Re: [mailop] Google: 'Low reputation of the sending domain'

[Bjoern Franke via mailop]

Hi,



There are no breaches or spam or anything sent from that server. I
would know as I am part of the AS6772 Abuse Desk. :-) Just the
dozed or so emails per day sent by my family members and myself.

Even emails to my own Gmail Account where my sending email address for
sure is a know past sender, are being blocked.



we had a similar issue after moving mail.ffnw.de to a new server / IP, 
though the mails are DKIM signed and SPF passes:


: host aspmx.l.google.com[2a00:1450:400c:c0c::1b] said:
550-5.7.1 [2a03:4000:47:88::1] Our system has detected that this
message 550-5.7.1 is likely suspicious due to the very low 
reputation of
the sending IP 550-5.7.1 address. To best protect our users from 
spam, the

message has been 550-5.7.1 blocked. Please visit 550 5.7.1
https://support.google.com/mail/answer/188131 for more information.
h13si190255wmb.87 - gsmtp (in reply to end of DATA command)

I remember a discussion here that reputation is somehow bound to a 
domain with DKIM, SPF, etc, but this seems to be irrelevant in this 
case, or do I miss something?


Best Regards
Bjoern

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Google: 'Low reputation of the sending domain'

[Benoît Panizzon via mailop]

Hi Gang

After some more valuable feedback I got on that topic, it is now
pretty obvious how I destroyed the google reputation of that 'sending
domain'.

I learned that Google:

IPv4: Works with IP Reputation.
IPv6: Works with 'sender domain' Reputation.

Sender Domain is not just the 'domain' of the sender, but if there is
an issue with a sub-domain which has 'high traffic' this affects the
'base domain' with lower traffic too.

Well, I happen to run the development version of the SWINOG
spamtrap / honeypot / blacklist / feedback Loop infrastructure on
blacklist.woody.ch / gintonic.woody.ch.

Different subdomain / different IP-Address than the one blocked.

I noticed in the past, that feedback loop email, containing a
multipart/report MIME-Type and ARF structure were often blocked
as 'spam' by google (yes digitalocean abuse desk, you are hosted on
ASPX and still getting multiple feedback emails because of spamtrap /
honeypot hits per day). I asked the google abuse-desk repeatedly to not
block such emails, especially not if the destination was listed as
abuse-mailbox in the registries. Well I guess they ignored my requests
and those emails, being considered spam lead to my domain's reputation
to be pulled down so far all traffic is being blocked now.

Well, I guess I have to stop sending feedback emails for now and
migrate everything to a different domain.

-- 
Mit freundlichen Grüssen

-Benoît Panizzon- @ HomeOffice und normal erreichbar
-- 
I m p r o W a r e   A G-Leiter Commerce Kunden
__

Zurlindenstrasse 29 Tel  +41 61 826 93 00
CH-4133 PrattelnFax  +41 61 826 93 01
Schweiz Web  http://www.imp.ch
__

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Google: 'Low reputation of the sending domain'

[Tom Ivar Helbekkmo via mailop]

Ken O'Driscoll via mailop  writes:

> Mailing lists etc. breaking your DKIM signature is pretty much
> expected behaviour and not a reason to disavow it entirely.

...and that doesn't need to be a problem, either, now that modern
mailing list software knows how to play nice with DMARC, like e.g. this
very list does.  If you're on lists that don't do this, you should let
the list admin know about it, so they can fix their configuration.

-tih
-- 
Most people who graduate with CS degrees don't understand the significance
of Lisp.  Lisp is the most important idea in computer science.  --Alan Kay

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Google: 'Low reputation of the sending domain'

[Tim Bray via mailop]

On 02/06/2020 09:37, Benoit Panizzon via mailop wrote:

Still 'Spamrate' and 'IP Reputation' and 'Domain Reputation' (all other
items too) still show 'there is no data available yet'.



At work (provu.co.uk) we send hundreds of emails a day, but always no 
data in postmaster tools.  I just presume you have to send more mail to 
get noticed.



Other things I noticed  (I'm not google)

1) No TLS on your mailserver - to receive email.  What about sending?    
(most well maintained mailservers have TLS now)


2) SPF record is a whole /48 for IPv6.    Why not just try the 1 
address  of your mailserver  (I'd be suspicious of such a wide range of 
space for sending mailservers)




--
Tim Bray
Huddersfield, GB
t...@kooky.org


___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Google: 'Low reputation of the sending domain'

[Laura Atkins via mailop]

Mail coming from IPv6 has higher requirements for delivery than mail from IPv4. 
The theory is that with IPv4 you may be in a situation where there’s legacy 
code or infrastructure that can’t be upgraded for operational reasons. For 
reasons of interoperability that is acceptable.

