mails from smartermail Server going to spam or junk Gmail,outlook,hotmail
Problem reported by Parinda Dissanayake - December 22, 2015 at 6:02 AM
Submitted
Hi Team
"    I already purchase smarter mail enterprise edition 500mbx and deploy to a server but all the mails going to spam or junk in gmail ,Hotmail,outlook domains
"    So I tested this with 3 deferent IPS IP address but no hope
"    Then I setup another ZIMBRA mail server with same IP setup with same domain name and tested and it successfully sending mails to Gmail ,Hotmail, outlook inboxes
I'm totally stuck right now and I not able to deliver this server to my client and I already rise this with my previous mail but still no answer
"    Here with I attach 2 massages with Headers that I send from smartmail server to my gmail account and ZIMBRA mail server to same gmail account
--------------------------------------------------------------------------------------------------------------------------------------------------------------
from smarter mail Header -
-----------------------------------------------------------------------------------------------------------------------------------------------------------------
                                                                                        
Delivered-To: w3in1web@gmail.com
Received: by 10.36.108.8 with SMTP id w8csp3363538itb;
        Tue, 22 Dec 2015 04:21:31 -0800 (PST)
X-Received: by 10.28.217.145 with SMTP id q139mr25604484wmg.79.1450786891255;
        Tue, 22 Dec 2015 04:21:31 -0800 (PST)
Return-Path: <parinda@mail.cammanagementsolutions.in>
Received: from mail.cammanagementsolutions.in ([203.189.70.179])
        by mx.google.com with ESMTP id up7si56294166wjc.121.2015.12.22.04.21.29
        for <w3in1web@gmail.com>;
        Tue, 22 Dec 2015 04:21:30 -0800 (PST)
Received-SPF: neutral (google.com: 203.189.70.179 is neither permitted nor denied by best guess record for domain of parinda@mail.cammanagementsolutions.in) client-ip=203.189.70.179;
Authentication-Results: mx.google.com;
       spf=neutral (google.com: 203.189.70.179 is neither permitted nor denied by best guess record for domain of parinda@mail.cammanagementsolutions.in) smtp.mailfrom=parinda@mail.cammanagementsolutions.in
Received: by mail.cammanagementsolutions.in via HTTP;
    Tue, 22 Dec 2015 17:51:20 +0530
From: "Parinda Dissnaayake" <parinda@mail.cammanagementsolutions.in>
To: <w3in1web@gmail.com>
Subject: server report 102
Date: Tue, 22 Dec 2015 17:51:20 +0530
Reply-To: parinda@mail.cammanagementsolutions.in
Message-ID: <f2ad349697cb4db380cc958b2e6fe4b0@mail.cammanagementsolutions.in>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary=0c04f789941543e384dd313a1ba892b3
X-Originating-IP: [203.189.70.178]
This is a multipart message in MIME format.
--0c04f789941543e384dd313a1ba892b3
Content-Type: text/plain;
    charset="us-ascii"
Content-Transfer-Encoding: 7bit
 
-------------------------------------------------------------------------------------------------------------------------------------------
 
from zimbra server -
----------------------------------------------------------------------------------------------------------------------------------------
 
Delivered-To: w3in1web@gmail.com
Received: by 10.36.108.8 with SMTP id w8csp3212849itb;
        Mon, 21 Dec 2015 23:00:02 -0800 (PST)
X-Received: by 10.28.172.2 with SMTP id v2mr25593692wme.10.1450767601956;
        Mon, 21 Dec 2015 23:00:01 -0800 (PST)
Return-Path: <parinda@mail.cammanagementsolutions.in>
Received: from mail.cammanagementsolutions.in ([203.189.70.179])
        by mx.google.com with ESMTPS id vu8si54636450wjc.28.2015.12.21.23.00.01
        for <w3in1web@gmail.com>
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Mon, 21 Dec 2015 23:00:01 -0800 (PST)
Received-SPF: neutral (google.com: 203.189.70.179 is neither permitted nor denied by best guess record for domain of parinda@mail.cammanagementsolutions.in) client-ip=203.189.70.179;
Authentication-Results: mx.google.com;
       spf=neutral (google.com: 203.189.70.179 is neither permitted nor denied by best guess record for domain of parinda@mail.cammanagementsolutions.in) smtp.mailfrom=parinda@mail.cammanagementsolutions.in
Received: from localhost (localhost [127.0.0.1])
    by mail.cammanagementsolutions.in (Postfix) with ESMTP id 40752C270C
    for <w3in1web@gmail.com>; Tue, 22 Dec 2015 12:29:58 +0530 (IST)
Received: from mail.cammanagementsolutions.in ([127.0.0.1])
    by localhost (mail.cammanagementsolutions.in [127.0.0.1]) (amavisd-new, port 10032)
    with ESMTP id hFtexJotM1Cs for <w3in1web@gmail.com>;
    Tue, 22 Dec 2015 12:29:56 +0530 (IST)
Received: from localhost (localhost [127.0.0.1])
    by mail.cammanagementsolutions.in (Postfix) with ESMTP id 9AA95C2730
    for <w3in1web@gmail.com>; Tue, 22 Dec 2015 12:29:56 +0530 (IST)
X-Virus-Scanned: amavisd-new at mail.cammanagementsolutions.in
Received: from mail.cammanagementsolutions.in ([127.0.0.1])
    by localhost (mail.cammanagementsolutions.in [127.0.0.1]) (amavisd-new, port 10026)
    with ESMTP id vQTU60peE-Lf for <w3in1web@gmail.com>;
    Tue, 22 Dec 2015 12:29:56 +0530 (IST)
Received: from mail.cammanagementsolutions.in (mail.cammanagementsolutions.in [203.189.70.179])
    by mail.cammanagementsolutions.in (Postfix) with ESMTP id 24CA8C270C
    for <w3in1web@gmail.com>; Tue, 22 Dec 2015 12:29:56 +0530 (IST)
Date: Tue, 22 Dec 2015 12:29:55 +0530 (IST)
From: "Parinda D. Dissanayake" <parinda@mail.cammanagementsolutions.in>
To: w3in1web@gmail.com
Message-ID: <327909990.31.1450767595892.JavaMail.zimbra@mail.cammanagementsolutions.in>
Subject: server rpt month december
MIME-Version: 1.0
Content-Type: multipart/alternative;
    boundary="----=_Part_30_589676338.1450767595885"
X-Originating-IP: [203.189.70.179]
X-Mailer: Zimbra 8.6.0_GA_1153 (ZimbraWebClient - FF39 (Win)/8.6.0_GA_1153)
Thread-Topic: server rpt month december
Thread-Index: P6+mntqSxYEoZNoXqmee0ucUmlK6fA==
------=_Part_30_589676338.1450767595885
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
server rpt month december
------=_Part_30_589676338.1450767595885
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: 7bit
<html><body><div style="font-family: arial, helvetica, sans-serif; font-size: 12pt; color: #000000"><div>server rpt month december </div></div></body></html>
------=_Part_30_589676338.1450767595885--
 
 server report 102
 

--0c04f789941543e384dd313a1ba892b3
Content-Type: text/html;
    charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<span style=3D"font-family: Arial, Helvetica, Sans-Serif; font-size: 12px">=
<div>&nbsp;</div>
<div>server report 102</div>
<div style=3D"-webkit-touch-callout: none; -webkit-user-select: none; -khtm=
l-user-select: none;-moz-user-select: none;-ms-user-select: none;-o-user-se=
lect: none;user-select: none;">&nbsp;</div></span>
--0c04f789941543e384dd313a1ba892b3--
 
 

6 Replies

Reply to Thread
1
Welcome to SmarterMail, Parinda!
 
As you're finding out, there's a bit of configuration and work required to getting an e-mail server setup and configured, but you've asked the right question, in the right place . . .
 
