The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Emails Going To Spam DKIM & SPF have been Set

Discussion in 'E-mail Discussions' started by Shane Elmer, Jul 7, 2017.

Tags:
  1. Shane Elmer

    Shane Elmer Member

    Joined:
    Jun 30, 2017
    Messages:
    17
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Los Angeles
    cPanel Access Level:
    DataCenter Provider
    I have beening trying effortlessly for the last week to get the email function to work.

    Every email being sent from the server is going right into the spam folder and I can not figure it out. Every article or forum tells you to verify the DKIM and SPF which have both been set by default thanks to whm and cpanel.. however there are still issues because it is not going to inbox, social, or promotions. but right to the spam.

    Here is a print out of the original email contnent. It is being verified but no dice.. any advice?

    If it helps, I can provide the server config such as the hostname and rDNS

    From what I can tell, it maybe a misconfiguration between the hostname and nameserver

    but to be honest, I do not know how to change or fix this, nor am I 100% sure that that could even be the problem..


    - Removed -

    hostname:
    server.domain.org - 45.32.xx.xxx

    nameservers:
    ns1.domain.org - 45.32.xx.xxx
    ns2.domain.org - 45.32.xx.xxx

    Reverse DNS
    45.32.xx.xxx = ns1.domain.org
    45.32.xx.xxx = ns2.domain.org
     
    #1 Shane Elmer, Jul 7, 2017
    Last edited by a moderator: Jul 7, 2017
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    36,995
    Likes Received:
    1,275
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    The best place to start is to ensure your server meets the guidelines referenced on the following document:

    How to Keep your Email out of the Spam Folder - cPanel Knowledge Base - cPanel Documentation

    Then, use a website such as MXToolBox to see if it detects any problems with your mail server. If not, then you may simply need to report the issue to the remote mail server to determine why your messages are marked as SPAM. For example, Google offers the following troubleshooting URL:

    Bulk Senders Guidelines - Gmail Help

    Thank you.
     
  3. Shane Elmer

    Shane Elmer Member

    Joined:
    Jun 30, 2017
    Messages:
    17
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Los Angeles
    cPanel Access Level:
    DataCenter Provider

    Okay thank you for your response, I will look into that post
     
  4. Shane Elmer

    Shane Elmer Member

    Joined:
    Jun 30, 2017
    Messages:
    17
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Los Angeles
    cPanel Access Level:
    DataCenter Provider
    Okay, so after sending an email to the following address: check-auth@verifier.port25.com
    referenced in this post - Setting up SPF and DKIM records

    This was the output:

    Code:
    Result:         ham (-2.0 points, 5.0 required)
    
     pts rule name              description
    ---- ---------------------- --------------------------------------------------
     0.0 NO_DNS_FOR_FROM        DNS: Envelope sender has no MX or A DNS records
    -0.0 T_RP_MATCHES_RCVD      Envelope sender domain matches handover relay
                                domain
     0.0 T_SPF_TEMPERROR        SPF: test of record failed (temperror)
     0.0 T_SPF_HELO_TEMPERROR   SPF: test of HELO record failed (temperror)
    -1.9 BAYES_00               BODY: Bayes spam probability is 0 to 1%
                                [score: 0.0000]
    -0.1 DKIM_VALID_AU          Message has a valid DKIM or DK signature from author's
                                domain
     0.1 DKIM_SIGNED            Message has a DKIM or DK signature, not necessarily valid
    -0.1 DKIM_VALID             Message has at least one valid DKIM or DK signature
    This really does not make much sense to me.. I know this needs to be fixed. Can someone point me in the right direction? I feel like its right under my nose... again.

