Re: A bit off-topic: problems with sending to a Gmail user
On Sat, Mar 12, 2022 at 09:03:37AM +0100, Matthias Apitz wrote: > El día viernes, marzo 11, 2022 a las 03:12:41p. m. +0100, Stefan Hagen > escribió: > > > > I've been seeing a lot of that lately. Google seem to have tightened > > > their email security practice recently. > > > > > > It appears that 1blu is doing something that GMail doesn't like. They > > > probably have a number of users who have the same problem. I would > > > ask them to check their MTA configuration against the section "Make > > > sure your messages are authenticated" in the referenced page > > > (https://support.google.com/mail/answer/81126#authentication). > > > > > > > 550-5.7.26 This message does not have authentication information or > > > > fails to > > > > 550-5.7.26 pass authentication checks. To best protect our users > > > > from spam, the > > > > 550-5.7.26 message has been blocked. Please visit > > > > Authenticated in this context means, you don't have SPF / DKIM / DMARC set > > up. > > > > You can use this service: https://www.mail-tester.com to test your > > setup. It provices you an email address. Send an email to it > > and then your mail and server setup will be evaluated. > > Thank you, Stefan. > > I did such a test and the result can be seen here: > https://www.mail-tester.com/test-ahwup3i9z > > > This is an example from me: > > https://www.mail-tester.com/test-3ghr082f2 > > > > Feel free to examine it and set your host up in a similiar way. > > As far as I understand all the changes can't be done on my host (a > laptop). I send mails with mutt and mutt with sendmail to smtp.1blu.de > > And I'm afraid, if I contact the support of 1blu I don't know if they will > react (I've mixed experience from the past). I will give it a try... > > Thanks > > matthias > > -- > Matthias Apitz, ✉ g...@unixarea.de, http://www.unixarea.de/ +49-176-38902045 > Public GnuPG key: http://www.unixarea.de/key.pub So it looks like the real problem might be "You're listed in 1 blacklist" (http://www.backscatterer.org). Try to get removed from it. Good luck. It sounds like the mail server you are using needs a configuration change to stop backscatter. Perhaps you could direct your mail server providers to that site. cheers, raf
Re: A bit off-topic: problems with sending to a Gmail user
On Fri, Mar 11, 2022 at 11:55:04PM +, Ken Moffat wrote: > On Sat, Mar 12, 2022 at 09:10:01AM +1100, raf wrote: > > On Fri, Mar 11, 2022 at 03:12:41PM +0100, Stefan Hagen > > wrote: > > > > > > > > > > > 550-5.7.26 This message does not have authentication > > > > > information or fails to 550-5.7.26 pass authentication > > > > > checks. To best protect our users from spam, the > > > > > 550-5.7.26 message has been blocked. Please visit > > > > > > Authenticated in this context means, you don't have SPF / DKIM / > > > DMARC set up. > > > > That's sad. I'm pretty sure that the absence of SPF/DKIM/DMARC was > > never supposed to be interpreted as a failure of any of them. > > Perhaps the sending domain does have SPF but it's not setup > > correctly. It doesn't seem to (unixarea.de). > > > What is *really* sad is that most of the spam which gets through > direct to this account of mine is things apparently from gmail > addresses, pointing to ntlworld/somewhereelse.com addresses inviting > me to login, and with DKIM apparently passing (the last couple I > looked at were relaxed/relaxed). > > ĸen > -- > The beauty of reading a page of de Selby is that it leads one > inescapably to the conclusion that one is not, of all nincompoops, > the greatest.-- du Garbandier That's probably not because it's relaxed/relaxed. It's just that when spammers use gmail to send spam, gmail happily and correctly DKIM-signs the outgoing spam. Gmail only protects gmails users from receiving spam. It doesn't stop them sending spam. At least, that's what seems to be the case. cheers, raf
Re: A bit off-topic: problems with sending to a Gmail user
> PS: maybe there is an option in gmail for users to whitelist senders > from whom they want to receive mail? Yes, sort of. There is no absolute whitelist, but there are two things a gmail user can do to make it much less likely that mail from a particular sender is marked as spam. 1. Have that sender in their contacts. 2. After receiving an email from that sender that does go to spam, click "not spam" on it. Sometimes you can arrange this by private messaging with someone as you send them email, and have them check spam for the email you just sent and click "not spam" while you're talking. -- Cos
Re: A bit off-topic: problems with sending to a Gmail user
On Sat, Mar 12, 2022 at 12:09:01PM +0100, Matthias Apitz wrote: > El día sábado, marzo 12, 2022 a las 10:05:35 +0100, Joerg Dorchain > escribió: > > > Let's go through that: > > > > - An SPF-entry has to be created in the unixarea.de domain, I would assume > > you can do that via the > > interface of 1blu.de > > > > - DKIM-headers can be inserted locally. If you do that with a selector > > under the unixarea.de domain, you > > have to add the corresponding key in the zone. I would assume you can do > > that via the interface of 1blu.de > > Alternatively dkim can be implemented at the 1blu.de MTA, which in turn > > is solely at their discretion. > > > > - Same for a DMARC-entry. > > > > This would make most sense when you enable DNSSEC for the unixarea.de > > domain. Check here: > > https://dnsviz.net/d/unixarea.de/dnssec/ I would assume you can do that via > > the interface of 1blu.de. > > > > Joerg, 1blu is a German ISP where I have rented: > > - a domain 'unixare.de' > - a web space www.unixarea.de on some of its servers > - a mail addr g...@unixarea.de which ends up in mbox on its servers and I can > read mail with IMAP or some webmail software; and I can send mail with > SMTP to one its MTA (smt.1blu.de) > - SSH access to an unpriv account on the server to put/get files to/from > the web space www.unixarea.de > > I have no access to any DNS configurations and so I do not see how to > follow your hints. That then sounds like talking to their support and eventually reconsidering your position to 1blu or gmail. You are definitivly not the only one having problems with mail from or to gmail accounts. Bye, Joerg signature.asc Description: PGP signature
Re: A bit off-topic: problems with sending to a Gmail user
On Fri, Mar 11, 2022, Stefan Hagen wrote: > > > 550-5.7.26 This message does not have authentication information or > > > fails to > Authenticated in this context means, you don't have SPF / DKIM / DMARC set up. [more off-topic/rant] Isn't it nice how Google et.al. enforce things which are neither mandatory nor really useful to "fight spam"? All the spam I get at $WORK is from gmail and it has passed all of those "requirements" -- but the "investment"/"loan"/... spam/scams are not filtered at all by Google themselves (hey, why should they do outbound spam filtering? it cost them money and why should they care? it's not like anyone important would block gmail -- but Google rejects mail coming to them due to bogus reasons). "Solution": ask gmail users to switch to other services which do not have so many "false positives". PS: maybe there is an option in gmail for users to whitelist senders from whom they want to receive mail?
Re: A bit off-topic: problems with sending to a Gmail user
El día sábado, marzo 12, 2022 a las 10:05:35 +0100, Joerg Dorchain escribió: > Let's go through that: > > - An SPF-entry has to be created in the unixarea.de domain, I would assume > you can do that via the > interface of 1blu.de > > - DKIM-headers can be inserted locally. If you do that with a selector under > the unixarea.de domain, you > have to add the corresponding key in the zone. I would assume you can do > that via the interface of 1blu.de > Alternatively dkim can be implemented at the 1blu.de MTA, which in turn is > solely at their discretion. > > - Same for a DMARC-entry. > > This would make most sense when you enable DNSSEC for the unixarea.de domain. > Check here: > https://dnsviz.net/d/unixarea.de/dnssec/ I would assume you can do that via > the interface of 1blu.de. > Joerg, 1blu is a German ISP where I have rented: - a domain 'unixare.de' - a web space www.unixarea.de on some of its servers - a mail addr g...@unixarea.de which ends up in mbox on its servers and I can read mail with IMAP or some webmail software; and I can send mail with SMTP to one its MTA (smt.1blu.de) - SSH access to an unpriv account on the server to put/get files to/from the web space www.unixarea.de I have no access to any DNS configurations and so I do not see how to follow your hints. Thanks anyway matthias -- Matthias Apitz, ✉ g...@unixarea.de, http://www.unixarea.de/ +49-176-38902045 Public GnuPG key: http://www.unixarea.de/key.pub
Re: A bit off-topic: problems with sending to a Gmail user
On Sat, Mar 12, 2022 at 09:03:37AM +0100, Matthias Apitz wrote: > > > > I've been seeing a lot of that lately. Google seem to have tightened > > > their email security practice recently. > > > > > > It appears that 1blu is doing something that GMail doesn't like. They > > > probably have a number of users who have the same problem. I would > > > ask them to check their MTA configuration against the section "Make > > > sure your messages are authenticated" in the referenced page > > > (https://support.google.com/mail/answer/81126#authentication). > > > > > > > 550-5.7.26 This message does not have authentication information or > > > > fails to > > > > 550-5.7.26 pass authentication checks. To best protect our users > > > > from spam, the > > > > 550-5.7.26 message has been blocked. Please visit > > > > Authenticated in this context means, you don't have SPF / DKIM / DMARC set > > up. > > > > You can use this service: https://www.mail-tester.com to test your > > setup. It provices you an email address. Send an email to it > > and then your mail and server setup will be evaluated. > > Thank you, Stefan. > > I did such a test and the result can be seen here: > https://www.mail-tester.com/test-ahwup3i9z Let's go through that: - An SPF-entry has to be created in the unixarea.de domain, I would assume you can do that via the interface of 1blu.de - DKIM-headers can be inserted locally. If you do that with a selector under the unixarea.de domain, you have to add the corresponding key in the zone. I would assume you can do that via the interface of 1blu.de Alternatively dkim can be implemented at the 1blu.de MTA, which in turn is solely at their discretion. - Same for a DMARC-entry. This would make most sense when you enable DNSSEC for the unixarea.de domain. Check here: https://dnsviz.net/d/unixarea.de/dnssec/ I would assume you can do that via the interface of 1blu.de. Bye, Joerg signature.asc Description: PGP signature
Re: A bit off-topic: problems with sending to a Gmail user
El día viernes, marzo 11, 2022 a las 03:12:41p. m. +0100, Stefan Hagen escribió: > > I've been seeing a lot of that lately. Google seem to have tightened > > their email security practice recently. > > > > It appears that 1blu is doing something that GMail doesn't like. They > > probably have a number of users who have the same problem. I would > > ask them to check their MTA configuration against the section "Make > > sure your messages are authenticated" in the referenced page > > (https://support.google.com/mail/answer/81126#authentication). > > > > > 550-5.7.26 This message does not have authentication information or > > > fails to > > > 550-5.7.26 pass authentication checks. To best protect our users from > > > spam, the > > > 550-5.7.26 message has been blocked. Please visit > > Authenticated in this context means, you don't have SPF / DKIM / DMARC set up. > > You can use this service: https://www.mail-tester.com to test your > setup. It provices you an email address. Send an email to it > and then your mail and server setup will be evaluated. Thank you, Stefan. I did such a test and the result can be seen here: https://www.mail-tester.com/test-ahwup3i9z > This is an example from me: > https://www.mail-tester.com/test-3ghr082f2 > > Feel free to examine it and set your host up in a similiar way. As far as I understand all the changes can't be done on my host (a laptop). I send mails with mutt and mutt with sendmail to smtp.1blu.de And I'm afraid, if I contact the support of 1blu I don't know if they will react (I've mixed experience from the past). I will give it a try... Thanks matthias -- Matthias Apitz, ✉ g...@unixarea.de, http://www.unixarea.de/ +49-176-38902045 Public GnuPG key: http://www.unixarea.de/key.pub