?
Solved

Mail to hotmail.com is marked as spam

Posted on 2011-09-15
15
Medium Priority
?
626 Views
Last Modified: 2012-05-12
Hello,

Every mail to hotmail.com from our website is marked as spam by Hotmail. If somebody fills in the form the email is relayed to a SMTP server and send to Hotmail. I added a SPF record and SPF2(sender id) record for the website domainname. The mail is send with ...@websitedomainname.

Can somebody help me out?
0
Comment
Question by:Netaffairs
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 5
15 Comments
 
LVL 21

Expert Comment

by:Papertrip
ID: 36543844
What does your SPF record look like?  IMO drop the Sender ID, but that isn't the source of your problem (unless it's a typo), so I guess paste that one too for now.
0
 

Author Comment

by:Netaffairs
ID: 36544497
My SPF records are:
domain.com.      TXT      "spf2.0/pra a mx ip4:1.2.3.4/24 ip4:1.2.3.4/24 ip4:1.2.3.4/24 -all"      
domain.com.      TXT      "v=spf1 a mx ip4:1.2.3.4/24 ip4:1.2.3.4/24 ip4:1.2.3.4/24 -all"
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36544570
Wow those are some big CIDR's for SPF :p  Do your A and MX records fall into those ranges?  If so, remove those mechanisms IMO.

Do you know what the envelope MAIL FROM domain is?  Are you 100% certain it's domain.com ?  envelope MAIL FROM domain is what the receiving server uses to query for an SPF TXT record.

I know for a fact that Microsoft (hotmail/live.com/etc) caches SPF results.  How much time between your test without SPF then your test after adding it?

What do the headers look like for Authentication results from gmail?

Signing your mails with DKIM is always good practice btw, but that shouldn't be the issue here.
0
Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

 

Author Comment

by:Netaffairs
ID: 36544702
Thanks for your reply.

Do you know what the envelope MAIL FROM domain is?  Are you 100% certain it's domain.com ?  envelope MAIL FROM domain is what the receiving server uses to query for an SPF TXT record.
The form is relayed to an external smtp server with a different domainname. In the headers of the hotmail message i see the form from e-mail address

I know for a fact that Microsoft (hotmail/live.com/etc) caches SPF results.  How much time between your test without SPF then your test after adding it?
I added the spf2 record this morning(12 hours ago) and fill in the form to let Microsoft know.

What do the headers look like for Authentication results from gmail?
Received-SPF: pass (google.com: best guess record for domain of
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36544853
In the headers of the hotmail message i see the form from e-mail address
FYI there are 2 From's, envelope and body -- make sure you are seeing the correct one.
I added the spf2 record this morning(12 hours ago) and fill in the form to let Microsoft know.
I would drop spf2 entirely -- are you saying that the spf1 record was already there prior to 12 hours ago?  All you added was spf2?
Received-SPF: pass (google.com: best guess record for domain of
That's not what we want to see, we don't want to see "best guess" in there, even if it passes.

An example from an EE mail to my gmail:
Authentication-Results: mx.google.com; spf=pass (google.com: domain of noreply@experts-exchange.com designates 64.156.132.142 as permitted sender) smtp.mail=noreply@experts-exchange.com

Open in new window


That's what it should look like -- "google.com: domain of noreply@experts-exchange.com designates 64.156.132.142 as permitted sender".  Also the smtp.mail that Google adds there is the envelope MAIL FROM, that is the domain that needs to match domain.com

0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36544884
One more thing
The form is relayed to an external smtp server with a different domainname.
Is that SMTP server the final hop before sending to the internet?  Are all IP's that server uses to send mail in your SPF record for domain.com ?
0
 

Author Comment

by:Netaffairs
ID: 36547608
OK I removed the spf2 record and now i get the correct message from google but the mail is still marked as spam by hotmail.

I verified its the correct envelope MAIL FROM address. The SMTP server is the final hop and the ips are in the spf record.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36547692
Cool, progress.

Now that authentication is settled, let's move on to why you are still getting tossed into the spam folder.  Check out your reputation at SenderBase and Sender Score.
0
 

Author Comment

by:Netaffairs
ID: 36547720
I already did that the results are:
SenderBase: Email Reputation Score:      Good
Sender Score: 92

Seems to me no problems
0
 
LVL 21

Accepted Solution

by:
Papertrip earned 2000 total points
ID: 36547750
Unfortunately we are almost to the point of having to contact hotmail, and man I don't envy you if you have to.

Fortunately there is one more thing we can try, signing with DKIM.

Now this is something I would highly recommend regardless of any current deliverability problems.  I would expect that this extra layer of authenticity will be able place you in the inbox.  I would post some links from Google, but you seem to be pretty clued, so setup DKIM signing in postfix and test with gmail, checking the auth results.  I am however happy to assist with that part as well.

I can review and give best practices for both your DKIM signing options as well as the format of your DNS record.
0
 

Author Comment

by:Netaffairs
ID: 36579421
Hello Papertrip,

I contacted MS/Hotmail and they replied to me within 24 hours. They made a fix and it all works within 48 hours.

We're testing DKIM on our test servers and it all works.

Thanks for your help.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36581890
Awesome!

If you want help with DKIM and SPF best practices, let me know.... Your SPF record could use some fine tuning.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36998259
Hi Netaffairs,

If you have a moment can you please close this question and assign points?

Thanks!!
0
 
LVL 15

Expert Comment

by:Jeff Perkins
ID: 37718979
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Understanding Linux Permissions

Linux for beginners: How to view the permissions associated with files and directories and also how you can change them.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preparing an email is something we should all take special care with – especially when the email is for somebody you may not know very well. The pressures of everyday working life stacked with a hectic office environment can make this a real challen…
Sometimes clients can lose connectivity with the Lotus Notes Domino Server, but there's not always an obvious answer as to why it happens.   Read this article to follow one of the first experiences I had with Lotus Notes on a client's machine, my…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses
Course of the Month7 days, 20 hours left to enroll

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question