    Here is the first half of the output:
    Code:
    ==========================================================
    Summary of Results
    ==========================================================
    SPF check:          pass
    DKIM check:         pass
    SpamAssassin check: ham
    
    ==========================================================
    Details:
    ==========================================================
    
    HELO hostname:  server.example.org
    Source IP:      45.32.xx.250
    mail-from:      support@example.org
    
    ----------------------------------------------------------
    SPF check details:
    ----------------------------------------------------------
    Result:         pass
    ID(s) verified: smtp.mailfrom=support@example.org
    
    DNS record(s):
        example.org. 14400 IN TXT "v=spf1 +a +mx +ip4:45.32.xx.250 +a:server.example.org ~all"
        example.org. 14400 IN A 45.32.xx.250
    
    
    ----------------------------------------------------------
    DKIM check details:
    ----------------------------------------------------------
    Result:         pass (matches From: support@example.org)
    ID(s) verified: header.d=example.org
    
    Canonicalized Headers:
        message-id:<7ce79b1e06a55010d0f0c150c8df2509@example.org>'0D''0A'
        subject:Test'20'Email'0D''0A'
        to:check-auth@verifier.port25.com'0D''0A'
        from:support@example.org'0D''0A'
        date:Sat,'20'08'20'Jul'20'2017'20'08:26:50'20'+0000'0D''0A'
        content-transfer-encoding:7bit'0D''0A'
        content-type:text/plain;'20'charset=US-ASCII;'20'format=flowed'0D''0A'
        mime-version:1.0'0D''0A'
        dkim-signature:v=1;'20'a=rsa-sha256;'20'q=dns/txt;'20'c=relaxed/relaxed;'20'd=example.org;'20's=default;'20'h=Message-ID:Subject:To:From:Date:'20'Content-Transfer-Encoding:Content-Type:MIME-Version:Sender:Reply-To:Cc:'20'Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:'20'Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:'20'List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive;'20'bh=7/ntDg4QG0D1QKdv9rmDcsgkRH8VYuvRhaGwWte+dhM=;'20'b=;
    
    Canonicalized Body:
        This'20'is'20'a'20'simple'20'test'20'email.'0D''0A'
        
    
    DNS record(s):
        default._domainkey.example.org. 14400 IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQMPr4TjnCU9D7mDNNOCTL+iKRpekePYuulCZ3xg7nb3oAUdF0JC6zxvDAtVbKmBDkjq04zWDhSm/hWByDD+iJnji8kaLXFF34HShTyupNQFvQW6JR+rXHJsD921puIE0ucRz5POyYRBg7nBJf9N1s8kVAhUDw4CN37L5sKgyWz5kAVIYqByD09v3cAld4Yw+GbSbNmNBqGM6Vcf9NpZy4q2kpw6wUMM5VWKHyUPDy2sANcRTdwFWYUfP2JXoIuvZCHTP8MKzq1gHMgwzlr6LP8RL6p+BogtNXhFwQ+j373Zs7L1FjT9Yxd5UXpG6YG/gGExaNEI13BbstbWbXSajQIDAQAB;"
    
    Public key used for verification: default._domainkey.example.org (2048 bits)
    
    NOTE: DKIM checking has been performed based on the latest DKIM specs
    (RFC 4871 or draft-ietf-dkim-base-10) and verification may fail for
    older versions.  If you are using Port25's PowerMTA, you need to use
    version 3.2r11 or later to get a compatible version of DKIM.
    I removed all domain reference please do not remove the code ty.
     
  5. Shane Elmer

    Shane Elmer Member

    Joined:
    Jun 30, 2017
    Messages:
    17
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Los Angeles
    cPanel Access Level:
    DataCenter Provider
    MX TOOL BOX returned the following errors:
    Code:
    dmarc    example.org    DNS Record not found      More Info
        smtp    example.org    Reverse DNS does not match SMTP Banner      More Info
        smtp    example.org    Warning - Does not support TLS.      More Info
        smtp    example.org    15.072 seconds - Not good! on Transaction Time      More Info
     
    #5 Shane Elmer, Jul 8, 2017
    Last edited by a moderator: Jul 8, 2017
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    36,995
    Likes Received:
    1,275
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    The output suggests your mail server is properly configured. The warning messages you see should not prevent delivery and are likely false positives. There's a thread on those messages at:

    SMTP Warnings - Mxtoolbox

    Thank you.
     
