The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Emails sent to Hotmail/Outlook/Gmail go to junk folder

Discussion in 'E-mail Discussions' started by nsusa, Oct 29, 2016.

Tags:
  1. nsusa

    nsusa Well-Known Member

    Joined:
    Jun 30, 2004
    Messages:
    92
    Likes Received:
    1
    Trophy Points:
    158
    Location:
    Colorado, USA
    I just moved several cpanel accounts from an old VPS to a new one and emails sent from that new VPS are going into the junk mail folder at Hotmail/Outlook.com

    1) I created a RDNS record for the main host IP address/host name
    2) Enabled DKIM and SPF
    3) Verified that the IP address is not blacklisted anywhere
    4) Ran it through glockapps.com and see mixed results everywhere
    5) Sent messages to check-auth@verifier.port25.com - see results below.

    So, I am not sure what else to look at. Any suggestions?

    Code:
    This message is an automatic response from Port25's authentication verifier service at verifier.port25.com.  The service allows email senders to perform a simple check of various sender authentication mechanisms.  It is provided free of charge, in the hope that it is useful to the email community.  While it is not officially supported, we welcome any feedback you may have at <verifier-feedback@port25.com>.
    
    Thank you for using the verifier,
    
    The Port25 Solutions, Inc. team
    
    ==========================================================
    Summary of Results
    ==========================================================
    SPF check:          pass
    DomainKeys check:   neutral
    DKIM check:         pass
    SpamAssassin check: ham
    
    ==========================================================
    Details:
    ==========================================================
    
    HELO hostname:  host02.hostname.net
    Source IP:      45.xx.xx.xxx
    mail-from:      [EMAIL]MyName@domain.com[/EMAIL]
    
    ----------------------------------------------------------
    SPF check details:
    ----------------------------------------------------------
    Result:         pass 
    ID(s) verified: smtp.mailfrom=MyName@domain.com DNS record(s):
        domain.com. SPF (no records)
        domain.com. 900 IN TXT "v=spf1 +a +mx +ip4:45.xx.xx.xxx ~all"
        domain.com. 300 IN A 45.xx.xx.xxx
    
    ----------------------------------------------------------
    DomainKeys check details:
    ----------------------------------------------------------
    Result:         neutral (message not signed)
    ID(s) verified: header.From=MyName@domain.com DNS record(s):
    
    ----------------------------------------------------------
    DKIM check details:
    ----------------------------------------------------------
    Result:         pass (matches From: [EMAIL]MyName@domain.com[/EMAIL])
    ID(s) verified: header.d=domain.com
    Canonicalized Headers:
        content-transfer-encoding:8bit'0D''0A'
        content-type:text/plain;charset=utf-8'0D''0A'
        mime-version:1.0'0D''0A'
        to:check-auth@verifier.port25.com'0D''0A'
        from:"MyName'20'Puetz"'20'<MyName@domain.com>'0D''0A'
        subject:'0D''0A'
        date:Sat,'20'29'20'Oct'20'2016'20'10:05:42'20'-0600'0D''0A'
        message-id:<8c2e2bbcb66aef487b124ed27a0da345.squirrel@45.xx.xx.xxx>'0D''0A'
        dkim-signature:v=1;'20'a=rsa-sha256;'20'q=dns/txt;'20'c=relaxed/relaxed;'20'd=domain.com;'20's=default;'20'h=Content-Transfer-Encoding:Content-Type:MIME-Version:To:From:'20'Subject:Date:Message-ID:Sender:Reply-To:Cc:Content-ID:Content-Description:'20'Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:'20'In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:'20'List-Post:List-Owner:List-Archive;'20'bh=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=;'20'b=;
    
    Canonicalized Body:
    
    DNS record(s):
        default._domainkey.domain.com. 900 IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7/IS5bZ+I2JYAyro+vpzAkghvkWV9D3u0YvcwaudKLHOmLlIhF71D+ji18cdZ5GffdxdqZ04HamZF698HnG/p1M8NgoDJXPxAZeRTqE0ZhdUkR3/WlUa/LNyHINq+zw8unr6HZybqwmz0lTq4gY4xvc2FAFanVP00yWv94KRePMO1x9bzxkaF5mbBz7iWDT8D56hU0GnueUCpyyUkkiV4ejTgzrrggOWPd4n8E6wR/aBHPcK2wfPk4+Ou37oIm83q32MQbB/Q6fGk45gCPsz1S45BtaBTyNQ0yOz5h+9J1/Fos2jnrhY01oaLo1zirfPD+eyCa/lIW68aUsdScMwQIDAQAB;"
    
    Public key used for verification: default._domainkey.domain.com (2048 bits)
    
    NOTE: DKIM checking has been performed based on the latest DKIM specs (RFC 4871 or draft-ietf-dkim-base-10) and verification may fail for older versions.  If you are using Port25's PowerMTA, you need to use version 3.2r11 or later to get a compatible version of DKIM.
    
