Re: [mailop] Feedback Loop in Gmail Postmaster tools does not show anything
Hi Brandon, On 6/4/21 8:56 PM, Brandon Long via mailop wrote: Generally speaking, when the dashboard shows you no data, there isn't enough data to show you. There are minimum levels of data required before it shows you anything in order not to be gamed or make it easy to find out specific accounts that are involved. I don't remember off the top of my head, but I think it's either 100 or 500 different accounts in the bucket you're looking at before there is data to be shown to you. Ie, the answer is never "one recipient". Thank you for this insight. This explains why the more general dashboards showed something (we might've just reached the threshold), while the 'Feedback-ID' which might allow to pinpoint specific senders / recipients in more detail did not show anything (our general volume is spread across too many different feedback identifiers for any of them to cross the threshold). (it's been years since I've looked at the code and it's possible things have changed, so take it with a grain of salt) Understood. I don't care about exact numbers or details. Your reply sufficiently confirmed that it's likely we're doing the 'Feedback-ID' correctly and the volume just wasn't large enough. Best regards Tim Düsterhus Postmaster WoltLab GmbH -- WoltLab GmbH Nedlitzer Str. 27B 14469 Potsdam Tel.: +49 331 96784338 duester...@woltlab.com www.woltlab.com Managing director: Marcel Werk AG Potsdam HRB 26795 P ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Feedback Loop in Gmail Postmaster tools does not show anything
On Fri, Jun 4, 2021 at 6:31 AM Tim Düsterhus, WoltLab GmbH via mailop < mailop@mailop.org> wrote: > Hi Jaroslaw > > On 6/3/21 10:47 PM, Jaroslaw Rafa via mailop wrote: > >> Does anyone of you have practical experience with Google's feedback > >> loop mechanism and might be able to identify if we are doing > >> anything wrong or if it's just the low volume? > > > > What I can recommend from my own experience: > > 1) create some actual test account on Gmail > > 2) make your customer send an email to this account using your process > > 3) access the Gmail account and see if message actually went to Spam > folder. > > If yes: > > 4) check if Gmail indicates all three SPF, DKIM and DMARC on the message > as > > PASS. If not, you need to fix the one that is failing on your side and > > re-try. > > 5) If yes, send the headers of the message that was incorrectly > classified > > as spam (the headers as received on that Gmail account) to Google using > this > > form: https://support.google.com/mail/contact/bulk_send_new . They > > explicitly say in the form that they won't reply to you, but it often > really > > helps and your messages are no more going to Spam (at least that was in > my > > case). > > Thank you, this is useful. I was not aware of that form. I'll add it to > my bookmarks. > > We checked your suggestions back when setting up the system, but I just > rechecked registering an account with my personal Gmail in a sandbox > instance we use to test this type of stuff. The double opt-in > confirmation mail was delivered just fine directly into the inbox. > > Checking the email shows a PASS for both SPF and DKIM for > bounce.woltlab.cloud. We don't do DMARC, as explained in my sibling > reply. Gmail shows "Sender Name via > bounce.woltlab.cloud" as the sender which is expected for our set-up and > nothing unusual, I have seen this for other newsletters I subscribed to > as well. > > However unfortunately this does not answer my specific question > regarding the 'Feedback-ID' header / Feedback Loop (i.e. > https://support.google.com/mail/answer/6254652/feedback-loop). The "Spam > Rate" dashboard in Google Postmaster Tools specifically explains: > > > Dieses Dashboard zeigt den Prozentsatz der von aktiven Nutzern als Spam > gemeldeten E-Mails im Vergleich zu den an den Posteingang gesendeten > E-Mails. [...] E-Mails, die direkt an den Spamordner zugestellt werden, > zählen nicht dazu. > > This translates as: > > "This dashboard shows the percentage of emails reported as spam compared > to all emails delivered into the INBOX. [...] Emails delivered directly > into the spam folder will not be counted here." > > So one (or more) recipients *actively* hit the "This is Spam" button on > ~27% of mails we delivered that one day. I wanted to use the Feedback > Loop mechanism *to find out* which of our customers sent those emails to > investigate in more detail. This is the entire purpose of the Feedback > Loop as implemented by Gmail, but it does not work for us due to reasons > that are unclear to me. > Generally speaking, when the dashboard shows you no data, there isn't enough data to show you. There are minimum levels of data required before it shows you anything in order not to be gamed or make it easy to find out specific accounts that are involved. I don't remember off the top of my head, but I think it's either 100 or 500 different accounts in the bucket you're looking at before there is data to be shown to you. Ie, the answer is never "one recipient". Brandon (it's been years since I've looked at the code and it's possible things have changed, so take it with a grain of salt) ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Feedback Loop in Gmail Postmaster tools does not show anything
Hi Jaroslaw On 6/3/21 10:47 PM, Jaroslaw Rafa via mailop wrote: Does anyone of you have practical experience with Google's feedback loop mechanism and might be able to identify if we are doing anything wrong or if it's just the low volume? What I can recommend from my own experience: 1) create some actual test account on Gmail 2) make your customer send an email to this account using your process 3) access the Gmail account and see if message actually went to Spam folder. If yes: 4) check if Gmail indicates all three SPF, DKIM and DMARC on the message as PASS. If not, you need to fix the one that is failing on your side and re-try. 5) If yes, send the headers of the message that was incorrectly classified as spam (the headers as received on that Gmail account) to Google using this form: https://support.google.com/mail/contact/bulk_send_new . They explicitly say in the form that they won't reply to you, but it often really helps and your messages are no more going to Spam (at least that was in my case). Thank you, this is useful. I was not aware of that form. I'll add it to my bookmarks. We checked your suggestions back when setting up the system, but I just rechecked registering an account with my personal Gmail in a sandbox instance we use to test this type of stuff. The double opt-in confirmation mail was delivered just fine directly into the inbox. Checking the email shows a PASS for both SPF and DKIM for bounce.woltlab.cloud. We don't do DMARC, as explained in my sibling reply. Gmail shows "Sender Name via bounce.woltlab.cloud" as the sender which is expected for our set-up and nothing unusual, I have seen this for other newsletters I subscribed to as well. However unfortunately this does not answer my specific question regarding the 'Feedback-ID' header / Feedback Loop (i.e. https://support.google.com/mail/answer/6254652/feedback-loop). The "Spam Rate" dashboard in Google Postmaster Tools specifically explains: Dieses Dashboard zeigt den Prozentsatz der von aktiven Nutzern als Spam gemeldeten E-Mails im Vergleich zu den an den Posteingang gesendeten E-Mails. [...] E-Mails, die direkt an den Spamordner zugestellt werden, zählen nicht dazu. This translates as: "This dashboard shows the percentage of emails reported as spam compared to all emails delivered into the INBOX. [...] Emails delivered directly into the spam folder will not be counted here." So one (or more) recipients *actively* hit the "This is Spam" button on ~27% of mails we delivered that one day. I wanted to use the Feedback Loop mechanism *to find out* which of our customers sent those emails to investigate in more detail. This is the entire purpose of the Feedback Loop as implemented by Gmail, but it does not work for us due to reasons that are unclear to me. And, also don't forget to mark the message as "non-spam" on the test account that received it, or even reply to the message. It is some signal (although weak, if only one user does this, but still some) to the Google's AI to not classify this kind of messages as spam. This does not apply for my test email, as it went into the INBOX. However I clicked the activation link within this email to interact with it, thus sending a positive signal. Best regards Tim Düsterhus Postmaster WoltLab GmbH -- WoltLab GmbH Nedlitzer Str. 27B 14469 Potsdam Tel.: +49 331 96784338 duester...@woltlab.com www.woltlab.com Managing director: Marcel Werk AG Potsdam HRB 26795 P ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Feedback Loop in Gmail Postmaster tools does not show anything
Dnia 2.06.2021 o godz. 13:22:31 Tim Düsterhus, WoltLab GmbH via mailop pisze: > > Does anyone of you have practical experience with Google's feedback > loop mechanism and might be able to identify if we are doing > anything wrong or if it's just the low volume? What I can recommend from my own experience: 1) create some actual test account on Gmail 2) make your customer send an email to this account using your process 3) access the Gmail account and see if message actually went to Spam folder. If yes: 4) check if Gmail indicates all three SPF, DKIM and DMARC on the message as PASS. If not, you need to fix the one that is failing on your side and re-try. 5) If yes, send the headers of the message that was incorrectly classified as spam (the headers as received on that Gmail account) to