Welcome to Centmin Mod Community
Become a Member

Email Domains Email Still Going To SPAM Even after DKIM,SPF,RDS Is set

Discussion in 'Domains, DNS, Email & SSL Certificates' started by Varun, Apr 9, 2018.

  1. Varun

    Varun Premium Member Premium Member

    36
    2
    8
    Apr 6, 2018
    India, Tamil Nadu, Chennai
    Ratings:
    +3
    Local Time:
    4:34 AM
    1.13.11
    I have done all the required steps to get my emails going to inbox as per
    https://community.centminmod.com/th...ver-email-doesnt-end-up-in-spam-inboxes.6999/


    but still my emails are going to spam in gmail.

    I have a proper

    1. SPF
    2. DKIM
    3. RDNS / PTR
    4. DMARC record
    5. Google Postmaster.

    Email Headers in Gmail Looks Like this
    Image URL : http://s.svarun.in/o0

    Please fill in any relevant information that applies to you:
    • CentOS Version: CentOS 7 64bit ?
    • Centmin Mod Version Installed:123.09beta01
    • Nginx Version Installed: Latest With Beta Build
    • PHP Version Installed:Latest With Beta Build
    • MariaDB MySQL Version Installed:Latest With Beta Build
    • When was last time updated Centmin Mod code base ? : Fresh install
    • Persistent Config: None
     
  2. eva2000

    eva2000 Administrator Staff Member

    33,720
    7,466
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,478
    Local Time:
    9:04 AM
    Nginx 1.13.x
    MariaDB 5.5
    • Have you checked if SPF/DKIM/PTR and DMARC are working ? i.e. use http://www.mail-tester.com/ Gmail headers look correct though - you should look at the source email headers in Gmail and not just the shorten version.
    • Have you checked if any domains mentioned in the emails and not just the sending domain are on blacklists ?
    From https://community.centminmod.com/th...ver-email-doesnt-end-up-in-spam-inboxes.6999/
    Straight from Amazon SES best practices guide, you should also check the URL links that you use in your emails against blacklists as well, because some ISPs will block email with blacklisted links. URIBL.com and SURBL.org are two very useful sites that you can use to determine whether your links are blacklisted.

    Remember to check any links provided to you by a third party or any link shorteners, which obfuscate your domain or links. If you extensively use link shortener domains in emails, it could be the domain has been blacklisted or marked as spam too.
     
  3. Varun

    Varun Premium Member Premium Member

    36
    2
    8
    Apr 6, 2018
    India, Tamil Nadu, Chennai
    Ratings:
    +3
    Local Time:
    4:34 AM
    1.13.11
    Yes i did everything. and still i can see my emails are sent to spam. !!

     
  4. Varun

    Varun Premium Member Premium Member

    36
    2
    8
    Apr 6, 2018
    India, Tamil Nadu, Chennai
    Ratings:
    +3
    Local Time:
    4:34 AM
    1.13.11
  5. eva2000

    eva2000 Administrator Staff Member

    33,720
    7,466
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,478
    Local Time:
    9:04 AM
    Nginx 1.13.x
    MariaDB 5.5
    That looks good though

    How is the email being sent out, via php script like wordpress ? Did you make sure SPF/DKIM/DMRAC is setup for main server hostname too and not just @yourdomain.com ? Usually main hostname server sent emails are sent from @somehostname.yourdomain.com where main hostname setup in step 1 of Getting Started Guide.

    For server main hostname DKIM, use addons/opendkim.sh addon script for Centmin Mod users' email sent from their @mainhost.yourdomain.com. For emails @yourdomain.com, your 3rd party email provider will have DKIM setup instructions.

    Testing Server Sent Emails



    Use Newsletters spam test by mail-tester.com to send a test email from your server to the email address listed on the mail-tester.com web site - DO NOT leave the site yet though.

