Facebook
Twitter
-
If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
CentOS2Alma discussion
Question All outgoing emails go to spam
Its a long time ago i created this thread and would be good i would rewrite everything with acutal information etc. (at the moment i have an opened ticket on plesk support, but its a good while open now - if someone already know the answer we could speed up)
So, i have a single IP and on this ip im running several domains. Each domain has now an own subscription.
My first domain im naming now domain1.com, my second domain2.com.
Now i have configurad a subdomain fqdn as my server hostname = "vps.domain1.com" and i have configurad a mail hostname as "mail.domain1.com". Both domains should run over the mailhostname i mentioned above.
So i have configured my dns:
mail.domain1.com A MYIPV4
mail.domain1.com AAAA MYIPV6
domain1 MX mail.domain1.com
On my second domain:
domain2 MX mail.domain1.com
rdns pointing to mail.domain1.com
currently my /etc/vhosts is pointing to
vps.domain1.com
I have set up dkim,spf and dmarc correctly and it's passing withouth problems, excpect sent over mail() because of current plesk bug, but for my tests im using Thunderbird configured like:
Imap: mail.domain1.com 993 SSL/TLS
Smtp: mail.domain1.com 465 SSL/TLS
for a domain1 and domain2 mail Adress.
DNS-Zones are running and im not in any blacklist tried on several tools like multirbl.valli.org and more. Im also passing tests from mxtoolbox, mail-tester 10/10 and DnsStuff.
My mail certificat is configurad as mail.domain1.com.
/etc/postfix/main.cf:
Code:
smtpd_banner = $myhostname ESMTP
biff = no
smtpd_tls_cert_file = /etc/postfix/postfix.pem
smtpd_tls_key_file = $smtpd_tls_cert_file
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = mail.domain1.com
alias_maps = hash:/etc/aliases, hash:/var/spool/postfix/plesk/aliases
alias_database = hash:/etc/aliases
myorigin = localhost # i tried different things
mydestination = localhost, localhost.localdomain
relayhost =
mynetworks =
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
virtual_mailbox_domains = $virtual_mailbox_maps, hash:/var/spool/postfix/plesk/virtual_domains
virtual_alias_maps = $virtual_maps, hash:/var/spool/postfix/plesk/virtual
virtual_mailbox_maps = , hash:/var/spool/postfix/plesk/vmailbox
transport_maps = , hash:/var/spool/postfix/plesk/transport
smtpd_tls_security_level = may
smtp_tls_security_level = may
smtp_use_tls = no
smtpd_timeout = 3600s
smtpd_proxy_timeout = 3600s
disable_vrfy_command = yes
smtpd_sender_restrictions = check_sender_access hash:/var/spool/postfix/plesk/blacklists, permit_sasl_authenticated
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_rbl_client b.barracudacentral.org
smtp_send_xforward_command = yes
smtpd_authorized_xforward_hosts = 127.0.0.0/8 [::1]/128
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
virtual_mailbox_base = /var/qmail/mailnames
virtual_uid_maps = static:30
virtual_gid_maps = static:31
#smtpd_milters = , inet:127.0.0.1:12768 inet:127.0.0.1:12345
sender_dependent_default_transport_maps = hash:/var/spool/postfix/plesk/sdd_transport_maps
virtual_transport = plesk_virtual
plesk_virtual_destination_recipient_limit = 1
mailman_destination_recipient_limit = 1
virtual_mailbox_limit = 0
smtpd_tls_ciphers = medium
smtpd_tls_mandatory_ciphers = medium
tls_medium_cipherlist = HIGH:!aNULL:!MD5
smtpd_tls_mandatory_protocols = TLSv1 TLSv1.1 TLSv1.2
smtpd_tls_protocols = TLSv1 TLSv1.1 TLSv1.2
milter_connect_macros = j {daemon_name} {client_connections} {client_addr} {client_ptr} v
milter_default_action = accept
message_size_limit = 10240000
