ARC Email Authentication
Question asked by Montague WebWorks - 12/21/2023 at 1:38 PM
My customers are starting to let me know about emails not getting to Gmail from my server. I know in the past many of them set up an Alias address purposefully to forward to their Gmail address. I asked them to not do that as any spam that goes through will be blamed on my server.

Today I was forwarded a bounce email from Gmail saying my email server had been throttled.
Remote Server returned: '421 4.7.28 Gmail has detected an unusual rate of unsolicited mail originating 4.7.28 from your SPF domain [xxxxxxxxxxxxxxxxxx.org      35]. To protect 4.7.28 our users from spam, mail sent from your domain has been temporarily 4.7.28 rate limited. For more information, go to 4.7.28  https://support.google.com/mail/?p=UnsolicitedRateLimitError to 4.7.28 review our Bulk Email Senders Guidelines. vy9-20020a05620a490900b0077f081e30d0si1342475qkn.657 - gsmtp'
Reporting-MTA: dns;mail.zzzzzzzzzzzzzzzzzz.com

Final-Recipient: rfc822;ssssssssssssssssss@gmail.com
Action: failed
Status: 5.0.0

How do I go about figuring out how much outgoing traffic is going to Gmail? If I search the logs on SMTP it includes both incoming and outgoing. Is there a way to view only outgoing SMTP?

Additionally, while doing some research on the subject, Google is imposing new delivery requirements for "bulk" (over 5000 emails a month) senders.

On this page, they say any Alias / forwarding sending MUST be accompanied by ARC Authentication.

Does SM have that in place?
Mik MullerMontague WebWorks

5 Replies

Reply to Thread
Tim Uzzanti Replied
Employee Post Marked As Answer
Yea, Google has been making a number of changes that are impacting mail servers and services and most won't be getting updates for a while, if at all.  Exchange 2019 does not include ARC and Microsoft pushed their next on-premise update to 2025. Office 365 just implemented it but I'm still getting bulk failures from Office365 to Gmail. In any case, we are planning to release ARC in January.
Tim Uzzanti CEO SmarterTools Inc. (877) 357-6278 www.smartertools.com
Montague WebWorks Replied
Mik MullerMontague WebWorks
Sabatino Replied
I may be repetitive but look at how it would be possible to resolve situations like this and/or protect our servers

Various solutions:

1) if the sending fails (e.g. remote Server returned: '421 4.7.28 Gmail has detected...) use the following outbound gateway (and your customers don't complain and we're all happier - of course you need a system of reporting to the server admin)

2) all messages directed to @gmail.com use the following outbound gateway

--- Advanced--- Server reputation protection

The forwarding thing is a real problem. Unfortunately, many users enter a forwarding address to gmail.com or something else
This puts the server at risk.

I would be very happy to have this function too:

1) For all forwards use the following outbound gateway

The purpose is to protect the reputation of the main SMTP server
Sabatino Traini Chief Information Officer Genial s.r.l. Martinsicuro - Italy
Douglas Foster Replied
Hoping that when ARC is enabled, that we also get flexibility for handling DMARC failures
Montague WebWorks Replied
... and some kind of integrated DMARC reporting under Troubleshooting. Maybe a special tab for tracking an individual failed email attempt all the way through its lifecycle on the system (including any external logs, ie; Declude) so we don't have to spend a half hour searching through multiple logs (both in and out of SM) and splicing their timestamps together.
Mik MullerMontague WebWorks

Reply to Thread