I'm having some trouble with the authentication of my e-mails. gMail likes them, but Outlook and Yahoo don't. My listserver is Sender. My Sender IP is not blacklisted, and I think I have my SPF right, as v=spf1 include:sendersrv.com ?all. But Hostgator, who manages my domain, says that e-mail deliverability is improved if I include that SPF in my Zone Editor TXT for that domain. Huh? Why is that? Turns out google already has an authentication entry as a TXT record there, but Sender did not. Is that why gMail is accepting them? That is,is there more to e-mail authentication than an SPF record?
It is not clear who manages DNS for your domain. If your domain is set to Hostgator's nameservers, then their suggestion is correct.
Besides SPF, you need to setup DKIM as well.
help.sender.net
Besides SPF, you need to setup DKIM as well.
SPF/DKIM parameters – Sender Help Center
help.sender.net
Well, that wasn't my question. My SPF and DKIM are set up, and look to be done properly. But I am advised to ALSO put the SPF as a TXT record in my Zone Editor for that domain. Why? Isn't having an SPF record enough?
I'm not sure I understand the recommendation. All SPF records *are* TXT records and look something like this:
domain.com. 14400 IN TXT "v=spf1 ip4:1.2.3.4 ~all"
so I'm not sure what they mean when they say you should add another TXT record. It would be best to ask them for clarification on exactly what should be added and where.
domain.com. 14400 IN TXT "v=spf1 ip4:1.2.3.4 ~all"
so I'm not sure what they mean when they say you should add another TXT record. It would be best to ask them for clarification on exactly what should be added and where.
Well in Hostgtor at least, the cPanel has an "email deliverability" section, wherein you can "manage the domain" by entering an SPF and DKIM record. That was done. The SPF "value" there is v=spf1 +mx +a +include:sendersrv.com ~all. There is an entirely separate cPanel section called "Zone editor", where you can enter CNAME and TXT records for your domain. I was advised by Hostgator suport to include the SPF record as a TXT entry in that zone editor as well, where it did not appear before. I'm trying to understand why there are two places to put the same thing, and why putting the SPF record in BOTH places is specifically recommended. If I have it in one place and not the other, am I screwed?
That still doesn't make sense to me - you wouldn't be ablet to create a duplicate record. The "Manage" area you mention just shows what is in the DNS zone, so I would expect that to be exactly the same as what appears in the Zone Editor area.
Do you have a specific bounceback from either Outlook or Yahoo to reference? Usually that contains additional details about the error.
Do you have a specific bounceback from either Outlook or Yahoo to reference? Usually that contains additional details about the error.
I have to agree that it doesn't make sense to me, either. Which is why I'm here asking. Bounceback from Yahoo or Outlook? Ha ha. I have test accounts at both places, and when I send a message out from Sender to those e-mail addresses, they DISAPPEAR. Sender says they got sent, but NOTHING comes up in Yahoo or Outlook. Doesn't even end up in their Junk folder.
The really annoying thing is that when my e-mails don't reach people, using Outlook, Yahoo, etc., I have no insight into WHY they didn't! When I ask Microsoft to resolve this for Outlook, I get back
We have completed reviewing the IP(s) you submitted. The following table contains the results of our investigation.
Not qualified for mitigation
xxx.x.xxx.xxx (IP removed for security)
Our investigation has determined that the above IP(s) do not qualify for mitigation. These IP(s) have previously received mitigations from deliverability support, and have failed to maintain patterns within our guidelines, so they are ineligible for additional mitigation at this time.
As in, something's wrong, but we're not going to tell you what it is! Now, that IP (which is assigned to me by Sender) is blacklist clean. So while it might have once received mitigations, it should not anymore.
We have completed reviewing the IP(s) you submitted. The following table contains the results of our investigation.
Not qualified for mitigation
xxx.x.xxx.xxx (IP removed for security)
Our investigation has determined that the above IP(s) do not qualify for mitigation. These IP(s) have previously received mitigations from deliverability support, and have failed to maintain patterns within our guidelines, so they are ineligible for additional mitigation at this time.
As in, something's wrong, but we're not going to tell you what it is! Now, that IP (which is assigned to me by Sender) is blacklist clean. So while it might have once received mitigations, it should not anymore.
That's not very helpful from Microsoft at all.
For the disappearing email, something has to be happening with it. If you watch your server's Exim logs in real-time while you send the email, using the "tail -f /var/log/exim_mainlog" command, does it show the email leave your server and reach the remote network? If so, the issue is completely up to the places you are mailing to resolve, as your server is completing the transaction.
You might also want to reach out to your hosting provider to let them know about the issues with the IP address being blocked, possibly by various major companies.
It also wouldn't hurt to check the server just to ensure no unexpected spam is being sent. I like this command, which lists the directories that have sent the most email:
Just ignore common areas, like /etc/csf if you have that installed.
For the disappearing email, something has to be happening with it. If you watch your server's Exim logs in real-time while you send the email, using the "tail -f /var/log/exim_mainlog" command, does it show the email leave your server and reach the remote network? If so, the issue is completely up to the places you are mailing to resolve, as your server is completing the transaction.
You might also want to reach out to your hosting provider to let them know about the issues with the IP address being blocked, possibly by various major companies.
It also wouldn't hurt to check the server just to ensure no unexpected spam is being sent. I like this command, which lists the directories that have sent the most email:
Code:
awk '$3 ~ /^cwd/{print $3}' /var/log/exim_mainlog | sort | uniq -c | sed "s|^ *||g" | sort -nr| Thread starter | Similar threads | Forum | Replies | Date |
|---|---|---|---|---|
| M | About authentication of mail users | 5 | ||
| S | Webmail / Contact Forms 550-Please turn on SMTP Authentication in your mail client. | 4 | ||
| N | 550-Please turn on SMTP Authentication in your mail client | 17 | ||
| M | number of email authentication daemons | 2 | ||
| A | Authentication failed Gmail | 3 |