Anyone sending mail over IPv6 has a new(ish) system and there is zero reason to 
not meet all modern requirements. There is a reputation cost to sending over 
IPv6 without properly and fully (both SPF and DKIM) authenticating the email 
message.  There may be other issues here in that the domain reputation is bad 
AS WELL. But the first step is to sign with DKIM and see if that addresses the 
issue. Given you can send mail from the same domain over IPv4, it seems it’s 
not the overall domain reputation, but the domain reputation from an IPv6 IP 
address. 

Sign with DKIM. 

laura 


> On 2 Jun 2020, at 13:32, Stuart Henderson via mailop  
> wrote:
> 
> On 2020/06/02 10:37, Benoit Panizzon via mailop wrote:
>> <<< 550-5.7.1 [2001:4060:dead:beef::1  19] Our system has detected that 
>> this
>> <<< 550-5.7.1 message is likely suspicious due to the very low reputation of 
>> the
>> <<< 550-5.7.1 sending domain.
> 
> "due to the very low reputation of the sending domain", I'm surprised
> that made it through legal...
> 
>> DKIM is not a solution. I faced too many problems with mailinglists
>> and similar which did alter the header and broke DKIM signatures.
> 
> DKIM isn't (or at least shouldn't be) used as an absolute check unless it's
> combined with a restrictive DMARC setting - usually it just feeds in to an
> overall score. Failing DKIM doesn't mean that people won't see a mail at
> all and when combined with other positive scores usually assigned to
> genuine mailing list servers, it will often still get through.
> 
> You are likely to need all the tricks in the book to get mail delivered
> over IPv6 into gmail (many people just gave up - most of the common open-
> source MTAs have methods to avoid delivering over v6 to certain servers
> precisely because of this) - DKIM definitely seems to be something worth
> doing.
> 
> 
> ___
> mailop mailing list
> mailop@mailop.org
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

-- 
Having an Email Crisis?  We can help! 800 823-9674 

Laura Atkins
Word to the Wise
la...@wordtothewise.com
(650) 437-0741  

Email Delivery Blog: https://wordtothewise.com/blog 







___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Google: 'Low reputation of the sending domain'

[Stuart Henderson via mailop]

On 2020/06/02 10:37, Benoit Panizzon via mailop wrote:
> <<< 550-5.7.1 [2001:4060:dead:beef::1  19] Our system has detected that 
> this
> <<< 550-5.7.1 message is likely suspicious due to the very low reputation of 
> the
> <<< 550-5.7.1 sending domain.

"due to the very low reputation of the sending domain", I'm surprised
that made it through legal...

> DKIM is not a solution. I faced too many problems with mailinglists
> and similar which did alter the header and broke DKIM signatures.

DKIM isn't (or at least shouldn't be) used as an absolute check unless it's
combined with a restrictive DMARC setting - usually it just feeds in to an
overall score. Failing DKIM doesn't mean that people won't see a mail at
all and when combined with other positive scores usually assigned to
genuine mailing list servers, it will often still get through.

You are likely to need all the tricks in the book to get mail delivered
over IPv6 into gmail (many people just gave up - most of the common open-
source MTAs have methods to avoid delivering over v6 to certain servers
precisely because of this) - DKIM definitely seems to be something worth
doing.


___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Google: 'Low reputation of the sending domain'

[Ken O'Driscoll via mailop]

On Tue, 2020-06-02 at 10:37 +0200, Benoit Panizzon via mailop wrote:
> DKIM is not a solution. I faced too many problems with mailinglists
> and similar which did alter the header and broke DKIM signatures.
> 
> Has anyone a hint what could be the cause for this problem?
> 
> And yes, disabling IPv6 seems to solve the issue, but that is the wrong
> way dealing with it :-)

This may be part of the issue. If you are using IPv6 then you really
need to be signing with DKIM. Mailing lists etc. breaking your DKIM
signature is pretty much expected behaviour and not a reason to disavow
it entirely.

Ken.
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Google: 'Low reputation of the sending domain'

[sivasubramanian muthusamy via mailop]

There are two issues here:

1. We have been brought to a situation where it has become an
insurmountable necessity to send and receive mail from and to Google,
Microsoft and the likes of Amazon, if your mail has to reach from one end
to another.

2.  The filters in the middle (and in this at the 'cloud') make rules
leading to unknown and unreported false positives that are not even
knowable, let alone challengeable by ordinary mortals.



