Problems with Gmail, Yagoo and Hotmail

Discussion in 'Server Operation' started by andresmontanez, Nov 2, 2007.

  1. andresmontanez

    andresmontanez New Member

    Hello everyone;

    I have a "big" problem. Mails from my server are marked as SPAM by Yahoo and Gmail; Hotmail says it's accepted but never delivered.

    I have SPF and DomainKeys working; I had tryed the postmasters of the three providers but nothing. The IP address is clean; and the mails marked are just test mails (eg: Subject: Test number one; plus a few words as body).

    Yahoo, the only one who replyed something interesting (Hotmail saied "check the Internet Explorer Options", and Gmail sayed "it's spam but I can't telly why)... sended me an email saying:

    "The sender seems to have forged your email address in the "reply-to"
    and/or the "from" field of the message they sent out. Please know that
    we are currently aware of this type of spam and are investigating it."

    I don't know why, this is an example of the mails sended and marked as Spam; and everything seems Fine for my Eye;; anyone can see something more?

    Thanks...


    ########## begin sended mail ##########
    Delivered-To: stonetree.technologies@gmail.com
    Received: by 10.142.192.1 with SMTP id p1cs98342wff;
    Thu, 1 Nov 2007 18:24:29 -0700 (PDT)
    Received: by 10.141.79.12 with SMTP id g12mr618936rvl.1193966669497;
    Thu, 01 Nov 2007 18:24:29 -0700 (PDT)
    Return-Path: <info@stonetree.com.uy>
    Received: from excelsior.stonetree.com.uy (excelsior.stonetree.com.uy [71.6.135.103])
    by mx.google.com with ESMTP id b39si4293699rvf.2007.11.01.18.24.27;
    Thu, 01 Nov 2007 18:24:29 -0700 (PDT)
    Received-SPF: pass (google.com: domain of info@stonetree.com.uy designates 71.6.135.103 as permitted sender) client-ip=71.6.135.103;
    DomainKey-Status: good
    Authentication-Results: mx.google.com; spf=pass (google.com: domain of info@stonetree.com.uy designates 71.6.135.103 as permitted sender) smtp.mail=info@stonetree.com.uy; domainkeys=pass header.From=info@stonetree.com.uy
    Received: from excelsior.stonetree.com.uy (localhost.localdomain [127.0.0.1])
    by excelsior.stonetree.com.uy (Postfix) with ESMTP id 9F2D78004
    for <stonetree.technologies@gmail.com>; Thu, 1 Nov 2007 23:24:05 -0200 (UYST)
    DomainKey-Signature: a=rsa-sha1; h=Received:Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:Content-Type:Content-Transfer-Encoding; b=ozvD8mp5E/Z6OcGL+TBrp3PiqA4ruTjrBS/+YN5x5AEHmCqZVoS7clPAW/EEqE0wf/qaMjbP/qV1hQ0iAaMkur25JgSL1WYpACNdII9eCUAwCAva/Ws7lwg548q/zDfi8UDHApC/qs95nhvldjCwt2HKNeKd8mAloW1X5FQfJoQ=; c=nofws; d=stonetree.com.uy; q=dns; s=dk
    Received: from [192.168.0.150] (r190-64-159-48.dialup.adsl.anteldata.net.uy [190.64.159.48])
    (Authenticated sender: info@stonetree.com.uy)
    by excelsior.stonetree.com.uy (Postfix) with ESMTP id 4D8137FCC
    for <stonetree.technologies@gmail.com>; Thu, 1 Nov 2007 23:23:57 -0200 (UYST)
    Message-ID: <472A7C23.40509@stonetree.com.uy>
    Date: Thu, 01 Nov 2007 23:23:47 -0200
    From: Stonetree Technologies <info@stonetree.com.uy>
    User-Agent: Thunderbird 2.0.0.6 (X11/20071022)
    MIME-Version: 1.0
    To: stonetree.technologies@gmail.com
    Subject: Prueba dos
    Content-Type: text/plain; charset=ISO-8859-1; format=flowed
    Content-Transfer-Encoding: 7bit

    cambio mydomain
    ########## end sended mail ##########
     
  2. falko

    falko Super Moderator

  3. andresmontanez

    andresmontanez New Member

    All the IPs of the server are Clean (not blacklisted) and they are all in the SPF.
    Gmail says DomainKeys Passed; and SPF Passed.

    I tryed to contact all providers; and the only one who replyed was Yahoo; saying the above message (forged from or reply-to)... any idea if this is a Postfix problem with authentication?

    Thanks.
     
  4. falko

    falko Super Moderator

    Does this happen as well when you send that mail from mail.stonetree.com.uy (the mail shown here seems to have been sent form a different server)?
     
  5. andresmontanez

    andresmontanez New Member

    I had made a few adjustemns, sent a mail to Yahoo, it was delivered to SPAM folder... the headers are the folowing:

    ########## BEGIN HEADER ##########
    From Stonetree Technologies Sun Nov 4 12:46:29 2007
    Return-Path: <info@stonetree.com.uy>
    Authentication-Results: mta323.mail.re4.yahoo.com from=stonetree.com.uy; domainkeys=pass (ok)
    Received: from 66.240.194.76 (EHLO mx.excelsior.stonetree.com.uy) (66.240.194.76)
    by mta323.mail.re4.yahoo.com with SMTP; Sun, 04 Nov 2007 12:46:36 -0800
    Received: from mx.excelsior.stonetree.com.uy (localhost [127.0.0.1])
    by mx.excelsior.stonetree.com.uy (Postfix) with ESMTP id 97C668004
    for <stonetree.technologies@yahoo.com>; Sun, 4 Nov 2007 18:46:35 -0200 (UYST)
    DomainKey-Signature: a=rsa-sha1; h=Received:Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:Content-Type:Content-Transfer-Encoding; b=0V4+YuxKRwWUBN8NJiwbT55sxNf7v3Igzx8yPYGxf6Go7gKAmwZ+CASrlHomm+jc3Rn5eQWQQcY/Ym5raVF9wWnLhpXsDSZiqFbIlqoWlO0zzMtdh+v/JUs6Etx/lviiZOdh+L/26MWNbhrh7sjaBLgEWiK4pWwG03HWK89AkPQ=; c=nofws; d=stonetree.com.uy; q=dns; s=dk
    Received: from [192.168.0.150] (r190-64-149-60.dialup.adsl.anteldata.net.uy [190.64.149.60])
    (Authenticated sender: info@stonetree.com.uy)
    by mx.excelsior.stonetree.com.uy (Postfix) with ESMTP id CC0977FCB
    for <stonetree.technologies@yahoo.com>; Sun, 4 Nov 2007 18:46:34 -0200 (UYST)
    Message-ID: <472E2FA5.6020705@stonetree.com.uy>
    Date: Sun, 04 Nov 2007 18:46:29 -0200
    From: Stonetree Technologies <info@stonetree.com.uy>
    User-Agent: Thunderbird 2.0.0.6 (X11/20071022)
    MIME-Version: 1.0
    To: stonetree.technologies@yahoo.com
    Subject: Prueba de mail
    Content-Type: text/plain; charset=ISO-8859-1; format=flowed
    Content-Transfer-Encoding: 7bit
    Content-Length: 41
    ########## END HEADER ##########

    The MX record for the domain "stonetree.com.uy" is "mx.excelsior.stonetree.com.uy"; it is in the SPF; everthing is OK.

    I have Postfix with Virtual Domains; all domains has the MX to "mx.excelsior.stonetree.com.uy".

    All the IP Addresses are clean (not blacklisted).

    Any idea why Google and Yahoo mark the mails as Spam? Or why Hotmail doesn't deliver the massage (even if the logs says otherwise).

    The messages content is rubish (eg: "This is a testing mail").

    Could be somthing wrong configured in the postfix + virtual domains?
     
  6. edge

    edge HowtoForge Supporter

    Try again. When I did (long time ago) they all did reply and told me they added my domains to an ok** list.
    **With Hotmail (MSN) it's called Sender ID program. I forgot the name from Yahoo.
     
  7. chuckl

    chuckl New Member

    I would guess that this is your problem:

    Looks like mail relaying, it's from a home broadband account, and to any of the big boys, thats spam.
     
  8. edge

    edge HowtoForge Supporter

    Thats a good find! Now why did I not see this.
     
  9. chuckl

    chuckl New Member

    Thats why they pay me the big bucks. :)

    I wish.

    Rgds,
    Chuck
     
  10. andresmontanez

    andresmontanez New Member

    Findings...

    Yes, i'm connected from a xDSL from my Home.
    My Thunderbird connects to the mail server (in USA, with static IP, clean as water and reverse dns).
    The mail originates from my home; but the sender is the server... could be that? I tryed with others servers and it arrived ok.

    I finded that the problem could be the "Message-ID" header...
    ""Message-ID: <472A7C23.40509@stonetree.com.uy>""

    in the postfix page I found this "http://www.postfix.org/BACKSCATTER_README.html"
    where it's explained that the Message-ID shoud be "host.domain";
    in my case, should be "...@mx.excelsior.stonetree.com.uy",
    how is configured the Message id? Or how can this beheavor be changed.

    Thanks a lot :)
     
  11. chuckl

    chuckl New Member

    I don't use Thunderbird, so I'm afraid I can't help you there. I have no idea what it does or doesn't do.
    Normally, you connect to a mail server with a mail client, the server accepts the mail from the client, and then sends it on to the destination mail server, with itself as the originating server. So if my domain is mydomain.com, and my email address is someone@mydomain.com, the headers would show that my mail server has mail from someone@mydomain.com which it is delivering to someoneelse@someotherdomain.com.

    This is normal mail server operation. Your server however, is reporting the connection from you to itself, almost as a server-server mail transport connection, which is I think why the receiving mail servers at Gmail yahoo etc regard it as mail relaying and spam. PArticularly when it is shown as a home DSL type source, almost all of which are automatically blacklisted.

    I don't know if this is normal for Thunderbird, or whether it is a Postfix setting, but I've never seen it on my Postfix servers. Altering or deleting mail header components is also not a good idea. Very likely a standards violation, and even MORE likely to get it labelled as spam.
     
  12. mrtornado79

    mrtornado79 New Member

    I have the exact same problem here are the headers and everything seems ok.

    headers from Iloha Webmail.

    X-Apparently-To: altealea@yahoo.com via 66.163.178.175; Sat, 26 Jan 2008 17:38:14 -0800
    X-YahooFilteredBulk: 88.198.67.242
    X-Originating-IP: [88.198.67.242]
    Return-Path: <toro@usarmydt.com>
    Authentication-Results: mta174.mail.re3.yahoo.com from=; domainkeys=neutral (no sig)
    Received: from 88.198.67.242 (EHLO www.usarmydt.com) (88.198.67.242) by mta174.mail.re3.yahoo.com with SMTP; Sat, 26 Jan 2008 17:38:14 -0800
    Received: by www.usarmydt.com (Postfix, from userid 33) id BC1B030C252; Sun, 27 Jan 2008 02:38:13 +0100 (CET)
    To: altealea@yahoo.com
    Subject: bulk or not ?
    Received: from 172.133.61.147 (auth. user toro@usarmydt.com) by www.usarmydt.com with HTTP; Sun, 27 Jan 2008 01:38:13 +0000
    X-IlohaMail-Blah: toro@usarmydt.com
    X-IlohaMail-Method: mail() [mem]
    X-IlohaMail-Dummy: moo
    X-Mailer: IlohaMail/0.8.14 (On: www.usarmydt.com)
    Message-ID: <FfxLQcZo.1201397893.7227030.toro@usarmydt.com>
    From: toro@usarmydt.com Add Mobile Alert
    Bounce-To: <toro@usarmydt.com>
    Errors-To: <toro@usarmydt.com>
    MIME-Version: 1.0
    Content-Type: text/plain; charset=ISO-8859-1
    Content-Transfer-Encoding: quoted-printable
    Date: Sun, 27 Jan 2008 02:38:13 +0100 (CET)
    Content-Length: 2

    Headers from Thunderbird.

    X-Apparently-To: altealea@yahoo.com via 66.163.178.171; Sat, 26 Jan 2008 17:35:38 -0800
    X-YahooFilteredBulk: 88.198.67.242
    X-Originating-IP: [88.198.67.242]
    Return-Path: <toro@usarmydt.com>
    Authentication-Results: mta163.mail.re2.yahoo.com from=usarmydt.com; domainkeys=neutral (no sig)
    Received: from 88.198.67.242 (EHLO www.usarmydt.com) (88.198.67.242) by mta163.mail.re2.yahoo.com with SMTP; Sat, 26 Jan 2008 17:35:38 -0800
    Received: from [172.133.61.147] (AC853D93.ipt.aol.com [172.133.61.147]) by www.usarmydt.com (Postfix) with ESMTP id 4CABB30C251 for <altealea@yahoo.com>; Sun, 27 Jan 2008 02:35:36 +0100 (CET)
    Message-ID: <479BDFE4.4010209@usarmydt.com>
    Date: Sat, 26 Jan 2008 17:35:32 -0800
    From: "toro" <toro@usarmydt.com> Add Mobile Alert
    User-Agent: Thunderbird 2.0.0.9 (Windows/20071031)
    MIME-Version: 1.0
    To: "Gigi Kent" <altealea@yahoo.com>
    Subject: whatever
    Content-Type: text/plain; charset=ISO-8859-1; format=flowed
    Content-Transfer-Encoding: 7bit
    Content-Length: 10

    If anyone can help that would be nice :)
     
    Last edited: Jan 27, 2008
  13. iyeat

    iyeat New Member

    Interestingly enough, I have the same issue at Yahoo... Here are the headers of a mail that I forwarded from my account on my Fedora 8 setup that was marked as spam by Yahoo... I don't have domain keys nor spf though...

    Code:
    From caio@basicprototype.com Sun Jan 27 01:02:54 2008
    Return-Path: <caio@basicprototype.com>
    Authentication-Results: mta560.mail.mud.yahoo.com  from=basicprototype.com; domainkeys=neutral (no sig)
    Received: from 69.94.131.24  (EHLO echo.basicprototype.com) (69.94.131.24)
      by mta560.mail.mud.yahoo.com with SMTP; Sun, 27 Jan 2008 01:02:57 -0800
    Received: from localhost (unknown [127.0.0.1])
    	by echo.basicprototype.com (Postfix) with ESMTP id 587784070209
    	for <caiojames@yahoo.com>; Sun, 27 Jan 2008 09:02:57 +0000 (UTC)
    Received: from echo.basicprototype.com ([127.0.0.1])
    	by localhost (echo.basicprototype.com [127.0.0.1]) (amavisd-new, port 10024)
    	with ESMTP id iRDbJ0GIAmMk for <caiojames@yahoo.com>;
    	Sun, 27 Jan 2008 01:02:54 -0800 (PST)
    Received: from mail.basicprototype.com (echo.basicprototype.com [69.94.131.25])
    	by echo.basicprototype.com (Postfix) with ESMTP id D3A064070132
    	for <caiojames@yahoo.com>; Sun, 27 Jan 2008 01:02:54 -0800 (PST)
    MIME-Version: 1.0
    Date: Sun, 27 Jan 2008 01:02:54 -0800
    From: <caio@basicprototype.com>
    To: caiojames@yahoo.com
    Subject: Fwd: Re: is =?UTF-8?Q?DOS=5FOUTLOOK=5FTO=5FMX=20too=20low=3F?=
    Message-ID: <086da7590311b957e0b518b20036d59c@localhost>
    User-Agent: Basic Prototype&reg; Webmail/0.1-rc2
    Content-Type: text/plain; charset="UTF-8"
    Content-Transfer-Encoding: 8bit
    Content-Length: 2884
     

Share This Page