    ----------------------------------------------------------
    SpamAssassin check details:
    ----------------------------------------------------------
    SpamAssassin v3.4.0 (2014-02-07)
    
    Result:         ham  (0.3 points, 5.0 required)
    
    pts rule name              description
    ---- ---------------------- --------------------------------------------------
    -0.0 SPF_PASS               SPF: sender matches SPF record
    -1.9 BAYES_00               BODY: Bayes spam probability is 0 to 1%
                                [score: 0.0000]
    -0.1 DKIM_VALID_AU          Message has a valid DKIM or DK signature from author's
                                domain
    0.1 DKIM_SIGNED            Message has a DKIM or DK signature, not necessarily valid
    -0.1 DKIM_VALID             Message has at least one valid DKIM or DK signature
    2.3 EMPTY_MESSAGE          Message appears to have no textual parts and no
                                Subject: text
    
    ==========================================================
    Explanation of the possible results (from RFC 5451) ==========================================================
    
    SPF and Sender-ID Results
    =========================
    
    "none"
          No policy records were published at the sender's DNS domain.
    
    "neutral"
          The sender's ADMD has asserted that it cannot or does not
          want to assert whether or not the sending IP address is authorized
          to send mail using the sender's DNS domain.
    
    "pass"
          The client is authorized by the sender's ADMD to inject or
          relay mail on behalf of the sender's DNS domain.
    
    "policy"
         The client is authorized to inject or relay mail on behalf
          of the sender's DNS domain according to the authentication
          method's algorithm, but local policy dictates that the result is
          unacceptable.
    
    "fail"
          This client is explicitly not authorized to inject or
          relay mail using the sender's DNS domain.
    
    "softfail"
          The sender's ADMD believes the client was not authorized
          to inject or relay mail using the sender's DNS domain, but is
          unwilling to make a strong assertion to that effect.
    
    "temperror"
          The message could not be verified due to some error that
          is likely transient in nature, such as a temporary inability to
          retrieve a policy record from DNS.  A later attempt may produce a
          final result.
    
    "permerror"
          The message could not be verified due to some error that
          is unrecoverable, such as a required header field being absent or
          a syntax error in a retrieved DNS TXT record.  A later attempt is
          unlikely to produce a final result.
    
    
    DKIM and DomainKeys Results
    ===========================
    
    "none"
          The message was not signed.
    
    "pass"
          The message was signed, the signature or signatures were
          acceptable to the verifier, and the signature(s) passed
          verification tests.
    
    "fail"
          The message was signed and the signature or signatures were
          acceptable to the verifier, but they failed the verification
          test(s).
    
    "policy"
          The message was signed but the signature or signatures were
          not acceptable to the verifier.
    
    "neutral"
          The message was signed but the signature or signatures
          contained syntax errors or were not otherwise able to be
          processed.  This result SHOULD also be used for other
          failures not covered elsewhere in this list.
    
    "temperror"
          The message could not be verified due to some error that
          is likely transient in nature, such as a temporary inability
          to retrieve a public key.  A later attempt may produce a
          final result.
    
    "permerror"
          The message could not be verified due to some error that
          is unrecoverable, such as a required header field being
          absent. A later attempt is unlikely to produce a final result.
    
    
    ==========================================================
    Original Email
    ==========================================================
    
