-3

a friend of mine is running a contact form on a website which sends the e-mails through the PHP mail() function (CMS used is Contao). The e-mails are sent without a problem to other recipients, so neither the CMS itself or the server responsible for sending are the problem. However, the two e-mails that these messages are actually supposed to be sent to, are run through Exchange Online (Office 365). It seems like there is some kind of protection going on that blocks these e-mails. Every other e-mail from actual mail clients goes through. I couldn't find any setting in the Exchange AC regarding to this.

Here are the email headers from the contact form messages (sent a message from the contact form to another e-mail, where, again, it is received just fine):

Return-Path: <info@rechtsanwaelte-brauer.de>
Delivered-To: hello@max-krause.com
Received: from premium31.web-hosting.com
    by premium31.web-hosting.com with LMTP id UBwiOpOw0VsKMAwAmYe65g
    for <hello@max-krause.com>; Thu, 25 Oct 2018 08:01:23 -0400
Return-path: <info@rechtsanwaelte-brauer.de>
Envelope-to: hello@max-krause.com
Delivery-date: Thu, 25 Oct 2018 08:01:23 -0400
Received: from u230.lrnc.net ([77.232.241.23]:47206)
    by premium31.web-hosting.com with esmtp (Exim 4.91)
    (envelope-from <info@rechtsanwaelte-brauer.de>)
    id 1gFeKJ-003PuQ-PW
    for hello@max-krause.com; Thu, 25 Oct 2018 08:01:23 -0400
Received: by u230.lrnc.net (Postfix, from userid 10020)
    id 15D73C46B8; Thu, 25 Oct 2018 14:01:03 +0200 (CEST)
To: nicole.darmstadt@gmail.com, info@rechtsanwaelte-brauer.de, nicole.brauer@rechtsanwaelte-brauer.de, webmaster@up-hill.de, cj@junglas.com, hello@max-krause.com
Subject: Nachricht =?utf-8?Q?=C3=BCber?= die Webseite
Message-ID: <df7341d6b1d12752e351cd238854774a@www.brauer-rechtsanwaeltin.de>
Date: Thu, 25 Oct 2018 12:01:02 +0000
From: info@rechtsanwaelte-brauer.de
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Priority: 3 (Normal)
X-Mailer: Contao Open Source CMS

Could anyone point me to where the problem might be?

Maximilian Krause
  • 121
  • 1
  • 5
  • 2
    Please don't censor the domains and IPs. They may be the most relevant bits if one has a bad reputation or is on a blacklist. – ceejayoz Oct 25 '18 at 12:59
  • 1
    Possible duplicate of [How to send emails and avoid them being classified as spam?](https://serverfault.com/questions/48428/how-to-send-emails-and-avoid-them-being-classified-as-spam) – kasperd Oct 25 '18 at 13:09
  • @ceejayoz Sorry about that. Uncensored them. I'm certain that the IP is not on any blacklist though. – Maximilian Krause Oct 25 '18 at 13:10
  • Are you getting a bounce message? – Colt Oct 25 '18 at 13:14

1 Answers1

3

I verified if your email would be permitted by the SPF records on the domain. I used the Python spf module to do so. Here is the result:

>>> import spf
>>> spf.query('77.232.241.23', 'info@rechtsanwaelte-brauer.de', 'u230.lrnc.net').check()
('fail', 550, 'SPF fail - not authorized')
>>>

As you can see using the information from your email header, the email would have been rejected by a sender verifying SPF. 77.232.241.23 is not permitted to send emails from the domain rechtsanwaelte-brauer.de.

Changing your SPF record from

v=spf1 include:spf.protection.outlook.com -all

to

v=spf1 ip4:77.232.241.23 include:spf.protection.outlook.com -all

should help. Remember to find out what your IPv6 address is and include that as well.

kasperd
  • 29,894
  • 16
  • 72
  • 122
  • 1
    Makes sense. I've changed the TXT entry to include the IPv4, my score on mail-tester.com went from 5.1 to 8.1 already. Yet, e-mails still don't seem to go through where they belong. Probably I'll have to wait until the DNS settings have taken effect completely, then I'll check again if this was the solution. Thanks so far though! – Maximilian Krause Oct 25 '18 at 13:50
  • Now the score has went down from 8.1 to 5.1 again. mail-tester.com suggests me to change the SPF record to `v=spf1 a mx ip4:77.232.241.23 ~all`. Does that make sense? I haven't initially setup the website and the domain/mail settings, so I'm not aware if I can simply remove the `include:spf.protection.outlook.com` from it. – Maximilian Krause Oct 25 '18 at 14:05
  • You'll want to keep the Outlook part in there. It's likely Mail Tester just doesn't know that's part of your infrastructure. You can add the `a mx` bit but I doubt it'll make a huge impact. – ceejayoz Oct 25 '18 at 14:06
  • @ceejayoz There are some non-intuitive consequences when adding `a` or `mx`, so I'd leave them out if they aren't strictly needed. – kasperd Oct 25 '18 at 14:10
  • I left the SPF record as you suggested now. SpamAssassin now gives me a SPF_PASS too, the DNS propagated successfully, got a 9/10 score now. The problem persists though. Too bad, thanks anyways. – Maximilian Krause Oct 25 '18 at 14:22