    To Test Server Sent Email

    For example if the site lists email web-1a0xv@mail-tester.com, in SSH you use mail command line to sent a test email with subject "mail-tester" and email contents of "mail-test"
    Code (Text):
    echo "mail-test" | mail -s "mail-tester" web-1a0xv@mail-tester.com
    


    To Test PHP mail() Sent Email

    To test PHP mail() function sent email, create a test-mail.php file (can be any name you want) with contents - changing the web-1a0xv@mail-tester.com to whatever you see on mail-tester.com web site
    PHP:
    <?php
        ini_set
    ('display_errors'1);
        
    error_reporting(-1);
        
    mail ('web-1a0xv@mail-tester.com''Postfix Test''A test email') || print_r(error_get_last());
    ?>
    save test-mail.php to /home/nginx/domains/domain.com/public/ web root directory and then open up domain.com/test-mail.php on your server. Remember to delete test-mail.php afterwards.

    Then click the 'then check your score' button on mail-tester.com site. It will check the email you sent and all it's email headers and give you a report card for the sending domain which is usually your main hostname in default Centmin Mod setups i.e. if sending email is root@hostname.domain.com, then sending domain is hostname.domain.com. You can ignore for subdomains the warning of no MX records for subdomain/hostnames as subdomain/hostnames don't require MX records only the @domain.com domain for receiving emails. This main hostname domain hostname.domain.com would be important for emails sent from your Centmin Mod server so need the required SPF, DKIM, DMARC and PTR DNS records mentioned above.

    This checks php mail() from server sent From = root@host.domain.com where host.domain.com is your main hostname. To test php mail() with a proper From = your@domain.com which maybe set in your PHP web app like Xenforo, Wordpress etc. Use a slight variation of the test-mail.php php file below - changing the web-1a0xv@mail-tester.com to whatever you see on mail-tester.com web site and changing YOURFROM@domain.com email address to the one you set in your PHP web app like Xenforo, Wordpress etc:
    PHP:
    <?php
        ini_set
    ('display_errors'1);
        
    error_reporting(-1);
       
    $headers "From: YOURFROM@domain.com";
        
    mail ('web-1a0xv@mail-tester.com''Postfix Test''A test email',$headers) || print_r(error_get_last());
    ?>
    then open up domain.com/test-mail.php on your server. Then click the 'then check your score' button on mail-tester.com site

    You can also test your @domain.com emails via SSH by adding the From email -r
    Code (Text):
    echo "mail-test" | mail -s "mail-tester" -r user@domain.com your@gmail.com
    

    Then checking your Gmail account including spam box for the email and looking at 'Show Original' for full headers.

    You can also test other target emails i.e. your @gmail.com account via SSH command
    Code (Text):
    echo "mail-test" | mail -s "mail-tester" your@gmail.com
    

    Then checking your Gmail account including spam box for the email and looking at 'Show Original' for full headers.

    Example of Gmail received email's 'Show Original' headers where my centminmod.com domain has working SPF, DKIM and DMARC DNS records setup from my 3rd party Google App/Gsuite email provider service. This is from email sent from my server where from email field was @centminmod.com.

    [​IMG]

    Notes For Web App Sent Emails



    Now if you use a web app like Wordpress, Xenforo, IP.Board, Magento, etc to sent emails. Then emails can either be sent as is via Centmin Mod Postfix MTA server via root@host.domain.com where receiving email servers would evaluate the SPF, DKIM, DMARC and PTR DNS records for sending domain @host.domain.com. If server's main hostname i.e. host.domain.com has valid DNS records, then email will be less likely sent to spam box or being rejected by receiving email server.

    If however, your web app allows you to set a from email field and you sent emails from say user@domain.com, then receiving email servers would evaluate the SPF, DKIM, DMARC and PTR DNS records for sending domain @domain.com so your domain.com would need to have those DNS records setup. The above Gmail 'Show Original' email headers screenshot above is an example of such cases.

    Using above mail-tester.com online tool is easiest way to check if all those SPF, DKIM, DMARC and PTR DNS records for sending domain @host.domain.com and @domain.com are setup correctly.

    Main Host Name Setup



    There is a reason the official Centmin Mod Getting Started Guide Step 1 outlines a proper main hostname SPF, DKIM, DMARC and PTR DNS records setup, as it is used for many purposes such as statistics hosting on main hostname vhost, phpmyadmin.sh installer setup of phpmyadmin on main hostname but also for ensuring proper email delivery from main hostname for emails sent from the server.

    As such your main hostname for your Centmin Mod server needs to be unique. The main hostname has a separate Nginx vhost config file at /usr/local/nginx/conf/conf.d/virtual.conf where server_name defined there is auto populated to the server main hostname.

    You can check if the main hostname is uniquely setup via this grep command in SSH type
    Code (Text):
    grep -rw server_name /usr/local/nginx/conf/conf.d/ | grep -w "$(hostname)"
    

    Ensure only 1 entry match is found and that is usually the one contained in main hostname's Nginx vhost config file at /usr/local/nginx/conf/conf.d/virtual.conf

    example output of 1 entry match you should expect as host.domain.com should only be referenced once in server_name for main hostname's Nginx vhost config file at /usr/local/nginx/conf/conf.d/virtual.conf
    Code (Text):
    grep -rw server_name /usr/local/nginx/conf/conf.d/ | grep -w "$(hostname)"
    /usr/local/nginx/conf/conf.d/virtual.conf:            server_name host.domain.com;
    


    If they don't match or if more than one Nginx vhost file is returned from the grep search, then you need to change and update DNS for the main hostname as per Centmin Mod Getting Started Guide Step 1 and then edit the server_name listed in /usr/local/nginx/conf/conf.d/virtual.conf to the newly changed main hostname.

    The main hostname domain i.e. host.domain.com is the domain that server sent emails via Postfix MTA is sent from, so needs to properly setup on server and with proper DNS records.
     
  6. Varun

    Varun Premium Member Premium Member

    36
    2
    8
    Apr 6, 2018
    India, Tamil Nadu, Chennai
    Ratings:
    +3
    Local Time:
    4:34 AM
    1.13.11
    Hi,

    These are the records. are added in my domain dns

    DNS Records : http://s.svarun.in/pg

    I have used php to send a test email.

    When used this ssh cmd
    Code (Text):
    echo "mail-test" | mail -s "mail-tester" your@gmail.com
    


    I got the below details in gmail headers
    Details : http://s.svarun.in/pi[/CODEB]
     
  7. eva2000

    eva2000 Administrator Staff Member

    33,720
    7,466
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,478
    Local Time:
    9:04 AM
    Nginx 1.13.x
    MariaDB 5.5
    Did you setup the wordpress site on subdomain which is same as main hostname ? that's maybe the issue

    When you install Centmin Mod it's setup a main hostname nginx vhost host for server which is where Nginx default install index page is shown. Accessing server via IP address will show that page and it's correct and should be left as is as the main hostname site is also used for statistics pages outlined here. When you create a new Nginx vhost site via centmin.sh menu option 2, 22 or nv commands, you have a separate Nginx vhost directory structure. The differences are outlined on official Config file page and at Getting Started Guide step 1 and bottom of that page here.
    What does your /usr/local/nginx/conf/conf.d/virtual.conf and /usr/local/nginx/conf/conf.d/yourdomain.com.conf or /usr/local/nginx/conf/conf.d/yourdomain.com.ssl.conf contents look like ? Make sure virtual.conf main hostname's server_name isn't same as any added nginx vhost site's domain name as per Getting Started Guide step 1, the main hostname needs to be unique. If the same, just following Getting Started Guide step 1 again to change the main hostname domain to a hostname/subdomain different from your wordpress domain.