  7. bloatedstoat

    bloatedstoat Well-Known Member

    Joined:
    Jun 14, 2012
    Messages:
    98
    Likes Received:
    8
    Trophy Points:
    8
    Location:
    Victoria, Australia
    cPanel Access Level:
    Root Administrator
    We had similar issues, in our case we managed to resolve the problem by setting up a DMARC record in DNS.
     
  8. Shane Elmer

    Shane Elmer Member

    Joined:
    Jun 30, 2017
    Messages:
    17
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Los Angeles
    cPanel Access Level:
    DataCenter Provider



    Any chance can you maybe reference a Guide on how to add DMARC records in my DNS?

    I am running on a centos machine with whm, cpanel, whmcs.

    I looked at the following article by cpanel
    How to Keep your Email out of the Spam Folder - cPanel Knowledge Base - cPanel Documentation

    their information on the DMARC is extremely short and doesnt tell you much except to use it....

    DMARC
    DMARC (Domain-based Message Authentication, Reporting & Conformance) is a technical specification to help reduce the potential for email-based abuse. A DMARC policy uses DNS to confirm that an email message uses a valid DKIM and SPF record, and that the From: header matches those records.

    Many large email networks require that you use a DMARC policy to help protect their users from spam email. To prevent email rejections or spam flags within these networks, your server must use a DMARC policy.


    Would love to have some clarity regarding the DMARC and enabling this.. Thank you to everyone that has assisted.
     
  9. bloatedstoat

    bloatedstoat Well-Known Member

    Joined:
    Jun 14, 2012
    Messages:
    98
    Likes Received:
    8
    Trophy Points:
    8
    Location:
    Victoria, Australia
    cPanel Access Level:
    Root Administrator
    Hi Shane,

    Assuming you have root access to your WHM enter Edit DNS in the search field at the top of the left hand panel after login, select the domain you want to add the record for.

    At the bottom of your records there is the line "Add New Entries Below this Line".

    In the furthest left enter _dmarc then after that 14400 IN TXT (latter from drop down)

    In the furthest right field enter the followin:

    Code:
    v=DMARC1\;p=reject\;sp=reject\;adkim=r\;aspf=r\;rua=mailto:rua\@yourdomain.com\;ruf=mailto:ruf\@yourdomain.com\;rf=afrf\;pct=100\;fo=1\;ri=3600
    Where yourdomain.com is the domain name of the DNS record you're adding.

    You'll need to set up a forwarder for your rua@ and ruf@ addresses so that delivery reports are sent to a real world email account, this way you are able to monitor if any email is being rejected from legit hosts or IPs on your server.

    You should receive XML reports from hosts such as hotmail, google, yahoo etc; - these hosts always send reports.

    You should also receive reports from hosts that employ DMARC checks as part of their anti-spam mechanisms.

    The last part of the XML report will show the status of the DKIM and SPF checks, in our case we get a fair amount of temperror for DKIM checks for Microsoft domains (hotmail), I've never managed to get to the bottom of it despite trawling the net far and wide for a solution.

    Sadly I don't have an example report to hand as I read them and bin them.

    Once you 've done this, hit Save at the bottom of the page.

    Then head over to mxtoolbox and under "more" in the navbar at the top find and select DMARC, enter your domain and run the test. It'll tell you if your record for yourdomain.com is syntactically correct and tell you what each bit of it achieves.

    On a final note, email sent from yourdomain.com IS actually being sent out through mail.yourdomain.com yes?

    Cheers.
     
    Shane Elmer likes this.
  10. bloatedstoat

    bloatedstoat Well-Known Member

    Joined:
    Jun 14, 2012
    Messages:
    98
    Likes Received:
    8
    Trophy Points:
    8
    Location:
    Victoria, Australia
    cPanel Access Level:
    Root Administrator
  11. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    36,995
    Likes Received:
    1,275
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    As of cPanel version 64, you can configure DMARC records for your domain name via the Zone Editor interface in cPanel.