In order to ensure e-mail from your, or anyone else's e-mail server is accepted, you'll need to setup some "identifying information," specific to your e-mail server, the hosted domain name(s), link your STATIC, PUBLIC IP address (es) to the domain name (s), and prove to other ISPs that every message sent from your e-mail server is legitimate, and was properly authorized by a valid user's account, shopping cart, website, prior to being set.
 
You'll need to setup rDNS, DKIM, SPF, and DMARC for every domain you host. You should also consider setting up FEEDBACK LOOPS for each domain, with, at minimum, the now 14 ISPs who require them.
 
Sounds overwhelming, but it doesn't have to be.
 
 
You should also make certain you are in compliance with the Can Spam Acts of the: - United States; - Canada; - European Union, and; - Australia so you don’t het blacklisted. Good luck in your new SmarterMail project.
 
My "SmarterMail Antispam Settings Document," located at: https://portal.chicagonettech.com/kb/a171/smartermail-antispam-settings-document.aspx will help to ensure that you are fully protected against incoming spam - at minimal, if any, additional cost to you.
 
Remember, both SmarterMail Tech support, and independent contractors, line myself, are available to assist you with your initial setup and configuration, if necessary.
 
Merry Christmas, and have a Happy New Year!
Bruce Barnes
ChicagoNetTech Inc
brucecnt@comcast.net

Phonr: (773) 491-9019
Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting
2
Not sure why they would accept the email from Zimbra at all as the IP Address of 203.189.70.179 does not have a Reverse DNS entry it would fail rDNS & FCrDNS lookups that are used as a primary form of Anti-Spam detection. All email from that IP Address regardless of what Mail Server software you are using should be delivered to the Spam folder as it currently is. Your Reverse DNS for 203.189.70.179 must match Forward DNS and your Mail Server's Hostname in Smartermail. Also having a SPF Record and DMARC Record in DNS at the very least, and using DKIM would also help with email delivery to the Inbox instead of to the Spam folder as Bruce pointed out.
0
HI Bruce and Scarab
 
wish you both merry Christmas ,
 
i setup all the records SPF,DKIM,DMARC  all the records except RDNS and that also completed with in 24rs time
below is my original server. but unfortunately still all mail from Gmail and Microsoft going to spam folder
 
any Idea to to get this mails to inbox
 
Delivered-To: w3in1web@gmail.com
Received: by 10.182.135.234 with SMTP id pv10csp5685931obb;
        Sat, 26 Dec 2015 02:51:43 -0800 (PST)
X-Received: by 10.194.174.73 with SMTP id bq9mr49567080wjc.115.1451127102727;
        Sat, 26 Dec 2015 02:51:42 -0800 (PST)
Return-Path: <kamal@srilankantrips.com>
Received: from MailEdge01.mabuhaytravel.co.uk ([203.189.70.156])
        by mx.google.com with ESMTP id 203si42973047wmw.23.2015.12.26.02.51.40
        for <w3in1web@gmail.com>;
        Sat, 26 Dec 2015 02:51:42 -0800 (PST)
Received-SPF: pass (google.com: domain of kamal@srilankantrips.com designates 203.189.70.156 as permitted sender) client-ip=203.189.70.156;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of kamal@srilankantrips.com designates 203.189.70.156 as permitted sender) smtp.mailfrom=kamal@srilankantrips.com;
       dkim=pass header.i=@srilankantrips.com;
       dmarc=pass (p=QUARANTINE dis=NONE) header.from=srilankantrips.com
Received: from TCMail01.mabuhaytravel.co.uk (UnknownHost [172.16.12.235]) by MailEdge01.mabuhaytravel.co.uk with SMTP;
   Sat, 26 Dec 2015 02:51:32 -0800
X-SmarterMail-Authenticated-As: kamal@srilankantrips.com
DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns;
        d=srilankantrips.com; s=7728426923729873;
        h=received:from:to:subject:date:reply-to:message-id:mime-version
          :content-type:x-originating-ip;
        
