Skip to main content

Why is outbound email from my Mail Server marked as spam by Receiving Mail Servers?

It is extremely common for computer network engineers to utilize internal DNS Servers for managing private/internal processes while using external DNS for managing public/external processes on the internet.  For example, clients/servers on a private network are managed using an internal DNS while public websites on the internet are managed using the external DNS provided by a web hosting company.  It is also extremely common for customers of web hosting companies to use internal mail servers within their organizations to send outbound email.  In order for outbound email originating from an internal mail server to properly route on the internet, they must first have a Reverse DNS Entry also called an A Record for their internal mail server.  Secondly, they must have an SPF/TXT Record in order to meet the requirements of the Sender Policy Framework.

The Sender Policy Framework also called Sender ID establishes that the originating internal mail server sending the email is the authorized mail server for the sending domain.  When a receiving mail server receives an email, it performs a DNS Lookup of both the A Record and the SPF/TXT Record of the sending mail server.  It does this in order to determine the Purported Responsible Address (PRA) for the email.  The PRA determines if the received email will route to the receiving party's Inbox folder or the Spam/Junk Mail folder. When the PRA process is performed, the message header of the email is stamped with the Received-SPF value of PASS, NEUTRAL or FAIL.  A ruleset within the receiving mail server then routes the email based upon the Received-SPF value.  The majority of email service providers now utilize this process for all incoming email. 

As the likely registrar and primary DNS for your domain, your web hosting company should provide you with a Control Panel which allows you to add the appropriate DNS entries for your domain.  Without this capability in place, your email will likely continue to be marked as Spam/Junk Mail.

  • Reverse DNS Entry.  An A Record which resolves the Hostname to the IP Address of your internal mail server.

  • The SPF/TXT Record.  Example: v=spf1 ptr ip4:63.0.0.1 -all

To insure that your outbound email is not marked as spam, you may also be interested in implementing DomainKeys.  DomainKeys involves adding two TXT Records to your DNS.

Further information regarding email transport issues can be located here.

http://www.smartnetadmin.com
Labels:

Comments

Post a Comment

Popular posts from this blog

Access Denied (policy_denied). Your system policy has denied access to the requested URL. For assistance, contact your network support team.

While browsing the internet, you may encounter the message: "Access Denied (policy_denied).  Your system policy has denied access to the requested URL.  For assistance, contact your network support team."   This message indicates the internet traffic is being filtered.  The most common source of an internet traffic filter is in corporate environments that use a proxy server or a firewall appliance designed to filter web traffic.  Some businesses are configured as satellite locations using a VPN tunnel.  In these configurations, the VPN may be configured to filter internet traffic.  In rare instances, the Internet Service Provider is filtering internet traffic.  Typically though, your IT Department or a Network Management Team has configured your internet traffic to be filtered.  Isolating Source of Web Filtering In an environment that is unmanaged and the source of the filtering is unknown, following are some steps you may wish to peform: Th...
3 comments
Read more

How do you stop an unstoppable Windows Service?

You may encounter a Windows Service in Services that has the buttons for Start, Stop, Pause and Resume greyed out.  If you attempt to stop the Service using sc stop [servicename], you encounter the error message: "The requested control is not valid for this service."  To resolve this issue, please perform the following steps: Click Start - Control Panel - Administrative Tools - Services. Double-click the relevant Service. Change the Service Start-Up Type to Disabled. Click Apply. Click OK. Hit CTRL-ALT-DEL on your keyboard. Select Task Manger. Perform an End Task on the relevant Service. This issue has been resolved. http://www.smartnetadmin.com
Post a Comment
Read more

The L2TP connection attempt failed because the security layer encountered a processing error during initial negotiations with the remote computer.

You may encounter the following error message when using the L2TP/IPSec VPN Client that is native to the Windows Operating System: "The L2TP connection attempt failed because the security layer encountered a processing error during initial negotiations with the remote computer."  This error message typically occurs when you are using the wrong Pre-Shared Key for your L2TP VPN.  This error message can occur when other components of your configuration are incorrect but the first thing to confirm is that you are using the correct Pre-Shared Key. If you are using the wrong Pre-Shared Key, the L2TP VPN connection will say Connecting for a long period of time and then display the error message: "The L2TP connection attempt failed because the security layer encountered a processing error during initial negotiations with the remote computer." If you are using the wrong username or password, the L2TP VPN will immediately respond with: "The remote connection was denied b...
1 comment
Read more