Hi there,

Thank you for getting in touch with the community. One thing that can sometimes work is sending an email to yourself and marking it as not spam. Also, in Gmail, you can click the three dots on the message, select "show original," and check for any issues listed there. After a few accounts mark it as not spam, it should start delivering to the inbox. Another thing to check is if your IP is on any RBL blacklists. You can check that on mxtoolbox.

Best regards,

I had that problem all year. Upgraded to latest smartermail (well the June build), set up signatures with that built was very easy: THANK YOU!!!... 

We had to use GMail accounts to reduce the problem, but would love to fix this issue in SmarterMail.

I love the new SSL certificate Gizmo inside smarter mail... 

Will get back on this. I came here now, just to figure out how I can make TLS work. It is on for all domains if the other server allows it... but I do not think it works properly on my install (older windows 2012R server).

Diego,

As I understand things, Windows 2012 R2 has support for TLS 1.0 and 1.1 by default. It also supports TLS 1.2, but you would need to manually enable it on your server. I do not believe that Windows 2012 R2 has support for TLS 1.3.

Since TLS 1.0 and 1.1 are deprecated, most servers do not support connections with those versions. If TLS 1.2 is not enabled on your server, it is likely you server will have a difficult time establishing secure connections. Even with TLS 1.2 enabled, you could have issues connecting to servers that only support TLS 1.3.

Thank you Andrew, I am still trying to understand. I would be ok with TLS 1.1 working.
For example I activated the SSL automatic feature with let's encrypt, I got 11 .mail certificates for my domains.
I activated the TLS 1.1 protocol allowed by my server.

In theory it would be great to have some sort of automation. and I am sure you did automate but probably something is broken for 2012R.
For example... what do I do in Bindings->ports...
I have the option to activate TLS on the smpt port. I have to provide a certificate path and a password. However…
c:\SmarterMail\Certificates returns the error: Certificate Not Found
Physically the certificates are there for mail.mydomain.com.pfx but cannot activate on the port.

In IIS my smarter mail bindings are to port 443 and 80.

The automated generated certificates are good for all: mail.mydomain.com
for smtp.mydomain.com on the certificate I see the error “inaccessible through HTTP”.
More specifically:

smtp.mydomain.com
The hostname for this site is not bound to this SmarterMail instance when navigating to it through HTTP. This is necessary to verify ownership for the certificate.
The certificate is being managed by Let's Encrypt.
Domain: mail.mydomain.com

So… how in the world do I activate TLS for those ports?
If I try to create a new port in the panel Bindings->ports I cannot.
Any idea/suggestion is appreciated… I am going by trial and error without any knowledge of what I am doing at the moment.

There was another issue on "certificate not found" but the gentleman that had the problem moved to another server and did not need the answer anymore so it was closed.

Hello, could I have you try to create a blank/wildcard binding in IIS? The binding itself would be HTTP with an empty hostname and All Unassigned IP's selected. In order to be able to save it you need to enter some text into the hostname field and then delete it. Once you have the wildcard binding, could I have you try to resolve conflicts again?

Hello Ray, it was good that you asked, because I went to look at the bindings. They were generated by smartermail automatically. One of the binding on the smartermail site is localhost pointing at port 9998.

Is it ok? It could be a leftover from an old installation... I mean... a very very old installation...

What should I do with that before we do anything else... because one inner voice tells me that it might need fixing...? I am very often wrong of course...

You should be ok to leave the 9998 binding as it should still behave the same way as port 80 (requiring authentication to enter). 

OK, when I create http with empty host name, it says that the binding *:80 is assigned to another site... are you sure you want to add this duplicate binding?

There is the default website of IIS that is using it... 

Do we want to try to duplicate the binding?

If you aren't using the default site in IIS, you should be able to remove it entirely. I would verify with your bindings that nothing is actually using that site before removing it.

Will do it at night... if anything happens, tomorrow morning will act surprised and blame hackers... 

:-)

Joking, I will do it tonight to avoid disruptions, I usually work on computers at night.  I can stop the default site tonight and play around to see if everything works and then proceed with recreating that binding in Smartermail. Anything I should check/expect/do/try?

I see also few rules that were created automatically in smartermail site in IIS... should I touch them/disable/test anything else?

And... thank you for your help and patience...

Haha, probably for the best to leave that until night. You should be ok to leave the URL Rewrite rules that are added to IIS as they shouldn't interfere with anything vital.

We seem to have gone a bit off-topic here.

So, I've checked blacklists and all settings and I seem ok.

What it looks like I need to do is get some Gmail accounts to mark my emails as not spam to get the emails to start delivering to the inboxes.

Also maybe adding the sender to the address book in Gmail?

What we seem to be saying is that even if everything is set up correctly, emails will still go into spam with Gmail and a few others until people start trusting those emails?

I do use one domain for sending emails that's not the same as the sending email domains. It's like a default SSL like mail.ssldomain.com as a pose to the actual sending email domain's own SSL. Could this cause issues?

e.g.

test@somedomain.com sends using mail.ssldomain.com

test@anotherdomain.com sends using mail.ssldomain.com

etc.

Is this what the "SSL Automatic Certificates" area is for?

Does that allow us to create SSL's on each of the domains from the one SSL I already have?

Correct, we've seen countless times in the past where new/moved/? domains struggle with the internal filters over there at Gmail. You can pass SPF/DKIM/DMARC/etc and most of the time you're going to land in the Inbox - but every once in a while - their filters take issue with a domain and additional steps are necessary to resolve it. We've corrected this for customers in the past with the method Zach noted by sending messages to test Gmail accounts and then clicking the Not Spam/Not Junk option on those messages. After a few of those you should stop seeing their filter force your messages into junk mail.