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=srilankantrips.com; s=7728426923729873;
        h=x-originating-ip:content-type:mime-version:message-id:reply-to
          :date:subject:to:from;
        
Received: by TCMail01.mabuhaytravel.co.uk via HTTP;
	Sat, 26 Dec 2015 02:51:24 -0800
From: "Kamal Sameera" <kamal@srilankantrips.com>
To: <w3in1web@gmail.com>
Subject: test 3
Date: Sat, 26 Dec 2015 02:51:24 -0800
Reply-To: kamal@srilankantrips.com
Message-ID: <493cb1931fd3401d886fe9e51e15db19@srilankantrips.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary=1d5f3eb8e86043df886b616a3b75f4b6
X-Originating-IP: [175.157.15.218]
X-MessageSniffer-Identifier: c:\SmarterMail\Spool\SubSpool6\27954021.eml
X-GBUdb-Analysis: 0, 172.16.12.235, Ugly c=0.237282 p=-0.4 Source Normal
X-MessageSniffer-Scan-Result: 0
X-MessageSniffer-Rules:
	0-0-0-2629-c

This is a multipart message in MIME format.

--1d5f3eb8e86043df886b616a3b75f4b6
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: 7bit

test 3
  


--1d5f3eb8e86043df886b616a3b75f4b6
Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<span style=3D"font-family: Arial, Helvetica, Sans-Serif; font-size: 12px">=
<div>test 3</div>

<div style=3D"-webkit-touch-callout: none; -webkit-user-select: none; -khtm=
l-user-select: none;-moz-user-select: none;-ms-user-select: none;-o-user-se=
lect: none;user-select: none;">&nbsp;</div></span>

--1d5f3eb8e86043df886b616a3b75f4b6--

 
0
Once you setup your new records, it can take up to 24 hours for them to propogate through the top level DNS servers.
 
Note that, while some DNS servers allow you to setup rDNS, you must, generally, ask your internet provider, the group who assigned you your static IP addresses, to setup your rDNS as they are, technically, the owners of the IP addresses which are allocated to your account and must request the re-allocation of the reverse DNS to your SmarterMail server.  The rDNS should point to your PRIMARY SMARTERMAIL SERVER and IP ADDRESS.
 
 
Example:  our primary SmarterMail server, the FQDN of the server which handles all of the e-mail traffic, for all of our hosted domains, is "securemail.chicagonettech.com" and is mapped to 173.165.112.155.  Therefore, our rDNS points to securemail.chicagonettech.com
 
Had we not asked our provider to point the rDNS for 173.165.112.155 to our SmarterMail server, then it would point to their network.  Since their network name is different that our MX server, we would fail all of the rDNS tests.
 
You can use this tool, http://my-addr.com/domain-ptr-record-lookup-test-and-check-tool.php to check where your rDNS setting.  Use either a valid e-mail address or the FQDN of your SmarterMail server in the input field.

Did you generate the DKIM certificates from SmarterMail, making them at least 1024 bit - that's the minimum acceptable length, but 2048 is better.
 
You don't need a DomainKey cert, just DKIM, and that's generated under the SETTINGS ===> ADVANCED ===> MAIL SIGNING tab for EACH of your hosted domains:
 
Generating a certificate to sign DKIM
Generating a Certificate to Sign DKIM
 
Assign a SELECTOR name and then generate the cert
Assign a SELECTOR NAME, select the CERTIFICATE SIZE
(minimum 1024, suggested 2048), and the click on generate Key

This will generate both the PRIVATE and PUBLIC keys for SmarterMail
and the domain,  The PRIVATE KEY is hidden, you don't need to do anything
with that.  The PUBLIC KEY needs to be added to the DNS
for the DOMAIN NAME.
 