    Return-Path: <MyName@domain.com>
    Received: from host02.hostname.net (45.xx.xx.xxx) by verifier.port25.com id h2j4di20i3go for <check-auth@verifier.port25.com>; Sat, 29 Oct 2016 12:05:45 -0400 (envelope-from <MyName@domain.com>)
    Authentication-Results: verifier.port25.com; spf=pass smtp.mailfrom=MyName@domain.com
    Authentication-Results: verifier.port25.com; domainkeys=neutral (message not signed) header.From=MyName@domain.com
    Authentication-Results: verifier.port25.com; dkim=pass (matches From: [EMAIL]MyName@domain.com[/EMAIL]) header.d=domain.com
    DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=domain.com;
        s=default; h=Content-Transfer-Encoding:Content-Type:MIME-Version:To:From:
        Subject:Date:Message-ID:Sender:Reply-To:Cc:Content-ID:Content-Description:
        Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
        In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
        List-Post:List-Owner:List-Archive;
        bh=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=; b=NGCSF3y16l7Nq9nChJaHiKomdj
        XPn2usuEvT0WVhTAR6WcMpW0M2Q/dqtWSt1j18inq0EfqG9xbjfVmhk2cQZIsuBhYiPD3D8zSIlsm
        SGKu9jSbUvDy1qe7q2/7Qb4aYsvQT2TUtjcEGHVxdoqWpGzLKN9ZAp1pQ78tCLtK/XrdF9myvghpG
        lkT+Qb60lvKLhO+LB+kltoEF821HEfczcxQyNRXL/r5i9gj+bXHQl2bP4WmY4a/qiEO3QRIn1kj4o
        qvMmAQB3REJGy7RVtN3bmNX5MOQFLtcmnYpKGf1THq29O1dSlaoT1PhwGz6pmu4pr/qX+nuwu8RsX
        cvTKBUsA==;
    Received: from [::1] (port=37858 helo=[45.xx.xx.xxx])
        by host02.hostname.net with esmtpa (Exim 4.87)
        (envelope-from <MyName@domain.com>)
        id 1c0W8c-0007pT-NG
        for [EMAIL]check-auth@verifier.port[/EMAIL]25.com; Sat, 29 Oct 2016 10:05:42 -0600
    Received: from 75.171.189.180 ([75.171.189.180])
            (SquirrelMail authenticated user puetzus)
            by 45.xx.xx.xxx with HTTP;
            Sat, 29 Oct 2016 10:05:42 -0600
    Message-ID: <8c2e2bbcb66aef487b124ed27a0da345.squirrel@45.xx.xx.xxx>
    Date: Sat, 29 Oct 2016 10:05:42 -0600
    Subject: 
    From: "MyName Puetz" <MyName@domain.com>
    To: [EMAIL]check-auth@verifier.port[/EMAIL]25.com
    User-Agent: SquirrelMail/1.5.2 [SVN]
    MIME-Version: 1.0
    Content-Type: text/plain;charset=utf-8
    Content-Transfer-Encoding: 8bit
    X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
    X-AntiAbuse: Primary Hostname - host02.hostname.net
    X-AntiAbuse: Original Domain - verifier.port25.com
    X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
    X-AntiAbuse: Sender Address Domain - domain.com
    X-Get-Message-Sender-Via: host02.hostname.net: authenticated_id: puetzus/from_h
    X-Authenticated-Sender: host02.hostname.net: [EMAIL]MyName@domain.com[/EMAIL]
    X-Source: 
    X-Source-Args: 
    X-Source-Dir: 
     
    #1 nsusa, Oct 29, 2016
    Last edited by a moderator: Oct 29, 2016
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    36,995
    Likes Received:
    1,275
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
  3. nsusa

    nsusa Well-Known Member

    Joined:
    Jun 30, 2004
    Messages:
    92
    Likes Received:
    1
    Trophy Points:
    158
    Location:
    Colorado, USA
    No success unfortunately. My ip address is not black-listed anywhere. Even had a managed services provider look at it and it all seems to be configured fine. Not sure what is missing.
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    36,995
    Likes Received:
    1,275
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Hotmail offers a contact form if you are following all of their policies and your email still goes to the JUNK folder:

    Troubleshooting

    Thank you.
     
  5. nsusa

    nsusa Well-Known Member

    Joined:
    Jun 30, 2004
    Messages:
    92
    Likes Received:
    1
    Trophy Points:
    158
    Location:
    Colorado, USA
    So, some small success. I think I am Ok now. Maybe this information helps others.

    Looked the SPF record and this is how it looked like:

    Apparently the "+mx" causes problems with the SPF lookup from 3rd parties. It seems like since no MX record is specified that the entire lookup query goes bad and times out.

    Updated the SPF record removing the "+mx"

    And now Outlook.com shows this:

    Outlook still moves messages into the junk folder, but this could be due to my IPs having no history/reputation build-up yet. Gmail shows clean email headers and all as pass (SPF, DKIM, dmarc). So, I think this could have been due to how cpanel/WHM creates the SPF records, but when you use an IP address and not an actual MX record.
     
    cPanelMichael likes this.
Loading...

Share This Page