On Tue, Jun 2, 2020, 14:16 Benoit Panizzon via mailop 
wrote:

> Hi Gang
>
> My personal mailserver is not able to send any emails to gmail accounts
> since several months. I was hoping this would solve itself eventually.
> It did not.
>
> There are no breaches or spam or anything sent from that server. I
> would know as I am part of the AS6772 Abuse Desk. :-) Just the
> dozed or so emails per day sent by my family members and myself.
>
> Even emails to my own Gmail Account where my sending email address for
> sure is a know past sender, are being blocked.
>
> The Error:
>
>- Transcript of session follows -
> ... while talking to gmail-smtp-in.l.google.com.:
> >>> DATA
> <<< 550-5.7.1 [2001:4060:dead:beef::1  19] Our system has detected
> that this
> <<< 550-5.7.1 message is likely suspicious due to the very low reputation
> of the
> <<< 550-5.7.1 sending domain. To best protect our users from spam, the
> message has
> <<< 550-5.7.1 been blocked. Please visit
> <<< 550 5.7.1  https://support.google.com/mail/answer/188131 for more
> information. ds3si1043668ejc.545 - gsmtp
> 554 5.0.0 Service unavailable
>
> 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.f.e.e.b.d.a.e.d.0.6.0.4.1.0.0.2.ip6.arpa
> domain name pointer magma.woody.ch.
>
> magma.woody.ch has address 157.161.57.1
> magma.woody.ch has IPv6 address 2001:4060:dead:beef::1
>
> No DNS PTR issue I guess :-)
>
> I have registered woody.ch and magma.woody.ch with Gmail Postmaster
> Tools about one month ago, in the hope that eventually I would get some
> hint to the cause.
>
> Still 'Spamrate' and 'IP Reputation' and 'Domain Reputation' (all other
> items too) still show 'there is no data available yet'.
>
> Not listed in any blacklists @ MXToolbox.
>
> An SPF record exists since several years.
>
> woody.ch descriptive text "v=spf1 ip4:157.161.57.0/27
> ip6:2001:4060:dead::/48 -all"
>
> Yesterday, after re-reading google email recommendations, I also added a
> DMARC entry:
>
> _dmarc.woody.ch descriptive text "v=DMARC1; p=reject; rua=mailto:
> paniz...@woody.ch; ruf=mailto:paniz...@woody.ch; aspf=s"
>
> Still the problem persists as of a couple minutes ago.
>
> DKIM is not a solution. I faced too many problems with mailinglists
> and similar which did alter the header and broke DKIM signatures.
>
> Has anyone a hint what could be the cause for this problem?
>
> And yes, disabling IPv6 seems to solve the issue, but that is the wrong
> way dealing with it :-)
>
> Mit freundlichen Grüssen
>
> -Benoît Panizzon-
> --
> I m p r o W a r e   A G-Leiter Commerce Kunden
> __
>
> Zurlindenstrasse 29 Tel  +41 61 826 93 00
> CH-4133 PrattelnFax  +41 61 826 93 01
> Schweiz Web  http://www.imp.ch
> __
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
>
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Google: 'Low reputation of the sending domain'

[Jan-Philipp Benecke via mailop]

Hey Benoit,

i'm facing the same issue since weeks with my private mailserver.
A few mails getting through and some not.
I've already tried to contact the sender support trough their form. 
Maybe this helps, lets see.


BTW: I'v enabled SPF, DKIM, DMARC (p=none) since a long time, this 
either didn't help.


Best,
Jan-Philipp

Jan-Philipp Benecke
Deliverability Engineer

Fon: +49 4402 97390-00 
E-Mail: j...@cleverreach.com 

Xing  LinkedIn 



*CleverReach GmbH & Co. KG
HRA 4020 Oldenburg (Oldb.)*
cleverreach.de 
CleverReach® 
CleverReach® 


Vertreten durch: CleverReach Verwaltungs GmbH, HRB 210079 Oldenburg (Oldb.)
//CRASH Building | Schafjückenweg 2 | 26180 Rastede | Germany
Geschäftsführung: Jens Klibingat, Sebastian Schwarz & Sebastian Strzelecki
Aufsichtsrat: Rolf Hilchner & Heinz-Wilhelm Bogena

PUSH///  CleverReach® 
 CleverReach @Instagram 
 https://twitter.com/cleverreach 
 CleverReach @YouTube 



Aktuell können Sie einige Informationen nicht sehen.Bitte aktivieren Sie 
externe Inhalte, um die Mail vollständig angezeigt zu bekommen oder 
klicken Sie hier. 





Benoit Panizzon via mailop schrieb am 02.06.20 um 10:37:

Hi Gang

My personal mailserver is not able to send any emails to gmail accounts
since several months. I was hoping this would solve itself eventually.
It did not.

There are no breaches or spam or anything sent from that server. I
would know as I am part of the AS6772 Abuse Desk. :-) Just the
dozed or so emails per day sent by my family members and myself.

Even emails to my own Gmail Account where my sending email address for
sure is a know past sender, are being blocked.

