email marked as spam even with DKIM, SPF and DMARC headers

1

1

I've configured a Postfix + Dovecot email server. I took care of SPF, DKIM, DMARC and added appropriate headers to the message. I haven't used the machine for 2 years, so it can't be blacklisted from previous users. For reasons unknown to me, my email still gets marked as spam by gmail. This is the source of the mail, as seen by gmail client. I stripped away some of the very long unique ids and IPs, to make it more readable.

Delivered-To: targetemailaddress@gmail.com
Received: by IPv6_here with SMTP id s12csp565193ios;
        Fri, 1 Feb 2019 07:45:41 -0800 (PST)
X-Google-Smtp-Source: someuniquestring
X-Received: by 2002:a63:6c48:: with SMTP id h69mr34585542pgc.139.1549035941764;
        Fri, 01 Feb 2019 07:45:41 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1549035941; cv=none;
        d=google.com; s=arc-20160816;
        b=verylongstringhere==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=date:message-id:content-transfer-encoding:mime-version:reply-to
         :from:sender:subject:to:dkim-signature:dkim-filter;
        bh=somelongstring=;
        b=verylongstringhere2==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@mycustomdomain.com header.s=201901 header.b=qCd3nM9G;
       spf=pass (google.com: domain of support@mycustomdomain.com designates IPv6_here_2 as permitted sender) smtp.mailfrom=support@mycustomdomain.com;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=mycustomdomain.com
Return-Path: <support@mycustomdomain.com>
Received: from mycustomdomain.com (mycustomdomain.com. [IPv6_here_2])
        by mx.google.com with ESMTPS id k91si7726103pld.283.2019.02.01.07.45.41
        for <targetemailaddress@gmail.com>
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Fri, 01 Feb 2019 07:45:41 -0800 (PST)
Received-SPF: pass (google.com: domain of support@mycustomdomain.com designates IPv6_here_2 as permitted sender) client-ip=IPv6_here_2;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@mycustomdomain.com header.s=201901 header.b=qCd3nM9G;
       spf=pass (google.com: domain of support@mycustomdomain.com designates IPv6_here_2 as permitted sender) smtp.mailfrom=support@mycustomdomain.com;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=mycustomdomain.com
Received: by mycustomdomain.com (Postfix, from userid 48)
    id 743B95C468; Fri,  1 Feb 2019 16:46:12 +0100 (CET)
DKIM-Filter: OpenDKIM Filter v2.11.0 mycustomdomain.com 743B95C468
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mycustomdomain.com;
    s=201901; t=1549035972;
    bh=somelongstring=;
    h=To:Subject:From:Reply-To:Date:From;
    b=vverylongstringhere3==
To: targetemailaddress@gmail.com
Subject: Update on the files
Sender: Support Team <support@mycustomdomain.com>
From: Support Team <support@mycustomdomain.com>
Reply-To: Support Team <support@mycustomdomain.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Message-Id: <20190201154612.743B95C468@mycustomdomain.com>
Date: Fri,  1 Feb 2019 16:46:12 +0100 (CET)

You start as a beginner and then you make it to the end.

I strongly feel that my problem has to do with inadequate headers. What headers should I add or change? I am not sure what else should I do..

sanjihan

Posted 2019-02-01T18:21:42.230

Reputation: 571

Answers

0

Looking at that email, Id imagine Giogle us objecting to the content - as a mail admin that looks spammy to me 

 * Generic from
 * Generic subject with bad Englush Grammer
 * Short content with generic text and bag grammer
 * Subject line talks about file (trying to trick you into installing malware?)

It is unclear if this is a new domain, but sending stuff from a new domain is also more likely to be spam.

davidgo

Posted 2019-02-01T18:21:42.230

Reputation: 49 152

Thanks! It's not a new domain, but it never sent mail so far. So I should use: user account with a human name, use different test subject. I also tried with longer body, but was still thrown under the bus. – sanjihan – 2019-02-01T18:58:22.280

0

Even though you claim you've never sent email from that server, it doesn't mean email wasn't sent from there, either in the past, through an open relay, a virus or rogue program, etc.

I would point you in 2 directions:

  1. Check that the IP isn't blacklisted. Google for "blacklist check" and see what online tools are at your disposal
  2. Check the spam rating of your email. Google for "spam check email". What you'll find is that there are services where you can send them a sample email, and minutes later a report will arrive at your inbox with a spam score assigned, as well as recommendations to improve your score.

Luis Alberto Barandiaran

Posted 2019-02-01T18:21:42.230

Reputation: 225

Asked: 2019-02-01T18:21:42.230

Viewed: 148 times

Active: 2019-04-16T17:17:57.170