# host 1.2.3.4
4.3.2.1.in-addr.arpa domain name pointer mail.domain.vn.
# dig +short txt domain.vn
"v=spf1 a mx ptr -all"
# dig +short txt mail.domain.vn
"v=spf1 a -all"
Here's an email header that is marked as Spam:
Delivered-To: x@gmail.com
Received: by 10.223.30.6 with SMTP id s6csp119326fac;
Sat, 19 May 2012 22:16:56 -0700 (PDT)
Received: by 10.68.218.72 with SMTP id pe8mr55329860pbc.45.1337491015749;
Sat, 19 May 2012 22:16:55 -0700 (PDT)
Return-Path:
Received: from mail.domain.vn (mail.domain.vn. [1.2.3.4])
by mx.google.com with ESMTP id on9si20572118pbc.80.2012.05.19.22.16.53;
Sat, 19 May 2012 22:16:54 -0700 (PDT)
Received-SPF: pass (google.com: domain of anonymous@domain.vn designates 1.2.3.4 as permitted sender) client-ip=1.2.3.4;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of anonymous@domain.vn designates 1.2.3.4 as permitted sender) smtp.mail=anonymous@domain.vn; dkim=pass header.i=@mail.domain.vn
Received: from [192.168.1.98] (unknown [113.168.221.170])
by mail.domain.vn (Postfix) with ESMTP id A8668BFB017E
for ; Sun, 20 May 2012 12:16:52 +0700 (ICT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mail.domain.vn;
s=domain; t=1337491012;
bh=xeWEA29llkhrwCuYBQwWIkwsgpy5OY/Y/H4z1kGGqQo=;
h=Message-ID:Date:From:MIME-Version:To:Subject:Content-Type;
b=RZeb6BnXRbfSmU4V/SPWtbCKgIbMs19V/CmtkMO4XnA4tnom0Iip/52IvYiS86Fki
ZyFob5CoqOj5AJ4jLe5wDB2OcrAtuhhJsgGL6bkDy6PW1W9jW99FxuUN+dZsw/Q0Xb
Z8gSgUARIR6+M4nH8ziGJJB7z/Jimo68FIo8kw1o=
Message-ID: <4FB87E2C.2030909@domain.vn>
Date: Sun, 20 May 2012 12:16:28 +0700
From: Anonymous
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:10.0.1) Gecko/20120308 Thunderbird/10.0.1
MIME-Version: 1.0
To: x@gmail.com
Subject: inbox or spam
Content-Type: multipart/alternative;
boundary="------------000702010609020201020909"
My IP address is not listed in Spamhaus's SBL, PBL, XBL.
I can send mail to Yahoo Inbox normally.
Anything else should I check?
UPDATE: Fri May 25 14:35:15 ICT 2012
My IP address used to be listed in the Spamhaus PBL. It sounds like Google update the PBL slower than Yahoo. I have to wait 24-48 hours to see my email going to Gmail Inbox.
Now is another problem: My developer need to rewrite the sender to different domain, ex: noreply@anotherdomain.vn. I've created the SPF record for this one:
$ dig +short txt anotherdomain.vn
"v=spf1 ip4:mail.server.ip.address ~all"
and edited the main.cf to something like this:
/etc/postfix/main.cf:
smtpd_sender_restrictions =
permit_sasl_authenticated
permit_mynetworks
check_sender_access hash:/etc/postfix/sender_access
/etc/postfix/sender_access:
anotherdomain.vn OK
Creating the hash db file, reloading the Postfix and sending a testing mail to Google but it go to Spam:
Received-SPF: pass (google.com: domain of noreply@anotherdomain.vn designates 1.2.3.4 as permitted sender) client-ip=1.2.3.4;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of noreply@anotherdomain.vn designates 1.2.3.4 as permitted sender) smtp.mail=noreply@anotherdomain.vn; dkim=pass header.i=@mail.domain.vn
Beneath the subject line, I see this:
mailed-by: anotherdomain.vn
signed-by: mail.domain.vn
Do I must to configure anything else for anotherdomain.vn?
Reply to @John Gardeniers:
I've generated another key pair for anotherdomain.vn. Edited /etc/opendkim/KeyTable and /etc/opendkim/SigningTable, add the public key to DNS, ... and here's the new header:
Delivered-To: x@gmail.com
Received: by 10.223.30.6 with SMTP id s6csp472554fac;
Fri, 25 May 2012 08:33:55 -0700 (PDT)
Received: by 10.68.203.40 with SMTP id kn8mr33031655pbc.162.1337960033592;
Fri, 25 May 2012 08:33:53 -0700 (PDT)
Return-Path:
Received: from mail.domain.vn (mail.domain.vn. [x.x.x.x])
by mx.google.com with ESMTPS id ir6si6494603pbc.292.2012.05.25.08.33.51
(version=TLSv1/SSLv3 cipher=OTHER);
Fri, 25 May 2012 08:33:52 -0700 (PDT)
Received-SPF: pass (google.com: domain of noreply@anotherdomain.vn designates x.x.x.x as permitted sender) client-ip=x.x.x.x;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of noreply@anotherdomain.vn designates x.x.x.x as permitted sender) smtp.mail=noreply@anotherdomain.vn; dkim=pass header.i=@anotherdomain.vn
Received: from mail.domain.vn (mail.domain.vn [127.0.0.1])
by mail.domain.vn (Exchange Server) with ESMTP id 978FFBFB019D
for ; Fri, 25 May 2012 22:33:49 +0700 (ICT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=anotherdomain.vn;
s=xxx; t=1337960029;
bh=qfxlWfMGs8sEsiA6P/+nz3wGHymeJRPwzSRAcM0IwrM=;
h=Date:From:To:Subject:Reply-To:Message-ID:Mime-Version:
Content-Type;
b=UyV+F3c6cBLs8RPcf+vfeXLfX5sVERRP2Nv4Oya3Ca7Nt29YBN3wBM7cixPFg4jNw
++G/ueOGvQWWs+NdF0pB6zesf6WHVvixRvqZsLbmgyGBPbPgLv02Pn1wrW8t8gsZUg
snB5xvVdcYzrhym/ALxdwc2qYkapo4YwZRMsH/og=
Received: from webserver.hostname.vn (hostname [y.y.y.y])
by mail.domain.vn (Exchange Server) with ESMTP id 7A09EBFB0181
for ; Fri, 25 May 2012 22:33:49 +0700 (ICT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=anotherdomain.vn;
s=selector; t=1337960029;
bh=FWgVv5TXS9iT+yQB2k4/8O/fCcyX2ZhMJstt6RnzW38=;
h=Date:From:To:Subject:Reply-To:Message-ID:Mime-Version:
Content-Type;
b=lcq2y13ZRNIfHzEU/vsfWpb9uo86rJnEtKtY2I3mUQOsV9lmejJamxxaYspCHWSCI
hcxbqFitvFn0rD3X3uMsLTrmb+fPX24Bk0s/20DYmKuTb3/C6RC7ya7t0ZzgXOKTBV
jYZ8gKpG1gwG38Mc+8oMmfhWi5TqQqtk6Ole4KW4=
User-Agent: CodeIgniter
Date: Fri, 25 May 2012 22:33:49 +0700
From: "No-Reply"
To: x@gmail.com
Subject: =?utf-8?Q?=c4=90=c4=83ng_k=c3=bd_th=c3=a0nh_vi=c3=aan?=
Reply-To: "noreply@anotherdomain.vn"
X-Sender: noreply@anotherdomain.vn
X-Mailer: CodeIgniter
X-Priority: 3 (Normal)
Message-ID: <4fbfa65d6734f@domain.vn>
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="B_ALT_4fbfa65d682f1"
X-Virus-Scanned: ClamAV using ClamSMTP
The mailed-by and signed-by are already point to the same domain:
mailed-by: anotherdomain.vn
signed-by: anotherdomain.vn
but it is still flagged as spam by Google.
UPDATE: Sat May 26 13:38:58 ICT 2012
I've 'borrowed' a mail server from different department which is working fine. Belows is the header when sending an email (goes to Inbox):
Delivered-To: x@gmail.com
Received: by 10.182.7.136 with SMTP id j8csp194826oba;
Fri, 25 May 2012 21:23:14 -0700 (PDT)
Received: by 10.68.231.36 with SMTP id td4mr3649336pbc.141.1338006193731;
Fri, 25 May 2012 21:23:13 -0700 (PDT)
Return-Path:
Received: from example.vn ([public.ip])
by mx.google.com with ESMTPS id hc10si8220019pbc.121.2012.05.25.21.23.13
(version=TLSv1/SSLv3 cipher=OTHER);
Fri, 25 May 2012 21:23:13 -0700 (PDT)
Received-SPF: softfail (google.com: domain of transitioning noreply@anotherdomain.vn does not designate public.ip as permitted sender) client-ip=public.ip;
Authentication-Results: mx.google.com; spf=softfail (google.com: domain of transitioning noreply@anotherdomain.vn does not designate public.ip as permitted sender) smtp.mail=noreply@anotherdomain.vn
Received: from anotherdomain.vn (unknown [private.ip])
(Authenticated sender: noreply@anotherdomain.vn)
by example.vn (Postfix) with ESMTP id 2A55B680292
for ; Sat, 26 May 2012 11:23:11 +0700 (ICT)
X-DomainKeys: Sendmail DomainKeys Filter v1.0.2 x.vn 2A55B680292
X-DKIM: Sendmail DKIM Filter v2.8.3 x.vn 2A55B680292
User-Agent: CodeIgniter
Date: Sat, 26 May 2012 11:23:10 +0700
From: "x"
To: x@gmail.com
Subject: =?utf-8?Q?=c4=90=c4=83ng_k=c3=bd_th=c3=a0nh_vi=c3=aan?=
Reply-To: "noreply@anotherdomain.vn"
X-Sender: noreply@anotherdomain.vn
X-Mailer: CodeIgniter
X-Priority: 3 (Normal)
Message-ID: <4fc05aae7a7b7@anotherdomain.vn>
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="B_ALT_4fc05aae7aba0"
What surprised me is spf=softfail.
UPDATE: Mon May 28 10:36:06 ICT 2012
I've been trying with another domain which has neither SPF nor OpenDKIM's SigningTable. In the /var/log/maillog I see something like this:
opendkim[22200]: (unknown-jobid): no signing table match for 'noreply@sub.anotherdomain.vn'
There are no signed-by and mailed-by in the 'Show details' section but that email goes to Inbox (both of Google and Yahoo).
I really have no ideas how does the Google spam filter mechanism work.
No comments:
Post a Comment