Emails sent to Hotmail/Outlook/Gmail go to junk folder

nsusa

Well-Known Member
Jun 30, 2004
92
1
158
Colorado, USA
I just moved several cpanel accounts from an old VPS to a new one and emails sent from that new VPS are going into the junk mail folder at Hotmail/Outlook.com

1) I created a RDNS record for the main host IP address/host name
2) Enabled DKIM and SPF
3) Verified that the IP address is not blacklisted anywhere
4) Ran it through glockapps.com and see mixed results everywhere
5) Sent messages to [email protected]25.com - see results below.

So, I am not sure what else to look at. Any suggestions?

Code:
This message is an automatic response from Port25's authentication verifier service at verifier.port25.com.  The service allows email senders to perform a simple check of various sender authentication mechanisms.  It is provided free of charge, in the hope that it is useful to the email community.  While it is not officially supported, we welcome any feedback you may have at <[email protected]>.

Thank you for using the verifier,

The Port25 Solutions, Inc. team

==========================================================
Summary of Results
==========================================================
SPF check:          pass
DomainKeys check:   neutral
DKIM check:         pass
SpamAssassin check: ham

==========================================================
Details:
==========================================================

HELO hostname:  host02.hostname.net
Source IP:      45.xx.xx.xxx
mail-from:      [EMAIL][email protected][/EMAIL]

----------------------------------------------------------
SPF check details:
----------------------------------------------------------
Result:         pass 
ID(s) verified: [email protected] DNS record(s):
    domain.com. SPF (no records)
    domain.com. 900 IN TXT "v=spf1 +a +mx +ip4:45.xx.xx.xxx ~all"
    domain.com. 300 IN A 45.xx.xx.xxx

----------------------------------------------------------
DomainKeys check details:
----------------------------------------------------------
Result:         neutral (message not signed)
ID(s) verified: [email protected] DNS record(s):

----------------------------------------------------------
DKIM check details:
----------------------------------------------------------
Result:         pass (matches From: [EMAIL][email protected][/EMAIL])
ID(s) verified: header.d=domain.com
Canonicalized Headers:
    content-transfer-encoding:8bit'0D''0A'
    content-type:text/plain;charset=utf-8'0D''0A'
    mime-version:1.0'0D''0A'
    to:[email protected]'0D''0A'
    from:"MyName'20'Puetz"'20'<[email protected]>'0D''0A'
    subject:'0D''0A'
    date:Sat,'20'29'20'Oct'20'2016'20'10:05:42'20'-0600'0D''0A'
    message-id:<[email protected]>'0D''0A'
    dkim-signature:v=1;'20'a=rsa-sha256;'20'q=dns/txt;'20'c=relaxed/relaxed;'20'd=domain.com;'20's=default;'20'h=Content-Transfer-Encoding:Content-Type:MIME-Version:To:From:'20'Subject:Date:Message-ID:Sender:Reply-To:Cc:Content-ID:Content-Description:'20'Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:'20'In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:'20'List-Post:List-Owner:List-Archive;'20'bh=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=;'20'b=;

Canonicalized Body:

DNS record(s):
    default._domainkey.domain.com. 900 IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7/IS5bZ+I2JYAyro+vpzAkghvkWV9D3u0YvcwaudKLHOmLlIhF71D+ji18cdZ5GffdxdqZ04HamZF698HnG/p1M8NgoDJXPxAZeRTqE0ZhdUkR3/WlUa/LNyHINq+zw8unr6HZybqwmz0lTq4gY4xvc2FAFanVP00yWv94KRePMO1x9bzxkaF5mbBz7iWDT8D56hU0GnueUCpyyUkkiV4ejTgzrrggOWPd4n8E6wR/aBHPcK2wfPk4+Ou37oIm83q32MQbB/Q6fGk45gCPsz1S45BtaBTyNQ0yOz5h+9J1/Fos2jnrhY01oaLo1zirfPD+eyCa/lIW68aUsdScMwQIDAQAB;"

Public key used for verification: default._domainkey.domain.com (2048 bits)

NOTE: DKIM checking has been performed based on the latest DKIM specs (RFC 4871 or draft-ietf-dkim-base-10) and verification may fail for older versions.  If you are using Port25's PowerMTA, you need to use version 3.2r11 or later to get a compatible version of DKIM.

