Email flagged as SPAM with correct authentication

2
votes

I'm using Python with the framework Django. I am sending registration emails from my website (when a user register).

Using this snippet, I authenticate my email with DKIM (the DNS is correctly configured).

I also added SPF on my DNS.

Either on gmail and hotmail, I see spf=pass and dkim=pass.

But still, my email is flagged as spam. I made sure to use appropriate vocabulary, it's a text email with only 1 link (for registering). I am using [email protected] in FROM field for my email.

EDIT : After few changes I managed to have a "proper" header for my email. This is what it looks like (received on my hotmail account, still flagged as spam) (I replaced my domain name by mydomain.com and IP adress by stars, but they are correct) :

x-store-info:4r51+eLowCe79NzwdU2kRyU+pBy2R9QCQ99fuVSCLVOS47rfbRPiE7iaYhO1ERiggdK+K18l1xsWi4P40pG/T41xqL9zUAoU17o0RrecEQY1EuSFAsrgi0P9JxG/GRiKRWTxOOBRX7E=
Authentication-Results: hotmail.com; spf=pass (sender IP is ***.***.***.***) [email protected]; dkim=pass header.d=mydomain.com; x-hmca=pass [email protected]
X-SID-PRA: [email protected]
X-AUTH-Result: PASS
X-SID-Result: PASS
X-Message-Status: n:n
X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0Q9MjtHRD0yO1NDTD02
X-Message-Info: 11chDOWqoTn7F4e7hHYwxaXv9iZKZZyIKj/+21TGh6QZKczxEHQs4rb60Cxfdi09jTLkRJAecG6MEZoumj8BxQZCAkaW+YvuWguCAySgqkkiNyD1AL4MyP3BFzgaoF2ZXtaGotKTc8c/ChQJkPtnUkHdes5iALGuXQjNzKRE6CJjxAGItrK/tX2h6cQRePYbs40w9kwlyrSKjnMd0tsAss5uWWZc2J8a
Received: from mydomain.com ([***.***.***.***]) by BAY004-MC3F39.hotmail.com over TLS secured channel with Microsoft SMTPSVC(7.5.7601.22712);
     Wed, 9 Jul 2014 08:18:05 -0700
Received: from mydomain.com (localhost.localdomain [127.0.0.1])
    by mydomain.com (8.14.4/8.14.4/Debian-4) with ESMTP id s69FI3wS030630
    for <*********@hotmail.fr>; Wed, 9 Jul 2014 17:18:03 +0200
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=mydomain.com;
 [email protected]; q=dns/txt; s=selector; t=1404919083; h=MIME-Version
 : Content-Type : Content-Transfer-Encoding : Subject : From : To : Date
 : Message-ID; bh=k7X+9bPwn6CQYmdYxiU1/FA763QwNClj01j8KmwLN2k=; b=Xg53TzAVYu7/7hnSJpH0NPsXhR2xasyW/Oo37XNSdWGOmZFP95way23mFMgT370IGv/rlTf+LJgYuH1grPRoVgR9Oif89uwLf9FIWx0CTwNlG9ONvKgTX3I91J8lAn/5KaMHW3sF/6C6CYhu9+nP8bh1JcuiuHq3zlYZLv2zQQQ=
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Subject: Activation de votre compte Mydomain
From: Mydomain <[email protected]>
To: *********@hotmail.fr
Date: Wed, 09 Jul 2014 15:18:03 -0000
Message-ID: <[email protected]>
Return-Path: [email protected]
X-OriginalArrivalTime: 09 Jul 2014 15:18:05.0604 (UTC) FILETIME=[FB999E40:01CF9B88]

Now I really don't understand what causes the email to be flagged as spam. Also checked blacklists, the domain isn't blacklisted.

I also did a test here, the results are the same : DKIM detected and check PASS, SPF PASS, SpamAssassin Score: -2.011 "Message is NOT marked as spam", only empty box is "DomainKeys Information : Message does not contain a DomainKeys Signature" (I don't find anything explaining the difference with DKIM).

NB : After goncalopp's comment, I wondered if this question shouldn't be on Serverfault instead of here. Should I remove it and ask there?

2
pythondjangoemaildnsspam
How soon did you change the reverse DNS? Maybe it's still using cached results?loopbackbee
The IPv4 reverseDNS was changed few days ago. The IPv6 one (used by gmail) only few hours ago. Hotmail is using the IPv4, so it should detect the correct domain. I noticed something else, editing in my question.Raphael Laurent
Updated with new tests I made, still considered as spamRaphael Laurent
what's your /etc/mailname? And hostname --fqdn?loopbackbee
I checked on your two websites and as all checked I already did (and believe me, I did a lot), not blacklisted. My emails are marked as spam on Gmail and Hotmail (I didn't check more like Yahoo, etc, but Gmail and Hotmail are already a big part of the marked so it's enough to bother me). I'll try to send a ticket to both tech supports to try to have more informations.Raphael Laurent

2 Answers

0
votes

So after changing few settings I managed to have this header (masked IP address and domain for confidentiality). It sems to be clean header and passes all authentication tests :

Delivered-To: **********@gmail.com
Received: by 10.140.103.77 with SMTP id x71csp25213qge;
        Thu, 17 Jul 2014 07:12:51 -0700 (PDT)
X-Received: by 10.180.109.168 with SMTP id ht8mr22242453wib.68.1405606370624;
        Thu, 17 Jul 2014 07:12:50 -0700 (PDT)
Return-Path: <no-reply@**********.com>
Received: from mail.**********.com (**********com. [**********])
        by mx.google.com with ESMTP id r8si9159599wia.83.2014.07.17.07.12.48
        for <**********@gmail.com>;
        Thu, 17 Jul 2014 07:12:50 -0700 (PDT)
Received-SPF: pass (google.com: domain of no-reply@**********.com designates ********** as permitted sender) client-ip=**********;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of no-reply@**********.com designates ********** as permitted sender) smtp.mail=no-reply@**********.com;
       dkim=pass header.i=@**********.com
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=**********.com;
 i=@**********.com; q=dns/txt; s=selector; t=1405606368; h=MIME-Version
 : Content-Type : Content-Transfer-Encoding : Subject : From : To : Date
 : Message-ID; bh=PblNSkQvil33DWRvqe8DinhP7RB+k1OiDCBjgpR7DuE=; b=T4ti1yJsxUE2Uav6UYr+WznqZFrDVvAIoUN8G6voMWr4hUGVdC7u+QkR+d87SY4cN0nklbTWBXJ7gSOhR6r1d0NQZbg3jmRZzYxofPwayMRicYfUw1brWnrSnCUDQ98aUPv4qi9okb2/8vuu5yCKk5irarGrNQk+smnhVEFbqbA=
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Subject: Activation de votre compte **********
From: ********** <no-reply@**********.com>
To: **********@gmail.com
Date: Thu, 17 Jul 2014 14:12:48 -0000
Message-ID: <20140717141248.2687.75060@**********.com>

It is still going straight to the spam folder. According to what I read here and there, it seems that my domain has to gain "trust" before being considered as "non-spam" (i.e. users have to flag it as "non-spam" and my domain should then be recognized better).

If anyone has any more suggestions, I take with pleasure :)

0
votes

Hotmail/Outlook has the snds (Smart Network Data Service) you can register your ip and check the reputation, mail volume, bounces, traps. Maybe you have a bad reputation.

https://postmaster.live.com/snds/