Google mail delivery

Barry Fields
Barry Fields used Ask the Experts™
on
We have a situation where our IPS and sometimes our SPAM filter blocks specific IP addresses that are sending mail from GMail and Google mail. In every instance these blocked IP's are on an Internet black list. Googles' solution is to white list these servers and any other Google servers (literally thousands of them), this is insane to me. I am sure others have encountered this situation and I am wondering how do you handle it.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Usevthe ptr of the senders addresses. These will all be mapped to a small number of easily identifiable domain  names
Barry FieldsIT manager

Author

Commented:
I am not sure what you mean using the ptr only returns the name of the sending server, am I missing something?
David FavorFractional CTO
Distinguished Expert 2018

Commented:
Far more information is required.

First no clue what IPS might mean. Maybe you mean your ISP or hosting company or whatever MTA is originating your email.

https://www.experts-exchange.com/questions/29165628/Sending-Email-by-getting-email-address-from-database.html provides a minimal set of steps to work toward high email deliverability.

There are many other steps also required. The above list is a great starting point.

Note: Sending email is super easy. Having email delivered is massively complex. Having email land in Inboxes is even more complex.
Exploring SharePoint 2016

Explore SharePoint 2016, the web-based, collaborative platform that integrates with Microsoft Office to provide intranets, secure document management, and collaboration so you can develop your online and offline capabilities.

Dr. KlahnPrincipal Software Engineer

Commented:
In my experience, there is Gmail, Google mail, and mail emanating from Google rent-a-servers, which are three different things.

Email from Gmail is generally trustworthy and is allowed through after SPF verification and going through normal spam filters.

Google mail, viz. mail from Google but not emanating from gmail, goes through SPF plus the normal spam filters plus checking against the major RBLs such as Spamhaus.  This kind of email is blocked from time to time via the RBLs for reasons unknown but the bans generally are cleared within a few days.

Mail emanating from Google rent-a-servers has proven to be generally spam and is now permabanned with "510 We do not accept email from this CIDR block (fill in CIDR block here).  Please send from elsewhere."

It seems to work for us.  YMMV.
I am not sure what you mean using the ptr only returns the name of the sending server, am I missing something?

multiple IPs will have identical PTRs, or at least contain a well-known character chain including the word google/gmail that is easily identifiable.

example : 87.80.249.66.in-addr.arpa domain name pointer google-proxy-66-249-80-87.google.com.
would lead you to whitelist google-proxy-*.google.com.
that should only be a handful of them to handle
if you actually trust google, you may even whitelist *.google.com as a whole

you can also grab the actual list by using the spf record which points to a number of _netbocks.google.com, _netblocks2, ... entries which contain the uptodate list of addresses.

--

that said, i do believe that google gets sometimes blacklisted for good reasons, and there is no reason why you would handle what is mostly their problem.

in the antispam world, google makes no effort. they change rules at random, reject email based on unknown and often dumb policies... and if everyone start whitelisting their IPs, they will put less effort in cleanig up spam before sending, or possibly sell the service.

either they have a problem which THEY need to solve, and will because you're not the only one, or you picked a poor blacklist.

one helpful thing could be to turn your rejections into 421 rejects ( google will attempt again and the mail will go through if they get deblacklisted in a reasonable amount of time ), or possibly turn those rejections into greylisting.
Barry FieldsIT manager

Author

Commented:
By IPS I meant Intrusion Protection
David FavorFractional CTO
Distinguished Expert 2018

Commented:
Along the lines of Dr. Klahn, seems like some sort of simple text flow explanation will be useful.

Because...

You said, "We have a situation where our IPS and sometimes our SPAM filter blocks specific IP addresses that are sending mail from GMail and Google mail."

1) IPS - runs locally (nothing to do with Gmail or any other Mailbox Provider)

2) SPAM filters - same as #1

3) Sending mail from Gmail, means #1 + #2 don't apply as Gmail != your local #1 + #2.

So... your question as asked... seems contradictory/incongruent.

A simple text flow diagram will be useful.
since your IPS act based on a blacklist, the answer is pretty much the same. But configuring an  IPS adequately may proove challenging
Barry FieldsIT manager

Author

Commented:
I totally agree with you Skullnobrains.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial