Emails ending up in spam folder

Discussion in 'General' started by johannes1985, Nov 16, 2018.

Tags:
  1. johannes1985

    johannes1985 Member HowtoForge Supporter

    Hi,

    Emails send fine, however it ends up in the spam folder when sending to gmail.
    I've read that it is something to do with the ptr records?

    Can someone please explain / show how to add the ptr records correctly and if there is other dns records that I also need to add?

    The domains are:
    relianx.com
    relianx.co
    petfectly.com
     
  2. Taleman

    Taleman Well-Known Member HowtoForge Supporter

  3. johannes1985

    johannes1985 Member HowtoForge Supporter

    I am running the nameservers on 2 digital ocean droplets.

    I did follow your advice on a previous thread and got everything setup perfectly:
    https://www.howtoforge.com/community/threads/cant-seem-to-get-my-own-nameservers-working.80487/

    When check intodns.com (https://intodns.com/petfectly.com, https://intodns.com/relianx.com, https://intodns.com/relianx.co) it says on all:
    Your reverse (PTR) record:
    8.78.183.68.in-addr.arpa -> web.relianx.com
    You have reverse (PTR) records for all your IPs, that is a good thing.

    the ip for web.relianx.com is 68.183.78.8

    my nameservers are ns1.relianx.com and ns2.relianx.com, ips are 142.93.99.203 and 68.183.78.224. The nameservers are working, it is just I can't wrap my head around how to do the ptr records, I did read section 1.4 multiple times now, but are still stumped.

    My current dns records is in the attached screenshot, I would really appreciate if you can give me an example of all the additional records I need to add to let the emails stop going to spam and also tell me which records I still am missing and give an example please.
     

    Attached Files:

  4. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Mails can end up in spam folder for many reasons. So setting up PTR records may not be enough to solve the problem. But mostly it is necessary for the sending mail server to have PTR record that matches the hostname the mail server uses for sending, i.e. the receiving mail server checks the PTR record for the IP address the mail is coming from matches the hostname the mail server claims to be.
    To check if PTR record matches do the following:
    Code:
    $ host mail.relianx.com.
    mail.relianx.com has address 68.183.78.8
    [email protected]:~
    $ host 68.183.78.8
    8.78.183.68.in-addr.arpa domain name pointer web.relianx.com.
    [email protected]:~
    
    I found out the mail server name from the MX record for the domain like this:
    Code:
    $ host relianx.com
    relianx.com has address 68.183.78.8
    relianx.com mail is handled by 10 mail.relianx.com.
    
    So the PTR record indeed does not match the mail server hostname, mail.relianx.com is not equal to web.relianx.com.
    To solve this, do
    Code:
    $ whois 68.183.78.8
    to see that it is Digital Ocean that manages that IP range and its reverse name service. So you have to contact Digital Ocean to fix the PTR record so it points to mail.relianx.com.
    But there is another problem with certificate for the mail server.
    Code:
    $ host mail.relianx.co
    mail.relianx.co has address 68.183.78.8
    [email protected]:~
    $ host mail.petfectly.com
    mail.petfectly.com has address 68.183.78.8
    
    You have two other mail domains, and the mail server for those is at the same IP address. To get certificates for all three mail server hostnames, you either have to have three servers, or set up a multi homed host that has three IP addresses. Till explained this recently, but I can not find the post now.
    I would choose one of the mail.* hostnames and use it for all three domains as MX record and sending mail server. Then you avoind complications and get by with one certificate.
     
  5. Taleman

    Taleman Well-Known Member HowtoForge Supporter

  6. johannes1985

    johannes1985 Member HowtoForge Supporter

    Thank you, I rechecked everything the ptr is now correct.
    There is a additional server now, mail.relianx.com, I first changed the records to web.relianx.com, but thought it would be better to have the mails on a separate server.

    The emails are sending and receiving, basically everything is working perfectly, except it still goes to spam:

    Here is a report from isnotspam.com, it shows X-Spam-Score: 3.6? Is it because petfectly.com is sending from another domain and ip than it is orignally hosted, eg. petfectly.com mail sent from mail.relianx.com?

    Code:
    ==========================================================
    Summary of Results
    ==========================================================
    
    SPF Check : pass
    Sender-ID Check : pass
    DKIM Check : pass
    SpamAssassin Check : ham (non-spam)
    ==========================================================
    Details:
    ==========================================================
    
    HELO hostname: mail.relianx.com
    Source IP: 139.59.215.181
    mail-from: [email protected]
    Anonymous To: [email protected]
    ---------------------------------------------------------
    SPF check details:
    ----------------------------------------------------------
    
    Result: pass
    ID(s) verified: [email protected]
    DNS record(s):
    petfectly.com.    3598    IN    TXT    "v=spf1 mx a ~all"
    
    
    ----------------------------------------------------------
    Sender-ID check details:
    ----------------------------------------------------------
    
    Result: pass
    
    ID(s) verified: [email protected]
    DNS record(s):
    petfectly.com.    3598    IN    TXT    "v=spf1 mx a ~all"
    
    
    ----------------------------------------------------------
    DKIM check details:
    ----------------------------------------------------------
    
    Result: pass
    ID(s) verified: [email protected]
    Selector=default
    domain=petfectly.com
    DomainKeys DNS Record=default._domainkey.petfectly.com
    
    ----------------------------------------------------------
    SpamAssassin check details:
    ----------------------------------------------------------
    SpamAssassin 3.4.1 (2015-04-28)
    
    Result: ham (non-spam) (03.6points, 10.0 required)
    
    pts rule name description
    ---- ---------------------- -------------------------------
    
    
    * 3.5 BAYES_99 BODY: Bayes spam probability is 99 to 100%
    * [score: 1.0000]
    * -0.0 SPF_PASS SPF: sender matches SPF record
    * 0.2 BAYES_999 BODY: Bayes spam probability is 99.9 to 100%
    * [score: 1.0000]
    * -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's
    * domain
    * 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
    * valid
    * -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
    * 0.0 TVD_SPACE_RATIO No description available.
    X-Spam-Status: Yes, hits=3.6 required=-20.0 tests=BAYES_99,BAYES_999,
    DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,SPF_PASS,TVD_SPACE_RATIO autolearn=no
    autolearn_force=no version=3.4.0
    X-Spam-Score: 3.6
    Here is the result for relianx.com, exactly the same score:
    Code:
    ==========================================================
    Summary of Results
    ==========================================================
    
    SPF Check : pass
    Sender-ID Check : pass
    DKIM Check : pass
    SpamAssassin Check : ham (non-spam)
    ==========================================================
    Details:
    ==========================================================
    
    HELO hostname: mail.relianx.com
    Source IP: 139.59.215.181
    mail-from: [email protected]
    Anonymous To: [email protected]
    ---------------------------------------------------------
    SPF check details:
    ----------------------------------------------------------
    
    Result: pass
    ID(s) verified: [email protected]anx.com
    DNS record(s):
    relianx.com.    3600    IN    TXT    "v=spf1 mx a ~all"
    
    
    ----------------------------------------------------------
    Sender-ID check details:
    ----------------------------------------------------------
    
    Result: pass
    
    ID(s) verified: [email protected]
    DNS record(s):
    relianx.com.    3600    IN    TXT    "v=spf1 mx a ~all"
    
    
    ----------------------------------------------------------
    DKIM check details:
    ----------------------------------------------------------
    
    Result: pass
    ID(s) verified: [email protected]
    Selector=default
    domain=relianx.com
    DomainKeys DNS Record=default._domainkey.relianx.com
    
    ----------------------------------------------------------
    SpamAssassin check details:
    ----------------------------------------------------------
    SpamAssassin 3.4.1 (2015-04-28)
    
    Result: ham (non-spam) (03.6points, 10.0 required)
    
    pts rule name description
    ---- ---------------------- -------------------------------
    
    
    * 3.5 BAYES_99 BODY: Bayes spam probability is 99 to 100%
    * [score: 1.0000]
    * -0.0 SPF_PASS SPF: sender matches SPF record
    * -0.0 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain
    * 0.2 BAYES_999 BODY: Bayes spam probability is 99.9 to 100%
    * [score: 1.0000]
    * -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's
    * domain
    * 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
    * valid
    * -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
    X-Spam-Status: Yes, hits=3.6 required=-20.0 tests=BAYES_99,BAYES_999,
    DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,RP_MATCHES_RCVD,SPF_PASS autolearn=no
    autolearn_force=no version=3.4.0
    X-Spam-Score: 3.6
    Any guess as to why it is still marked as spam?


    Here is the result from my personal email address, also a score of 3.6, however it doesn't land in gmail spam (It is hosted by another service provider and not on my test setup):
    Code:
    ==========================================================
    Summary of Results
    ==========================================================
    
    SPF Check : neutral
    Sender-ID Check : neutral
    DKIM Check : pass
    SpamAssassin Check : ham (non-spam)
    ==========================================================
    Details:
    ==========================================================
    
    HELO hostname: de-outgoing-4-7.antispam.co.za
    Source IP: 144.76.190.86
    mail-from: xxx
    Anonymous To: [email protected]
    ---------------------------------------------------------
    SPF check details:
    ----------------------------------------------------------
    
    Result: neutral
    ID(s) verified: smtp.mail=xxx
    DNS record(s):
    
    
    ----------------------------------------------------------
    Sender-ID check details:
    ----------------------------------------------------------
    
    Result: neutral
    
    ID(s) verified: smtp.mail=xxx
    DNS record(s):
    
    
    ----------------------------------------------------------
    DKIM check details:
    ----------------------------------------------------------
    
    Result: pass
    ID(s) verified: header.From=xxx
    Selector=default
    domain=out.zamailgate.com
    DomainKeys DNS Record=default._domainkey.out.zamailgate.com
    
    ----------------------------------------------------------
    DKIM check details:
    ----------------------------------------------------------
    
    Result: pass
    ID(s) verified: header.From=xxx
    Selector=default
    domain=xxx
    DomainKeys DNS Record=default._domainkey.xxx
    
    ----------------------------------------------------------
    SpamAssassin check details:
    ----------------------------------------------------------
    SpamAssassin 3.4.1 (2015-04-28)
    
    Result: ham (non-spam) (03.6points, 10.0 required)
    
    pts rule name description
    ---- ---------------------- -------------------------------
    
    
    * 3.5 BAYES_99 BODY: Bayes spam probability is 99 to 100%
    * [score: 1.0000]
    * 0.2 BAYES_999 BODY: Bayes spam probability is 99.9 to 100%
    * [score: 1.0000]
    * -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's
    * domain
    * 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
    * valid
    * -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
    * 0.0 TVD_SPACE_RATIO No description available.
    X-Spam-Status: Yes, hits=3.6 required=-20.0 tests=BAYES_99,BAYES_999,
    DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,TVD_SPACE_RATIO autolearn=no
    autolearn_force=no version=3.4.0
    X-Spam-Score: 3.6
     
    Last edited: Nov 22, 2018
  7. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Code:
    Any guess as to why it is still marked as spam?
    It is not marked as spam according to those reports you included.
    If Gmail puts it in spam, you have to find yout why GMail chooses to do so.
    According to mxtoolbox.com, 139.59.215.181 is on one blacklist.
     
  8. johannes1985

    johannes1985 Member HowtoForge Supporter

    You are correct, most likely someone who had the IP before me. I did sent an email to them, hopefully it will get removed from the list or I will just create a new droplet and check the IP against mxtoolbox.

    Thank you very much for your help so far, I appreciate it.

    My dns records are as follows:

    for Relianx.com:
    Code:
    Yes    A    mail    139.59.215.181    0    3600
    Yes    A    ns1    46.101.116.125    0    3600
    Yes    A    ns2    207.154.195.238    0    3600
    Yes    A    relianx.com.    138.68.102.198    0    3600
    Yes    A    www    138.68.102.198    0    3600
    Yes    MX    relianx.com.    mail.relianx.com.    10    3600
    Yes    NS    relianx.com.    ns1.relianx.com.    0    3600
    Yes    NS    relianx.com.    ns2.relianx.com.    0    3600
    Yes    TXT    default._domainkey.relianx.com.    v=DKIM1; t=s; p=MIIBYzSRaF9J/HQC.......    0    3600
    Yes    TXT    relianx.com.    v=spf1 mx a ~all    0    3600
    Yes    TXT    _dmarc.relianx.com.    v=DMARC1; p=reject; rua=mailto:[email protected]; ruf=mailto:[email protected]; fo=0:1:d:s    0    3600
    for petfectly.com
    Code:
    Yes    A    mail.relianx.com.    139.59.215.181    0    3600
    Yes    A    ns1.relianx.com.    46.101.116.125    0    3600
    Yes    A    ns2.relianx.com.    207.154.195.238    0    3600
    Yes    A    petfectly.com.    138.68.102.198    0    3600
    Yes    A    www    138.68.102.198    0    3600
    Yes    MX    petfectly.com.    mail.relianx.com.    10    3600
    Yes    NS    petfectly.com.    ns1.relianx.com.    0    3600
    Yes    NS    petfectly.com.    ns2.relianx.com.    0    3600
    Yes    TXT    default._domainkey.petfectly.com.    v=DKIM1; t=s; p=MIGfMA0GCSqGSIb3D.........   0    3600
    Yes    TXT    petfectly.com.    v=spf1 mx a ~all    0    3600
    Yes    TXT    _dmarc.petfectly.com.    v=DMARC1; p=reject; rua=mailto:[email protected]; ruf=mailto:[email protected]; fo=0:1:d:s    0    3600
    