#clamav
milter_default_action = accept
milter_protocol = 6
smtpd_milters = inet:127.0.0.1:12768, inet:127.0.0.1:12345, inet:127.0.0.1:3381
non_smtpd_milters = inet:127.0.0.1:12345, inet:127.0.0.1:3381/etc/postfix/master.cf:
Code:
smtp inet n - y - - smtpd
cleanup unix n - y - 0 cleanup
tlsmgr unix - - y 1000? 1 tlsmgr
rewrite unix - - y - - trivial-rewrite
bounce unix - - y - 0 bounce
defer unix - - y - 0 bounce
trace unix - - y - 0 bounce
verify unix - - y - 1 verify
flush unix n - y 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - y - - smtp
relay unix - - y - - smtp
showq unix n - y - - showq
error unix - - y - - error
retry unix - - y - - error
discard unix - - y - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - y - - lmtp
anvil unix - - y - 1 anvil
scache unix - - y - 1 scache
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe flags=R user=list:list argv=/usr/lib/plesk-9.0/postfix-mailman ${nexthop} ${user} ${recipient}
plesk_virtual unix - n n - - pipe flags=DORhu user=popuser:popuser argv=/usr/lib/plesk-9.0/postfix-local -f ${sender} -d ${recipient} -p /var/qmail/mailnames
pickup fifo n - - 60 1 pickup
qmgr fifo n - n 1 1 qmgr
smtps inet n - - - - smtpd -o smtpd_tls_wrappermode=yes
plesk_saslauthd unix y y y - 1 plesk_saslauthd status=5 listen=6 dbpath=/plesk/passwd.db
plesk-vmixxxx.contaboserver.net-173.xxx.xxx.xxx-2a02-xxxx-xxxx-xxxxx--1 unix - n n - - smtp -o smtp_bind_address=173.xxx.xxx.xxx -o smtp_bind_address6=2a02:xxxx:xxxx:xxxx::1 -o smtp_address_preference=ipv4 -o smtp_helo_name=mail.domain1.com
plesk-domain1.com-173.xxx.xxx.xxx-2a02-xxxx-xxxx-xxxxx--1 unix - n n - - smtp -o smtp_bind_address=173.xxx.xxx.xxx -o smtp_bind_address6=2a02:xxxx:xxxx:xxxx::1 -o smtp_address_preference=ipv4 -o smtp_helo_name=mail.domain1.com
plesk-domain2.com-173.xxx.xxx.xxx-2a02-xxxx-xxxx-xxxxx--1 unix - n n - - smtp -o smtp_bind_address=173.xxx.xxx.xxx -o smtp_bind_address6=2a02:xxxx:xxxx:xxxx::1 -o smtp_address_preference=ipv4 -o smtp_helo_name=mail.domain1.com
Last edited:
Then in the headers sending mail from domain2 adress over thunderbird:
There is following line:
Authentication-Results: vps;
spf=pass (sender IP is 79.xx.xx.x) [email protected] smtp.helo=[192.168.1.31]
Received-SPF: pass (vps: connection is authenticated)
On debugging from syslog i got:
14:32:17 vps postfix/smtp[16269]: plesk-domain2.com-173.xxx.xxx.xxx-2a02-xxxx-xxxx-xxxx--1 socket: wanted attribute: log_helo_name
14:32:17 vps postfix/smtp[16269]: input attribute name: log_helo_name
14:32:17 vps postfix/smtp[16269]: input attribute value: [192.168.1.31]
and
14:32:17 vps postfix/smtp[16269]: plesk-domain2.com-173.xxx.xxx.xxx-2a02-xxxx-xxxx-xxxx--1 socket: wanted attribute: sasl_username
14:32:17 vps postfix/smtp[16269]: input attribute name: sasl_username
14:32:17 vps postfix/smtp[16269]: input attribute value: myfull.name@domain1.com
This might be the problem because my mails end up in spam.
Code:
Delivered-To: [email protected]
Received: by 10.46.134.4 with SMTP id a4csp771996lji;
Fri, 13 Apr 2018 07:13:38 -0700 (PDT)
X-Google-Smtp-Source: AIpwx4+gg3FyCJXzqhXiRoECcAozqHXDqTrUUi9FEC3qL9DzA63gDFGn6rt8i74rQEdUxfWo9loa
X-Received: by 10.28.146.200 with SMTP id u191mr3724458wmd.115.1523628818277;
Fri, 13 Apr 2018 07:13:38 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1523628818; cv=none;
d=google.com; s=arc-20160816;
b=...
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
h=content-transfer-encoding:mime-version:user-agent:date:message-id
:subject:from:to:dkim-signature:arc-authentication-results;
bh=jkYhN5eG70Kk/sFVzVJcKR3X2zwf3jR4Ui9PYcA/0b0=;
b=...
