0

So, our company uses Google Apps for it's email hosting (aming other things), however something very strange occurs pretty regularly- email messages sent from external MTAs (i.e. tampabay.rr.com, T-Mobile's Blackberry e-mail service, a notification service sent by an external company that a company we have a contract with, etc.) sometimes take several hours to deliver into some of our mailboxes.

Is there any reason this happens regularly? I have verified myself that our MX records match what Google says they should be. Is there anything that I'm missing, perhaps?

Robert Butler
  • 1
  • 2

1 Answers1

1

No, you're not missing anything.

You may find that Google is doing greylisting behind the scenes. I know from personal experience that Road Runner (rr.com) is notorious for allowing spammers on their network. So Google may be forcing the MTAs to resend the messages with a specific timeout.

  • If the "external" mail servers are always the same, adding them in an SPF record about your domain. – adamo Nov 06 '10 at 19:30
  • But it's not just rr.com, and isn't all the time. We receive automated email from a company called Laker Software, and they have email notifications whenever we submit .csv files to them and they get processed Those queue up for sometimes half a day, and then I'll sometimes get a batch of 60 emails for that exact duration. – Robert Butler Nov 06 '10 at 19:31
  • @adamo Eh? Say what now? – Robert Butler Nov 06 '10 at 19:33
  • I was using rr.com as an example, but check with Laker Software that there isn't an SPF issue with your domain. You may be greylisted yourself in some RBL. –  Nov 06 '10 at 19:35
  • @Randolph Thanks. How would I find out if we've been greylisted? And more importantly, how would we become un-greylisted? (if indeed that is the case) – Robert Butler Nov 06 '10 at 19:39
  • @Robert Butler: I do not know your domain. Depending on how you've setup its DNS settings, it may or may not include an SPF record that has Google's mail servers in it. If it has an SPF record, then you have to include every server that sends mail for this domain in the record. If you do not have an SPF record, creating one that includes Google's mail servers and the other sending servers that you are using may help in improving your delivery times. See Google's help page on SPF also http://www.google.com/support/a/bin/answer.py?hl=en&answer=33786 – adamo Nov 06 '10 at 20:02
  • I checked their SPF records, and they appear to be valid. – Robert Butler Nov 06 '10 at 20:28
  • @adamo Nobody but our servers "sends mail for this domain." (in our case, hpprx.com) – Robert Butler Nov 06 '10 at 20:39
  • There seems to be a problem with your DNS setup. www.openspf.org does not see any MX records (nor do I querying from OpenDNS) but Google seems to see it (but without TXT/SPF records). – adamo Nov 06 '10 at 20:59
  • I would recommend an SPF record like "v=spf1 include:aspmx.googlemail.com a a:tampabay.rr.com ~all" that includes all servers that send email on behalf of this domain – adamo Nov 06 '10 at 21:04
  • then openspf.org is broken, and so is opendns. – Robert Butler Nov 06 '10 at 21:51
  • When I do a `dig hpprx.com mx` from my server, I don't see any of that. I find it unlikely, then, that both openspf.org and opendns are broken. I wish I could help more. –  Nov 06 '10 at 22:00
  • dig hpprx.com mx @65.32.1.65 gives me that. – Robert Butler Nov 06 '10 at 22:05
  • and I just verified this with 5 different pairs of nameservers. Those records exist. – Robert Butler Nov 06 '10 at 22:10