Google using this form: https://support.google.com/mail/contact/bulk_send_new . They explicitly say in the form that they won't reply to you, but it often really helps and your messages are no more going to Spam (at least that was in my case). Before you do step 5), you may also try what they say on their sender guidelines page: "If your email has a link to a site with bad email practices, it could be marked as spam. You can remove the link to see if the classification changes from spam. If it does, we suggest sending the email without the link or ending your program with the site.". So, if it is possible to change the email so that it doesn't contain any links, and resend it, it is worth trying. My messages had no links at all, so I simply skipped that step. And, also don't forget to mark the message as "non-spam" on the test account that received it, or even reply to the message. It is some signal (although weak, if only one user does this, but still some) to the Google's AI to not classify this kind of messages as spam. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Feedback Loop in Gmail Postmaster tools does not show anything
Hello Bastian, On 6/2/21 2:17 PM, Bastian Blank via mailop wrote: On Wed, Jun 02, 2021 at 01:22:31PM +0200, Tim Düsterhus, WoltLab GmbH via mailop wrote: Mail is being sent with a 'MAIL FROM:' with the 'From:' containing an email address of the customer's custom domain. We're DKIM signing the emails using a key in the 'bounce.woltlab.cloud' domain and add a 'Feedback-ID: customer_id:WCloud' header to all emails, in an attempt to uniquely identify the customer in cases of spam reports. So you produce third party signatures. You need to sign also with the customer's domain if you want to have that in the From header. I understand that this is important for DMARC alignment and in fact we already support double-signing any outgoing emails for larger customers that tend to generate more (email) traffic. However it comes with more manual set-up on the customer's end, because we can't simply handle it for them using the existing CNAME. This probably results in customers not caring enough, because it's not visibly important to them. In any case we are already planning to push this more. However Google's documentation does not appear to clearly indicate that this type of alignment is relevant for the Feedback Loop mechanism. It says: In order to prevent spoofing of the Feedback-ID, the traffic being sent to Gmail needs to be DKIM signed by a domain owned (or controlled) by the sender, after the addition of this header. This domain should be added and verified to the Gmail Postmaster Tools, so that the sender can access the FBL data. And indeed the signature matches our domain we set up in Postmaster Tools. We are seeing practically all information regarding that domain (e.g. Spam Rate, IP and Domain Reputation, Encryption / Authentication Status). The only thing that's empty is the Feedback Loop. However it does not appear to be terribly useful if we had to set up all the *customer* domains in *our* account in Postmaster Tools to be able to access Feedback Loop identifiers that *we* set to protect the reputation of *our* mail servers, especially since the MAIL FROM is a domain of ours. Can you clarify whether your reply was a general remark regarding our setup or whether you know this is indeed a requirement to consume the Feedback-ID with Google Postmaster Tools? Best regards Tim Düsterhus Postmaster WoltLab GmbH -- WoltLab GmbH Nedlitzer Str. 27B 14469 Potsdam Tel.: +49 331 96784338 duester...@woltlab.com www.woltlab.com Managing director: Marcel Werk AG Potsdam HRB 26795 P ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Feedback Loop in Gmail Postmaster tools does not show anything
On Wed, Jun 02, 2021 at 01:22:31PM +0200, Tim Düsterhus, WoltLab GmbH via mailop wrote: > Mail is being sent with a 'MAIL FROM:' > with the 'From:' containing an email address of the customer's custom > domain. > We're DKIM signing the emails using a key in the 'bounce.woltlab.cloud' > domain and add a 'Feedback-ID: customer_id:WCloud' header to all emails, in > an attempt to uniquely identify the customer in cases of spam reports. So you produce third party signatures. You need to sign also with the customer's domain if you want to have that in the From header. Bastian -- ... The prejudices people feel about each other disappear when they get to know each other. -- Kirk, "Elaan of Troyius", stardate 4372.5 ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
[mailop] Feedback Loop in Gmail Postmaster tools does not show anything
Dear fellow Mail Operators,
we run a SaaS solution hosting web forums for our customers. We send
transactional email and opt-in notifications about new activities within
a community which by their nature contain some user-generated content.