The Error:

- Transcript of session follows -
... while talking to gmail-smtp-in.l.google.com.:

DATA

<<< 550-5.7.1 [2001:4060:dead:beef::1  19] Our system has detected that this
<<< 550-5.7.1 message is likely suspicious due to the very low reputation of the
<<< 550-5.7.1 sending domain. To best protect our users from spam, the message 
has
<<< 550-5.7.1 been blocked. Please visit
<<< 550 5.7.1  https://support.google.com/mail/answer/188131 for more 
information. ds3si1043668ejc.545 - gsmtp
554 5.0.0 Service unavailable

1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.f.e.e.b.d.a.e.d.0.6.0.4.1.0.0.2.ip6.arpa domain 
name pointer magma.woody.ch.

magma.woody.ch has address 157.161.57.1
magma.woody.ch has IPv6 address 2001:4060:dead:beef::1

No DNS PTR issue I guess :-)

I have registered woody.ch and magma.woody.ch with Gmail Postmaster
Tools about one month ago, in the hope that eventually I would get some
hint to the cause.

Still 'Spamrate' and 'IP Reputation' and 'Domain Reputation' (all other
items too) still show 'there is no data available yet'.

Not listed in any blacklists @ MXToolbox.

An SPF record exists since several years.

woody.ch descriptive text "v=spf1 ip4:157.161.57.0/27 ip6:2001:4060:dead::/48 
-all"

Yesterday, after re-reading google email recommendations, I also added a
DMARC entry:

_dmarc.woody.ch descriptive text "v=DMARC1; p=reject; rua=mailto:paniz...@woody.ch; 
ruf=mailto:paniz...@woody.ch; aspf=s"

Still the problem persists as of a couple minutes ago.

DKIM is not a solution. I faced too many problems with mailinglists
and similar which did alter the header and broke DKIM signatures.

Has anyone a hint what could be the cause for this problem?

And yes, disabling IPv6 seems to solve the issue, but that is the wrong
way dealing with it :-)

Mit freundlichen Grüssen

-Benoît Panizzon-


___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

[mailop] Google: 'Low reputation of the sending domain'

[Benoit Panizzon via mailop]

Hi Gang

My personal mailserver is not able to send any emails to gmail accounts
since several months. I was hoping this would solve itself eventually.
It did not.

There are no breaches or spam or anything sent from that server. I
would know as I am part of the AS6772 Abuse Desk. :-) Just the
dozed or so emails per day sent by my family members and myself.

Even emails to my own Gmail Account where my sending email address for
sure is a know past sender, are being blocked.

The Error:

   - Transcript of session follows -
... while talking to gmail-smtp-in.l.google.com.:
>>> DATA  
<<< 550-5.7.1 [2001:4060:dead:beef::1  19] Our system has detected that this
<<< 550-5.7.1 message is likely suspicious due to the very low reputation of the
<<< 550-5.7.1 sending domain. To best protect our users from spam, the message 
has
<<< 550-5.7.1 been blocked. Please visit
<<< 550 5.7.1  https://support.google.com/mail/answer/188131 for more 
information. ds3si1043668ejc.545 - gsmtp
554 5.0.0 Service unavailable

1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.f.e.e.b.d.a.e.d.0.6.0.4.1.0.0.2.ip6.arpa domain 
name pointer magma.woody.ch.

magma.woody.ch has address 157.161.57.1
magma.woody.ch has IPv6 address 2001:4060:dead:beef::1

No DNS PTR issue I guess :-)

I have registered woody.ch and magma.woody.ch with Gmail Postmaster
Tools about one month ago, in the hope that eventually I would get some
hint to the cause.

Still 'Spamrate' and 'IP Reputation' and 'Domain Reputation' (all other
items too) still show 'there is no data available yet'.

Not listed in any blacklists @ MXToolbox.

An SPF record exists since several years.

woody.ch descriptive text "v=spf1 ip4:157.161.57.0/27 ip6:2001:4060:dead::/48 
-all"

Yesterday, after re-reading google email recommendations, I also added a
DMARC entry:

_dmarc.woody.ch descriptive text "v=DMARC1; p=reject; 
rua=mailto:paniz...@woody.ch; ruf=mailto:paniz...@woody.ch; aspf=s"

Still the problem persists as of a couple minutes ago.

DKIM is not a solution. I faced too many problems with mailinglists
and similar which did alter the header and broke DKIM signatures.

Has anyone a hint what could be the cause for this problem?

And yes, disabling IPv6 seems to solve the issue, but that is the wrong
way dealing with it :-)

Mit freundlichen Grüssen

-Benoît Panizzon-
-- 
I m p r o W a r e   A G-Leiter Commerce Kunden
__

Zurlindenstrasse 29 Tel  +41 61 826 93 00
CH-4133 PrattelnFax  +41 61 826 93 01
Schweiz Web  http://www.imp.ch
__

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop