The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SOLVED Cron Emails Are Treated As Spam By Gmail

Discussion in 'E-mail Discussions' started by linux4me2, Jun 10, 2017.

  1. linux4me2

    linux4me2 Well-Known Member

    Joined:
    Aug 21, 2015
    Messages:
    148
    Likes Received:
    34
    Trophy Points:
    28
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    Recently, the cron emails for /usr/local/cpanel/scripts/upcp have started ending up in my Gmail spam folder. Gmail puts a notice on the emails that says, "Gmail couldn't verify that host.mydomain.com actually sent this message (and not a spammer)." The subdomain "host.mydomain.com" is my hostname, and it is listed as an A record in the DNS zone for mydomain.com.

    If I look at the source of the email, the problem appears to be that there is no SPF record for host.mydomain.com, where XXX.XXX.XXX.XXX is my primary domain:
    If I look in /var/cpanel/domain_keys/public, there is no entry for host.mydomain.com.

    The command:
    Code:
    dig host.mydomain.com +short
    returns my server's primary IP address, and the command:
    Code:
    dig -x XXX.XXX.XXX.XXX +short
    returns:
    Code:
    host.mydomain.com
    so it appears my PTR record is correctly set up.

    If I send email to the same Gmail account using a regular email account on the server, the SPF passes:
    If I'm right about the cause of this problem, it seems like adding a valid SPF and DKIM entry for my hostname would solve it.

    I found this old post in which cPanelTristan suggests, "As such, if you want the hostname covered, your best bet is to temporarily change the hostname to another name, put the hostname onto the account as a subdomain, use Email Authentication area to add the SPF and domain keys records, then remove the subdomain manually and change the hostname back to what it was before. It does appear to be a lot of steps simply to get the records added. Right now, I simply can't think of a simpler way to do it."

    Is there a better way to accomplish this in WHM 64? I'm worried that I'll break something else by changing my hostname as suggested.
     
  2. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,400
    Likes Received:
    52
    Trophy Points:
    28
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hi,

    The mail you are receiving are the part of the cPanel job and the preferred email account setting you set. The mail send to root is forwarded to the Gmail account and now, this is what should be taken care of.. If you are going to end up sending lot of notifications unknowingly to the Gmail account, the Gmail system is going to track the incoming mails and may result in having your mail server IP also blacklisted to cause issues to the other user account, if any, on your server..

    You should be forwarding the root mail to other email account rather than standard Gmail and Hotmail services..
     
  3. linux4me2

    linux4me2 Well-Known Member

    Joined:
    Aug 21, 2015
    Messages:
    148
    Likes Received:
    34
    Trophy Points:
    28
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    Thanks, I know the email is from the cPanel update. I get one from Logwatch each day, too. I have system emails to root forwarded to a Gmail account (WHM -> Server Contacts -> Edit System Mail Preferences) because I don't have another server I can use and sending the emails to an account on the same server wouldn't work if there are issues.

    It seems like there should be a way to add SPF/DKIM records for the hostname, which I believe would solve the problem. That's what I'm asking.
     
    #3 linux4me2, Jun 11, 2017
    Last edited: Jun 11, 2017
  4. linux4me2

    linux4me2 Well-Known Member

    Joined:
    Aug 21, 2015
    Messages:
    148
    Likes Received:
    34
    Trophy Points:
    28
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    I went into WHM -> DNS Functions -> Edit DNS Zone and in the section "Add New Entries Below this Line," I added an SPF record for "host" using the server's primary IP address. I ran it through MX Toolbox, and it passed, so the SPF part appears to be fixed this way. I'll see tomorrow when Logwatch and upcp run if Gmail likes it.

    Adding a domain key is next...
     
  5. linux4me2

    linux4me2 Well-Known Member

    Joined:
    Aug 21, 2015
    Messages:
    148
    Likes Received:
    34
    Trophy Points:
    28
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    I followed the directions in this post to add a domain key for host.mydomain.com. I added the user "nobody" to /var/cpanel/users, ran /usr/local/cpanel/scripts/updateuserdomains, and then attempted to run /usr/local/cpanel/scripts/updateuserdomains; however, I got the error:
    According to the thread above, that's because I need to create a valid DNS zone for my server's hostname. I do have an A record DNS entry in mydomain.com for host, so I think the problem may actually be that the entry in /var/cpanel/users/nobody should perhaps be different than just:
    Code:
    DNS=host.mydomain.com
    Maybe something like:
    Code:
    DNS=mydomain.com
    DNS1=host.mydomain.com
    
    I don't want to try it until I know if that will mess something up.
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,037
    Likes Received:
    1,278
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    I recommend creating a separate DNS zone for your server's hostname via "WHM >> DNS Functions >> Add A DNS Zone", and then removing the "A" entry for the hostname from the parent domain name's DNS zone. This should allow you to proceed with the workaround instructions referenced on that thread.

    Thank you.
     
    linux4me2 likes this.
  7. linux4me2

    linux4me2 Well-Known Member

    Joined:
    Aug 21, 2015
    Messages:
    148
    Likes Received:
    34
    Trophy Points:
    28
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    When I try to create a separate DNS zone for my server's hostname, I get the message, "Sorry, a DNS entry for host.mydomain.com already exists." I suspect this is because there's already an "A" entry in the parent domain. If I delete the "A" record from the parent domain first to get around that, won't that keep me from logging into WHM to add the separate DNS zone? : )
     
  8. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,037
    Likes Received:
    1,278
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    You can still login via any other domain name that resolves to the server's IP address, or via the server's IP address.

    Thank you.
     
    linux4me2 likes this.
  9. linux4me2

    linux4me2 Well-Known Member

    Joined:
    Aug 21, 2015
    Messages:
    148
    Likes Received:
    34
    Trophy Points:
    28
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    I didn't know I could log in with another domain name. :oops: I picked one with an SSL cert so I didn't get the connection warning I'd get using the IP address and could still use HTTPS.

    I deleted the two entries ("A" record and SPF entry I manually added) in the parent domain for my hostname and set up the new DNS zone, which automagically added the SPF record for it from my DNS profile, then added the "nobody" record in /var/cpanel/users/ and ran the command to create the domain key.

    I can now see the DKIM entry when I look at the newly created DNS zone for my hostname, and there are entries in both the public and private folders of /var/cpanel/domain_keys, so it looks like I am in business. I won't know for sure until I see the emails cron sends out to Gmail tomorrow morning, but I suspect it's fixed. I will follow up tomorrow with the results.
     
  10. linux4me2

    linux4me2 Well-Known Member

    Joined:
    Aug 21, 2015
    Messages:
    148
    Likes Received:
    34
    Trophy Points:
    28
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    Both SPF and DKIM now pass with Gmail. Thanks for all your help, Michael. You can mark this one solved.
     
    cPanelMichael likes this.
Loading...

Share This Page