    Do they look correct to you? Are there any improvements that I can do?
    Which records are necessary to get everything up and running smoothly? I noticed that on my xxx domain, that there are several records on cpanel.
     
    Last edited: Nov 22, 2018
  9. johannes1985

    johannes1985 Member HowtoForge Supporter

    I also noticed that I couldn't ping web.relianx.com, but could ping relianx.com which showed the host as web.relianx.com

    I added the following record as well:
    Code:
    A    web    138.68.102.198    0    3600
    Was it necessary to add the above record, or wouldn't it have mattered?
     
  10. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Remove the A-records for relianx.com from petfectly.com zone.
    Since you want to use the web. address, you must create the record. A-record is best in this case.
     
  11. johannes1985

    johannes1985 Member HowtoForge Supporter

    Should I remove the following from petfectly.com?
    Code:
    Yes    A    mail.relianx.com.    139.59.215.181    0    3600
    Yes    A    ns1.relianx.com.    46.101.116.125    0    3600
    Yes    A    ns2.relianx.com.    207.154.195.238    0    3600  
    I do not want to use the web. address, I just noticed that the servers fqdn is web.relianx.com, however I couldn't ping it, should I add a record for it or is it fine if I leave it?

    I also noticed on my personal email from another provider (shared hosting) that my mail name is xxx, however following your advice earlier for the ISPConfig setup, all the outgoing and incoming mail servers are mail.relianx.com for petfectly.com, relianx.co and relianx.host. is there any way I could perhaps make it mail.relianx.co, mail.petfectly.com, mail.relianx.host and let it still use mail.relianx.com to send out the emails? Would a CNAME record perhaps do the trick, i googled a bit and it seems more or less it is what I need, but an expert opinion would be appreciated?

    EDIT:: Update
    Will it work with the following:
    Code:
    mail.relianx.com.   A    139.59.215.181
    mail.petfectly.com.    A    139.59.215.181
    petfectly.com.    MX    10    mail.petfectly.com
    I got the info from https://onlinehelp.cloud.telenet.be/article.php?id=1340
    It states that mail is already a CNAME, so now I am not sure if the above would suffice without give problems later down the road or if there is another solution?

    Also on wikipedia (https://en.wikipedia.org/wiki/CNAME_record):
    Are there any thorough reference regarding dns records with examples and use cases that might be of help to me?
     
    Last edited: Nov 22, 2018
  12. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Code:
    Should I remove the following from petfectly.com?
    
    Yes. Is there a language barrier or is my writing somehow preventing understanding what I want to say?
    Code:
    I do not want to use the web. address, I just noticed that the servers fqdn is web.relianx.com, however I couldn't ping it, should I add a record for it or is it fine if I leave it?
    But you just used it for pinging. You do not have to put A record for the FQDN of the host, but I do not understand why not. It does not harm to have it there and it may prevent confusion when those hosts are used. I mean, you may for example put a sticker with hostname on the boxes, and if you do not have the name service entry it is extra work to find out which host to access.
    Code:
    that my mail name is mail.germeshuysen.co.za,
    How do you determine this is the case? If you have configured your mail host names, I do not see how it would become germeshuysen.co.za.
    Code:
    mail.relianx.com.   A    139.59.215.181
    mail.petfectly.com.    A    139.59.215.181
    petfectly.com.    MX    10    mail.petfectly.com
    Are you again writing relianx.com A records in petfectly zone?
    Code:
    Are there any thorough reference regarding dns records with examples and use cases that might be of help to me?
    The book DNS and Bind by Albitz and Liu. That is what I use.
    I think you should contact a consultant to set up name service and mail servers for you. There is Business Support on this page: https://www.ispconfig.org/support/
     
  13. johannes1985

    johannes1985 Member HowtoForge Supporter

    Thank you for you troubles in assisting me.
     

Share This Page