----------------------------------------------------------
SpamAssassin check details:
----------------------------------------------------------
SpamAssassin v3.4.0 (2014-02-07)

Result:         ham  (0.3 points, 5.0 required)

pts rule name              description
---- ---------------------- --------------------------------------------------
-0.0 SPF_PASS               SPF: sender matches SPF record
-1.9 BAYES_00               BODY: Bayes spam probability is 0 to 1%
                            [score: 0.0000]
-0.1 DKIM_VALID_AU          Message has a valid DKIM or DK signature from author's
                            domain
0.1 DKIM_SIGNED            Message has a DKIM or DK signature, not necessarily valid
-0.1 DKIM_VALID             Message has at least one valid DKIM or DK signature
2.3 EMPTY_MESSAGE          Message appears to have no textual parts and no
                            Subject: text

==========================================================
Explanation of the possible results (from RFC 5451) ==========================================================

SPF and Sender-ID Results
=========================

"none"
      No policy records were published at the sender's DNS domain.

"neutral"
      The sender's ADMD has asserted that it cannot or does not
      want to assert whether or not the sending IP address is authorized
      to send mail using the sender's DNS domain.

"pass"
      The client is authorized by the sender's ADMD to inject or
      relay mail on behalf of the sender's DNS domain.

"policy"
     The client is authorized to inject or relay mail on behalf
      of the sender's DNS domain according to the authentication
      method's algorithm, but local policy dictates that the result is
      unacceptable.

"fail"
      This client is explicitly not authorized to inject or
      relay mail using the sender's DNS domain.

"softfail"
      The sender's ADMD believes the client was not authorized
      to inject or relay mail using the sender's DNS domain, but is
      unwilling to make a strong assertion to that effect.

"temperror"
      The message could not be verified due to some error that
      is likely transient in nature, such as a temporary inability to
      retrieve a policy record from DNS.  A later attempt may produce a
      final result.

"permerror"
      The message could not be verified due to some error that
      is unrecoverable, such as a required header field being absent or
      a syntax error in a retrieved DNS TXT record.  A later attempt is
      unlikely to produce a final result.


DKIM and DomainKeys Results
===========================

"none"
      The message was not signed.

"pass"
      The message was signed, the signature or signatures were
      acceptable to the verifier, and the signature(s) passed
      verification tests.

"fail"
      The message was signed and the signature or signatures were
      acceptable to the verifier, but they failed the verification
      test(s).

"policy"
      The message was signed but the signature or signatures were
      not acceptable to the verifier.

"neutral"
      The message was signed but the signature or signatures
      contained syntax errors or were not otherwise able to be
      processed.  This result SHOULD also be used for other
      failures not covered elsewhere in this list.

"temperror"
      The message could not be verified due to some error that
      is likely transient in nature, such as a temporary inability
      to retrieve a public key.  A later attempt may produce a
      final result.

"permerror"
      The message could not be verified due to some error that
      is unrecoverable, such as a required header field being
      absent. A later attempt is unlikely to produce a final result.


==========================================================
Original Email
==========================================================

