. I have seen a number of open source and free email servers, such as hMailServer and MailEnable (Windows) and qmail, Postfix and exim (Linux).
I guess I have a slight preference towards Linux because of lower hosting costs, but if a Windows service can provide cleaner integration, that might be worth it. As far as features, I would like to have some spam filtering, but it's is not a huge priority. POP3 is adequate for retrieval, but a more direct API would be nice. I will need some kind of API for programmatically provisioning new accounts.
All suggestions are appreciated. Do you know how others implement this kind of service?
UPDATE: I ended up using hMailServer, which is a free mail server that runs on Windows. It seems to be quite mature and robust. It has a COM interop library which makes accessing emails, accounts, etc. from my .NET server app very easy indeed.
If you're going the host-your-own-email-server route, I would probably just use POSTFIX and pipe all your email to a PHP script, which processes the email.
Here's a quick'n dirty tutorial on setting up the email pipe if you're using cPanel:
http://kb.siteground.com/article/How_to_pipe_an_email_to_a_PHP_script.html
If not, here's how to do it:
http://answers.google.com/answers/threadview?id=562518
The bottom line is, you need to have an open SMTP connection to accept email. If you have your own server, then you can install a SMTP server on the machine. Usually, you have filesystem access to the location the email files are placed. Be sure to select a SMTP server that allows this, and that the email are in a format that you can parse.
Then, you can just monitor the file location for incoming emails.
If you can't pipe your emails (using the Postfix suggestion), and you don't have your own server (for example, on a shared hosting plan), then you will need to query a POP3 or IMAP mailbox server for your emails, and parse them accordingly.
I wanted to get emails in real time so I worked out my own solution with google app engine. I basically made a small dedicated google app engine app to receive and POST emails to my main site. That way I could avoid having to set up an email server.
You can check out Emailization (a little weekend project I did to do it for you), or you this small GAE app that should do the trick.
I kinda explained it more on another question.
Hope that helps!