    Thank you.
     
  12. Shane Elmer

    Shane Elmer Member

    Joined:
    Jun 30, 2017
    Messages:
    17
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Los Angeles
    cPanel Access Level:
    DataCenter Provider

    bloatedstoat & cPanelMichael your assistance has been greatly appricated. I added the _dmarc as you explained. However the last statement regarding mail.example.org may be the root of the problem. When looking at the original message in gmail it provides the following information:

    SPF: PASS with IP 45.32.XX.250 Learn more
    DKIM: PASS with domain example.org Learn more
    DMARC: PASS Learn more

    (but it is still going to spam)

    When looking if it was being sent from:
    mail.example.org

    it is actually being sent form the server hostname which is:
    server.example.org


    From what I can gather I will need to change the sending domain to mail.example.org?
    Is this even possible?

    Also I checked on the IP Address regarding any spam lists, it does not appear on any.
     
  13. Shane Elmer

    Shane Elmer Member

    Joined:
    Jun 30, 2017
    Messages:
    17
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Los Angeles
    cPanel Access Level:
    DataCenter Provider
    Just as an update this seems to actually be the root cause reported by mail-tester.com

    Your reverse DNS does not match with your sending domain.
    Reverse DNS lookup or reverse DNS resolution (rDNS) is the determination of a domain name that is associated with a given IP address.
    Some companies such as AOL will reject any message sent from a server without rDNS, so you must ensure that you have one.
    You cannot associate more than one domain name with a single IP address.


    Your IP address 45.32.XX.250 is associated with the domain ns1.example.org.
    Nevertheless your message appears to be sent from server.example.org.

    You may want to change your pointer (PTR type) DNS record and the host name of your server to the same value.



    Here are the tested values for this check:
    • IP: 45.32.XX.250
    • HELO: server.example.org
    • rDNS: ns1.example.org

    Im going to guess that i need to make a DNS record for the PTR Type (which there currently is nothing set).
     
  14. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    36,995
    Likes Received:
    1,275
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Yes, you should update the RDNS record for the IP address so that it points to the server's hostname. Typically, RDNS records are configured by your hosting provider or data center. Check with them to see if they offer an interface to setup the record, or if they can setup the record on your behalf.

    Thank you.
     
  15. Shane Elmer

    Shane Elmer Member

    Joined:
    Jun 30, 2017
    Messages:
    17
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Los Angeles
    cPanel Access Level:
    DataCenter Provider

    I see thank you. The data center provider I have allows easy setup of rDNS. I made it ns1.example.org I don't even know if that was the right thing to do for the name servers or if I should have had 3 ip address for the hostname, and 2 nameservers

    Or can they be under the same ip?
     
  16. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    36,995
    Likes Received:
    1,275
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    It's acceptable to use a single shared IP address for multiple name servers. However, you should still set the RDNS record for the shared IP address to the server's hostname, even if using that IP address for your name servers.

    Thank you.
     
  17. Shane Elmer

    Shane Elmer Member

    Joined:
    Jun 30, 2017
    Messages:
    17
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Los Angeles
    cPanel Access Level:
    DataCenter Provider
    Okay, so after updating the reverse DNS and testing the email sending it still is putting the emails into a spam folder...

    Is there maybe a way I can create a ticket and have support help me resolve this?
     
  18. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    36,995
    Likes Received:
    1,275
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hi Shane,

    If you are already following the guidelines referenced on this document, and email to remote mail servers such as Google still goes to the SPAM folder, then the next step is to contact the remote mail server's support team to see if they can provide more information about why your messages are marked as SPAM (in some cases it's simply due to the past reputation of the IP address). For instance, Google provides the following troubleshooter:

    Troubleshooting for bulk email senders - Gmail Help

    Thank you.
     
Loading...

Share This Page