Return-Path: <[email protected]>
Received: from host02.hostname.net (45.xx.xx.xxx) by verifier.port25.com id h2j4di20i3go for <[email protected]>; Sat, 29 Oct 2016 12:05:45 -0400 (envelope-from <[email protected]>)
Authentication-Results: verifier.port25.com; spf=pass [email protected]
Authentication-Results: verifier.port25.com; domainkeys=neutral (message not signed) [email protected]
Authentication-Results: verifier.port25.com; dkim=pass (matches From: [EMAIL][email protected][/EMAIL]) header.d=domain.com
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=domain.com;
    s=default; h=Content-Transfer-Encoding:Content-Type:MIME-Version:To:From:
    Subject:Date:Message-ID:Sender:Reply-To:Cc:Content-ID:Content-Description:
    Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
    In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
    List-Post:List-Owner:List-Archive;
    bh=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=; b=NGCSF3y16l7Nq9nChJaHiKomdj
    XPn2usuEvT0WVhTAR6WcMpW0M2Q/dqtWSt1j18inq0EfqG9xbjfVmhk2cQZIsuBhYiPD3D8zSIlsm
    SGKu9jSbUvDy1qe7q2/7Qb4aYsvQT2TUtjcEGHVxdoqWpGzLKN9ZAp1pQ78tCLtK/XrdF9myvghpG
    lkT+Qb60lvKLhO+LB+kltoEF821HEfczcxQyNRXL/r5i9gj+bXHQl2bP4WmY4a/qiEO3QRIn1kj4o
    qvMmAQB3REJGy7RVtN3bmNX5MOQFLtcmnYpKGf1THq29O1dSlaoT1PhwGz6pmu4pr/qX+nuwu8RsX
    cvTKBUsA==;
Received: from [::1] (port=37858 helo=[45.xx.xx.xxx])
    by host02.hostname.net with esmtpa (Exim 4.87)
    (envelope-from <[email protected]>)
    id 1c0W8c-0007pT-NG
    for [EMAIL][email protected][/EMAIL]25.com; Sat, 29 Oct 2016 10:05:42 -0600
Received: from 75.171.189.180 ([75.171.189.180])
        (SquirrelMail authenticated user puetzus)
        by 45.xx.xx.xxx with HTTP;
        Sat, 29 Oct 2016 10:05:42 -0600
Message-ID: <[email protected]>
Date: Sat, 29 Oct 2016 10:05:42 -0600
Subject: 
From: "MyName Puetz" <[email protected]>
To: [EMAIL][email protected][/EMAIL]25.com
User-Agent: SquirrelMail/1.5.2 [SVN]
MIME-Version: 1.0
Content-Type: text/plain;charset=utf-8
Content-Transfer-Encoding: 8bit
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - host02.hostname.net
X-AntiAbuse: Original Domain - verifier.port25.com
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - domain.com
X-Get-Message-Sender-Via: host02.hostname.net: authenticated_id: puetzus/from_h
X-Authenticated-Sender: host02.hostname.net: [EMAIL][email protected][/EMAIL]
X-Source: 
X-Source-Args: 
X-Source-Dir:
 
Last edited by a moderator:

nsusa

Well-Known Member
Jun 30, 2004
92
1
158
Colorado, USA
No success unfortunately. My ip address is not black-listed anywhere. Even had a managed services provider look at it and it all seems to be configured fine. Not sure what is missing.
 

nsusa

Well-Known Member
Jun 30, 2004
92
1
158
Colorado, USA
So, some small success. I think I am Ok now. Maybe this information helps others.

Looked the SPF record and this is how it looked like:

"v=spf1 +a +mx +ip4:45.32.xx.xx +ip4:45.32.xx.xx ~all"
Apparently the "+mx" causes problems with the SPF lookup from 3rd parties. It seems like since no MX record is specified that the entire lookup query goes bad and times out.

Authentication-Results: spf=temperror (sender IP is 45.32.xx.xx)
smtp.mailfrom=mydomain.com; hotmail.com; dkim=timeout (key query timeout)
header.d=mydomain.com;hotmail.com; dmarc=temperror action=none
header.from=mydomain.com;
Updated the SPF record removing the "+mx"

"v=spf1 +a +ip4:45.32.xx.xx +ip4:45.32.xx.xx ~all"
And now Outlook.com shows this:

Authentication-Results: spf=pass (sender IP is 45.32.xx.xx)
smtp.mailfrom=mydomain.com; hotmail.com; dkim=pass (signature was verified)
header.d=mydomain.com;hotmail.com; dmarc=pass action=none header.from=mydomain.com;
Outlook still moves messages into the junk folder, but this could be due to my IPs having no history/reputation build-up yet. Gmail shows clean email headers and all as pass (SPF, DKIM, dmarc). So, I think this could have been due to how cpanel/WHM creates the SPF records, but when you use an IP address and not an actual MX record.
 
  • Like
Reactions: cPanelMichael

Toni La

Registered
Dec 29, 2016
3
0
1
Oslo
cPanel Access Level
Root Administrator
Maybe it's not good to reply on a old topic, but I have the same problem.

Now changed SPF record and removed the "+mx"

Code:
"v=spf1 +a +ip4:91.xxx.xx.xx ~all"
I have PRT, SPF, DKIM and DMARC all passed everywhere. And changed Now I have the following when I send email to Outlook.

Code:
Authentication-Results: spf=pass (sender IP is 91.xx.xxx.xx)
 smtp.mailfrom=mydomain.com; outlook.com; dkim=pass (signature was verified) 
header.d=mydomain.com;outlook.com; dmarc=pass action=none  header.from=mydomain.com;
Received-SPF: Pass (protection.outlook.com: domain of mydomain.com  designates 91.xx.xxx.xx as permitted sender)
But the problem still goes to junk folder when I send to outlook.com

Gmail, Yahoo working fine, all direct going into inbox without any problem.