During a regular check in Google's Postmaster Tools we noticed that
Gmail reports a Spam Rate of 27.3% for a single day in May which is
concerning. Our Postfix logs report nothing out of the usual, apart from
a single email being rejected as 'UnsolicitedRateLimitError', but being
delivered 5 seconds later into another of Gmail's MXs the *day before*
this spike in spam reports.
We also checked the Feedback Loop dashboard, in an attempt to at least
identify the customer in question, but that dashboard shows nothing and
it never did when we checked it in the past. It's showing blue dots at
the very bottom for the days where we reach enough volume for other
dashboards to show data, including the day in question. But clicking
that dot shows "Keine gekennzeichneten Bezeichner" ("no marked
identifiers").
This makes me wonder if we missed anything while setting up the support
for Gmail's Feedback Loop or if this is usual behavior due to our lowish
volume (less than 100 emails in Gmails direction on the day in question).
Mail is being sent with a 'MAIL FROM:'
with the 'From:' containing an email address of the customer's custom
domain.
We're DKIM signing the emails using a key in the 'bounce.woltlab.cloud'
domain and add a 'Feedback-ID: customer_id:WCloud' header to all emails,
in an attempt to uniquely identify the customer in cases of spam reports.
We set up SPF records for the bounce.woltlab.cloud domain and also set
SPF records for the customer's domain, because the customer sets up the
domain using a CNAME record.
We set up both the bounce.woltlab.cloud and woltlab.cloud domains at
postmaster.google.com.
Checking https://support.google.com/mail/answer/6254652?hl=en-GB we
appear to tick all boxes:
- Our emails contain exactly one Feedback-ID header with a customer
identifier and a stable SenderID of 'WCloud':
> Feedback-ID: c_1234578:WCloud
The documentation is not clear regarding the use of optional fields,
though. Would we need
> Feedback-ID: ::c_1234578:WCloud
instead?
- The Feedback-ID header is DKIM signed by the domain registered in the
dashboard:
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
d=bounce.woltlab.cloud; i=@bounce.woltlab.cloud; q=dns/txt; s=wcloud;
t=1622622079; h=from : reply-to : to : subject : date : message-id :
list-id : list-unsubscribe : list-unsubscribe-post : mime-version :
content-type : feedback-id : from : to : subject : date : message-id :
feedback-id; bh=YOZK9mUAdTkOR1zUM4JWklWhBmsqy1Wau9HMb4sOvXI=;
b=dtvd3fXJnEUEGrSUu4z8sY2kx5nkw5tiS8zKS/Se6YZUgtAyVcWb4Dg+Ze/AqFeWr5rvD
q2W9+u9iSonz5yoV1e/X25cwyPhr29063KzZPJTQOtLD5Kcosz/U4Ur3YTA/YWIeXg0Afo3
GhsqucX/g3qpq2Hs28lR2zzqg3Ek+FntafocHjOeKBQDazs4nG4cMX6j3R9TPTFniG5jEdo
oMW+ErlNTzvEL0Z0mVjPI4rfTprdkjyLXZPVv9h+tlHCYir5meVQ1RTpImZKWtaXqP8UjVv
z4TDqqI8FoFS9HPGhNfPGbwfrktsO/7kj5FBSDSQdbrWLPKA4HhUJ3qbzUAA==
- The signing domain has SPF records set up.
- Our outgoing mailserver has a forward confirmed reverse DNS within the
signing domain.
The only thing we might be lacking is:
For a given day’s traffic, FBL reports are generated only if a given identifier
is present in a certain volume of mails as well as in distinct user spam
reports.
As the other dashboards, specifically the Spam Report dashboard, show
data we would suspect that we reached this minimum volume, but of course
we can't be sure there.
Does anyone of you have practical experience with Google's feedback loop
mechanism and might be able to identify if we are doing anything wrong
or if it's just the low volume?
Best regards
Tim Düsterhus
Postmaster WoltLab GmbH
--
WoltLab GmbH
Nedlitzer Str. 27B
14469 Potsdam
Tel.: +49 331 96784338
duester...@woltlab.com
www.woltlab.com
Managing director:
Marcel Werk
AG Potsdam HRB 26795 P
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