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass [email protected] header.s=default header.b=..;
spf=pass (google.com: domain of [email protected] designates 173.xxx.xxx.xxx as permitted sender) [email protected];
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=domain2.com
Return-Path: <[email protected]>
Received: from mail.domain1.com (mail.domain1.com. [173.xxx.xxx.xxx])
by mx.google.com with ESMTPS id x7si1327159wmc.218.2018.04.13.07.13.37
for <[email protected]>
(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Fri, 13 Apr 2018 07:13:38 -0700 (PDT)
Received-SPF: pass (google.com: domain of [email protected] designates 173.xxx.xxx.xxx as permitted sender) client-ip=173.xxx.xxx.xxx;
Authentication-Results: mx.google.com;
dkim=pass [email protected] header.s=default header.b=..;
spf=pass (google.com: domain of [email protected] designates 173.xxx.xxx.xxx as permitted sender) [email protected];
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=domain2.com
Received: from [192.168.1.31] (host1-xxxxxxx.business.telecomitalia.it [79.xx.xx.x])
by mail.domain1.com (Postfix) with ESMTPSA id 75C218602A5
for <[email protected]>; Fri, 13 Apr 2018 16:13:37 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=domain2.com;
s=default; t=1523628817;
bh=jkYhN5eG70Kk/sFVzVJcKR3X2zwf3jR4Ui9PYcA/0b0=; l=3;
h=To:From:Subject;
b=...
Authentication-Results: vps;
spf=pass (sender IP is 79.xx.xx.x) [email protected] smtp.helo=[192.168.1.31]
Received-SPF: pass (vps: connection is authenticated)
To: myname <[email protected]>
From: Info BLA <[email protected]>
Subject: a
Message-ID: <[email protected]>
Date: Fri, 13 Apr 2018 16:13:36 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101
Thunderbird/52.7.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
X-PPP-Message-ID: <[email protected]>
X-PPP-Vhost: domain1.com
X-Virus-Scanned: clamav-milter 0.99.4 at vps
X-Virus-Status: CleanThere is following line:
Authentication-Results: vps;
spf=pass (sender IP is 79.xx.xx.x) [email protected] smtp.helo=[192.168.1.31]
Received-SPF: pass (vps: connection is authenticated)
On debugging from syslog i got:
14:32:17 vps postfix/smtp[16269]: plesk-domain2.com-173.xxx.xxx.xxx-2a02-xxxx-xxxx-xxxx--1 socket: wanted attribute: log_helo_name
14:32:17 vps postfix/smtp[16269]: input attribute name: log_helo_name
14:32:17 vps postfix/smtp[16269]: input attribute value: [192.168.1.31]
and
14:32:17 vps postfix/smtp[16269]: plesk-domain2.com-173.xxx.xxx.xxx-2a02-xxxx-xxxx-xxxx--1 socket: wanted attribute: sasl_username
14:32:17 vps postfix/smtp[16269]: input attribute name: sasl_username
14:32:17 vps postfix/smtp[16269]: input attribute value: myfull.name@domain1.com
This might be the problem because my mails end up in spam.
Hi
Doesn't look like a configuration issue to me but rather like a blacklisting problem: Please have a look at the error message you get from the Hotmail server:
"Unfortunately, messages from 173.XXX.XXX.XXX MYSERVERIP weren't sent. Please contact your Internet service provider since part of their network is on our block list"
This means that your IP address is part of a blocked network part, maybe due to spam or other abuse or a bad reputation. There is not much you can do about this, ask your service provider to take care of it. Microsoft has their own blacklisting system, your service provider can retrieve information about blacklisted IP ranges at Hotmail/Outlook.com here: Smart Network Data Services
There are many other blacklists, please check if your IP is on any other list: MultiRBL.valli.org - Blacklist, Whitelist and FCrDNS check tool
So before you continue to debug your configuration I'd suggest you make sure that your IP is not on a blacklist anywhere.
Doesn't look like a configuration issue to me but rather like a blacklisting problem: Please have a look at the error message you get from the Hotmail server:
"Unfortunately, messages from 173.XXX.XXX.XXX MYSERVERIP weren't sent. Please contact your Internet service provider since part of their network is on our block list"
This means that your IP address is part of a blocked network part, maybe due to spam or other abuse or a bad reputation. There is not much you can do about this, ask your service provider to take care of it. Microsoft has their own blacklisting system, your service provider can retrieve information about blacklisted IP ranges at Hotmail/Outlook.com here: Smart Network Data Services
There are many other blacklists, please check if your IP is on any other list: MultiRBL.valli.org - Blacklist, Whitelist and FCrDNS check tool
So before you continue to debug your configuration I'd suggest you make sure that your IP is not on a blacklist anywhere.
