Netaffairs
asked on
Mail to hotmail.com is marked as spam
Hello,
Every mail to hotmail.com from our website is marked as spam by Hotmail. If somebody fills in the form the email is relayed to a SMTP server and send to Hotmail. I added a SPF record and SPF2(sender id) record for the website domainname. The mail is send with ...@websitedomainname.
Can somebody help me out?
Every mail to hotmail.com from our website is marked as spam by Hotmail. If somebody fills in the form the email is relayed to a SMTP server and send to Hotmail. I added a SPF record and SPF2(sender id) record for the website domainname. The mail is send with ...@websitedomainname.
Can somebody help me out?
What does your SPF record look like? IMO drop the Sender ID, but that isn't the source of your problem (unless it's a typo), so I guess paste that one too for now.
ASKER
My SPF records are:
domain.com. TXT "spf2.0/pra a mx ip4:1.2.3.4/24 ip4:1.2.3.4/24 ip4:1.2.3.4/24 -all"
domain.com. TXT "v=spf1 a mx ip4:1.2.3.4/24 ip4:1.2.3.4/24 ip4:1.2.3.4/24 -all"
domain.com. TXT "spf2.0/pra a mx ip4:1.2.3.4/24 ip4:1.2.3.4/24 ip4:1.2.3.4/24 -all"
domain.com. TXT "v=spf1 a mx ip4:1.2.3.4/24 ip4:1.2.3.4/24 ip4:1.2.3.4/24 -all"
Wow those are some big CIDR's for SPF :p Do your A and MX records fall into those ranges? If so, remove those mechanisms IMO.
Do you know what the envelope MAIL FROM domain is? Are you 100% certain it's domain.com ? envelope MAIL FROM domain is what the receiving server uses to query for an SPF TXT record.
I know for a fact that Microsoft (hotmail/live.com/etc) caches SPF results. How much time between your test without SPF then your test after adding it?
What do the headers look like for Authentication results from gmail?
Signing your mails with DKIM is always good practice btw, but that shouldn't be the issue here.
Do you know what the envelope MAIL FROM domain is? Are you 100% certain it's domain.com ? envelope MAIL FROM domain is what the receiving server uses to query for an SPF TXT record.
I know for a fact that Microsoft (hotmail/live.com/etc) caches SPF results. How much time between your test without SPF then your test after adding it?
What do the headers look like for Authentication results from gmail?
Signing your mails with DKIM is always good practice btw, but that shouldn't be the issue here.
ASKER
Thanks for your reply.
Do you know what the envelope MAIL FROM domain is? Are you 100% certain it's domain.com ? envelope MAIL FROM domain is what the receiving server uses to query for an SPF TXT record.
The form is relayed to an external smtp server with a different domainname. In the headers of the hotmail message i see the form from e-mail address
I know for a fact that Microsoft (hotmail/live.com/etc) caches SPF results. How much time between your test without SPF then your test after adding it?
I added the spf2 record this morning(12 hours ago) and fill in the form to let Microsoft know.
What do the headers look like for Authentication results from gmail?
Received-SPF: pass (google.com: best guess record for domain of
Do you know what the envelope MAIL FROM domain is? Are you 100% certain it's domain.com ? envelope MAIL FROM domain is what the receiving server uses to query for an SPF TXT record.
The form is relayed to an external smtp server with a different domainname. In the headers of the hotmail message i see the form from e-mail address
I know for a fact that Microsoft (hotmail/live.com/etc) caches SPF results. How much time between your test without SPF then your test after adding it?
I added the spf2 record this morning(12 hours ago) and fill in the form to let Microsoft know.
What do the headers look like for Authentication results from gmail?
Received-SPF: pass (google.com: best guess record for domain of
In the headers of the hotmail message i see the form from e-mail addressFYI there are 2 From's, envelope and body -- make sure you are seeing the correct one.
I added the spf2 record this morning(12 hours ago) and fill in the form to let Microsoft know.I would drop spf2 entirely -- are you saying that the spf1 record was already there prior to 12 hours ago? All you added was spf2?
Received-SPF: pass (google.com: best guess record for domain ofThat's not what we want to see, we don't want to see "best guess" in there, even if it passes.
An example from an EE mail to my gmail:
Authentication-Results: mx.google.com; spf=pass (google.com: domain of noreply@experts-exchange.com designates 64.156.132.142 as permitted sender) smtp.mail=noreply@experts-exchange.com
That's what it should look like -- "google.com: domain of noreply@experts-exchange.c
One more thing
The form is relayed to an external smtp server with a different domainname.Is that SMTP server the final hop before sending to the internet? Are all IP's that server uses to send mail in your SPF record for domain.com ?
ASKER
OK I removed the spf2 record and now i get the correct message from google but the mail is still marked as spam by hotmail.
I verified its the correct envelope MAIL FROM address. The SMTP server is the final hop and the ips are in the spf record.
I verified its the correct envelope MAIL FROM address. The SMTP server is the final hop and the ips are in the spf record.
Cool, progress.
Now that authentication is settled, let's move on to why you are still getting tossed into the spam folder. Check out your reputation at SenderBase and Sender Score.
Now that authentication is settled, let's move on to why you are still getting tossed into the spam folder. Check out your reputation at SenderBase and Sender Score.
ASKER
I already did that the results are:
SenderBase: Email Reputation Score: Good
Sender Score: 92
Seems to me no problems
SenderBase: Email Reputation Score: Good
Sender Score: 92
Seems to me no problems
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hello Papertrip,
I contacted MS/Hotmail and they replied to me within 24 hours. They made a fix and it all works within 48 hours.
We're testing DKIM on our test servers and it all works.
Thanks for your help.
I contacted MS/Hotmail and they replied to me within 24 hours. They made a fix and it all works within 48 hours.
We're testing DKIM on our test servers and it all works.
Thanks for your help.
Awesome!
If you want help with DKIM and SPF best practices, let me know.... Your SPF record could use some fine tuning.
If you want help with DKIM and SPF best practices, let me know.... Your SPF record could use some fine tuning.
Hi Netaffairs,
If you have a moment can you please close this question and assign points?
Thanks!!
If you have a moment can you please close this question and assign points?
Thanks!!
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.