In order to allow FORWARDING, without breaking DKIM, go to the DKIM SIGNING tab and select SIMPLE for the BODY and HEADER CANONICALIZATION items.
 
 select SIMPLE for the BODY and HEADER CANONICALIZATION items.
 select SIMPLE for the BODY and HEADER CANONICALIZATION items.
Now ADD the information to your DNS.  The method used to do so will vary according to your DNS provider.  In some cases, you will need to break up lines longer than 1024 characters in length.  In some cases, you will need to add quotes and special characters.  Check with your DNS provider's instructions on adding TXT records.
 
We use Microsoft's DNS, and here are what our complete entries look like in the DNS record
 
:
There are three different keys which need to be added - these are explained at https://www.unlocktheinbox.com/resources/domainkeys/
  _domainkey  3600  TXT  "o=~"
     _adsp._domainkey  3600  TXT  "dkim=all;"
     secure._domainkey  3600  TXT  "k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCYhoyoIhjIMPcTA2ZezVDxxtcgniRolCnaYMtaW+jVo/JEXfrOPuC4H6gQNyuDJGZpARBANkVOEMOBoZ7R3RdnSK00rPzRv309mSX2pxLM6F755pGVpDS0QRJ+c8aFU777cS+F3MeKyXfosOcEos742BkeHaynCZIPGeRa3gs3dwIDAQAB"
 
Once you generate the DKIM certificate in SmarterMail, and add the certificate records in DNS, you should wait a few hours and then return to the individual domains to TEST the newly created record(s).
 
This is done, once again, in SmarterMail - in the specific domain for which you have created the record by clicking on TEST DNS:
 
Click on TEST DNS to test your CERT and DNS settings. 

If all is properly configured, you will get a GREEN BAR
at the top of the screen which says, "DNS TEST SUCCESSF
UL"
 
NOTE: IF A CERT FAILS, AND IT WAS GENERATED IN SMARTERMAIL, DO NOT REGENERATE THE CERTIFICATE, CHECK YOUR DNS!

You also need to send test messages to "mailtest@unlocktheinbox.com", from each domain, and correct any errors shown in the results.   This will require an account with https://unlocktheinbox.com, so you can repeat test each domain - until you get them right.
Bruce Barnes
ChicagoNetTech Inc
brucecnt@comcast.net

Phonr: (773) 491-9019
Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting
0
HI Bruce
 
thank you very much for all the support. now I can see all the mails going to gmail inbox but no the Microsoft
 
i have one mailbox server and one free edge server (gateway server ) I install massage sniffer from ARM LABs to filter spam
 
this is my gateways server host name MailEdge01.mabuhaytravel.co.uk - local IP 172.16.12.234 and public IP 203.189.70.156
 
mail.mabuhaytravel.co.uk    A record pointed from domain panel to 203.189.70.156 IP address
 
I inform to create our ISP 203.189.70.156 - MailEdge01.mabuhaytravel.co.uk RDNS entry
 
but when I test with this link by typing domain name mabuhaytravel.co.uk or email address it show me this record and it should be related to domain registrar I believe.....so is this ok ? 
188.227.167.77 -> 77-167-227-188.rackcentre.redstation.net.uk
 
my licensed Smarter mail Entp 500Mbx run on local IP 172.16.12.235 and public IP 203.189.70.157
 
is there any issues on my setup ?
0
Complete the process to validate your mail server:
  • You said you have "setup everything except rDNS."  Setup rDNS - it is MANDITORY if you want OUTLOOK, and most of the other large ISPs to accept your e-mail.
  • Setup FEEDBACK LOOPS with all of the ISPs who require them.
  • Setup DMARC.
 
If you are uncertain then hire a tech to do the work for you, but, without doing everything, you will still be blocked on delivery by someone..
 
Running an e-mail server is not a turnkey operation -- you cannot just set it up and forget about it.  Running an e-mail server requires proper configuration and continuous monitoring - even once everything appears to be working properly.
 
This requires advanced knowledge in DNS and constant vigilance on changes to policies by the large providers - who, literally, change their rules without warning.
Bruce Barnes
ChicagoNetTech Inc
brucecnt@comcast.net

Phonr: (773) 491-9019
Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting

Reply to Thread