Thanks for your answer, im not in any Blacklist. I have checked several tools and MultiRBL.valli.org is one of it.
I have also asked here:
https://support.microsoft.com/en-us...rt_1.0.0.0&wfname=capsub&productkey=edfsmsbl3
Yahoo - login
Report a delivery problem between your domain and Gmail - Gmail Help
From Microsoft support i recieved:
Your IP is not qualified for mitigation....
From Yahoo i recieved many links and many blabla (spf, dkim, dmarc). After some mails they told me im not blocked by there service and they couldnt do anything. But my mails end up in spam oO. Just with an extrem long body they go through, but only on Yahoo.
Google did not even answered.
Attachments
Last edited:
Hmmm this sounds to me like: Yes, your IP is on a blocklist but we won't remove it.
Anyway, you should try to bypass Plesk and Postfix and send a mail directly via telnet to port 25 of the destination MX:
1) Lookup the MX of a mail recipient, for example:
# dig hotmail.com MX
2) Then, follow the steps outlined here to manually send a mail without using Plesk/Postfix:
TCP Port 25 (smtp) Zugriff mit telnet überprüfen – Thomas-Krenn-Wiki
or
Sending or viewing emails using telnet - Media Temple
If your mail is still rejected then it's definitely a problem with your IP / IP range reputation.
Additionaly i had to use auth login base64 encoded because plesk by default does not permit a open relay (can choose closed or authenticated - wich is good so).
The mail end up in spam still on my outlook.com mail, used ehlo = mailserver (mail.domain1.com).
So, you did the test with telnet to port 25 of the MX server and your mail was still delivered to the junk folder?
=> Not a Plesk/Postfix problem. Hotmail/Outlook doesn't like your IP or IP range. Ask you service provider for help.
Please also make sure that your IP address has a consistent PTR DNS entry. Your IP should have a PTR (only 1) that resolves to yourhostname.domain.tld and yourhostname.domain.tld should resolve back to this IP again
Yes i did, just a bit different because i have to do a "auth login".
My rDNS resolves to mail.domain1.com and in my dns settings for domain1 i have an a and aaaa record wich resolves to the ip adress. mail.domain1.com A 173.xxx.xxx.xxx.
The rDNS is not my serverhostname but the mailserverhostname (for short time i split both). [/etc/vhosts entrys are for vps.domain1.com] [main.cf has mail.domain1.com]
The MX is on all domains the same = mail.domain1.com.
As example on dns settigns for domain2 my mx is mail.domain1.com.
I don't quite understand why you had to do auth login. You simply connect to the _remote_ MX server (example: outlook-com.olc.protection.outlook.com) on port 25 and do the sequence HELO, MAIL FROM, RCPT TO, DATA as described in the link I've sent to send a mail to outlook.com.
Ah i tought i should connect to my server. Well with:
telnet outlook-com.olc.protection.outlook.com 25
ehlo outlook-com.olc.protection.outlook.com
mail from: [email protected]
rcpt to: [email protected]
data
....
It end up in spam too.
There you have it. So it's most likely not a problem of your server or the software on the server. It's the IP (our your IP range) that causes you the problems.
One last thing you should check before you ask your service provider for help: Does your sender domain ("domain1.com") have an SPF record?
Please check the output of "dig domain1.com TXT" and check if you have an SPF record. If there is an SPF record then you should make sure that the IP of your server is listed there (some help is available here: Sender Policy Framework (SPF) Record Lookup - SPF Check - MxToolBox).
If you don't have any SPF record then I'd say it's about time you ask your ISP for help....It's not a problem that can be solved here in the Plesk forums.
Good luck!
Hmm im not sure about that. If i do exactly the same with my gmail mail this end up in spam too.
If i send it normal it wont end up in spam.
It has nothing to do what im sending... Its completly new Ip and new server, wich i have said in the first post. Until now we almost just have delivered local messages from @domain1 to @domain1. Because of that i cleared my first posts (and those informations are outdated too [from october i did a lot in this months]). No matter if Pyzer marked my subject/body with "test" or what ever was there because it would add just ~1-2 points from 5 to get catched up by spam assassine and i have sent in this whole half year more messages then "test".
Where exaclty my ip is blacklisted ? I checked ~5 different tools and asked for removal/whitelist on sites you probably dont even know.
Last edited:
Similar threads
Question
mails that get lost