    You can check via recursive grep filter of your domain name in vhost directory at /usr/local/nginx/conf/conf.d
    Code (Text):
    grep -rnw 'yourdomain.com' /usr/local/nginx/conf/conf.d
    

    Also check DNS is correct use dig to check DNS for domain
    Code (Text):
    dig +short A @8.8.8.8 yourdomain.com
    dig +short A @8.8.8.8 www.yourdomain.com
    dig +short A @8.8.8.8 hostname.yourdomain.com
    

    check HTTP headers via curl for both HTTP (and HTTPS if you have HTTPS/SSL)
    Code (Text):
    curl -I http://yourdomain.com
    curl -I http://www.yourdomain.com
    curl -I https://yourdomain.com
    curl -I https://www.yourdomain.com
    curl -I http://hostname.yourdomain.com
    


    Essentially you should have one set of SPF/DKIM/DMARC DNS records for @yourdomain.com and one set for @hostname.yourdomain.com where hostname is your main hostname setup in Getting Started Guide step 1 and virtual.conf main nginx vhost should be for hostname.yourdomain.com will nginx vhost yourdomain.com should be created via centmin.sh menu option 2, 22 or nv command.
     
  8. Varun

    Varun Premium Member Premium Member

    36
    2
    8
    Apr 6, 2018
    India, Tamil Nadu, Chennai
    Ratings:
    +3
    Local Time:
    4:34 AM
    1.13.11
    Hi,

    Thanks for the details.

    I have set the SFP,DKIM for only with the server hostname which is
    `charlesbabbage.svarun.in`

    and i used centmin menu 2 to create a new v host in the name of `iupload.svarun.in`
    in that i am using php file with mail function to send an testemail.

    svarun.in points to 167.99.79.68
    iupload.svarun.in points to 167.99.79.68
    charlesbabbage.svarun.in points to 167.99.79.68

    www.svarun.in i haven't set it. yet

    i have generated hostnames DKIM using centmin mod addon. but for the domains i haven't because centmin dose not allow me to generate.

    and i dont need a email server for it. but i just need php to send emails to gmail inbox.
     
  9. eva2000

    eva2000 Administrator Staff Member

    33,720
    7,466
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,478
    Local Time:
    9:04 AM
    Nginx 1.13.x
    MariaDB 5.5
    need that set too for SPF/DKIM/DMARC and reverse PTR at your 3rd party email provider i.e. Zoho/Gsuite/Live/Microsoft for if using php scripts like wordpress, xenforo etc as your from email might be @svarun.in while server sent emails from postfix will be from @charlesbabbage.svarun.in
     
  10. Varun

    Varun Premium Member Premium Member

    36
    2
    8
    Apr 6, 2018
    India, Tamil Nadu, Chennai
    Ratings:
    +3
    Local Time:
    4:34 AM
    1.13.11
    You mean that i need to set A record for www.svarun.in to 167.99.79.68

    right ?

     
  11. eva2000

    eva2000 Administrator Staff Member

    33,720
    7,466
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,478
    Local Time:
    9:04 AM
    Nginx 1.13.x
    MariaDB 5.5
    both www and non-www domains need DNS A to server IP address and svrun.in needs proper SPF/DKIM/DMARC setup according to your 3rd party @domain.com email provider i.e. Zoho, Google Gsuite/Google Apps etc
     
  12. Varun

    Varun Premium Member Premium Member

    36
    2
    8
    Apr 6, 2018
    India, Tamil Nadu, Chennai
    Ratings:
    +3
    Local Time:
    4:34 AM
    1.13.11
    Ok got it since i dont use 3rd party email system because there is no need for email in that domain how i can setup a proper DKIM
    will centmin will allow me me to generate ?
     
  13. eva2000

    eva2000 Administrator Staff Member

    33,720
    7,466
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,478
    Local Time:
    9:04 AM
    Nginx 1.13.x
    MariaDB 5.5
    DKIM/SPF/DMARC can only be setup for @domain.com sent emails if you are using a 3rd party email provider as they would provide instructions during setup and configuration to set up DKIM/SPF/DMARC. Some 3rd party @domain email providers are discussed at Email - Free @yourdomain.com Email Accounts & Alternatives

    If you don't use 3rd party email, then any outbound email using @domain.com for from email header won't work. Any php/mysql app sent email won't have a valid from email address if your from email is set to @domain.com. If installed wordpress with an email other than same @domain.com i.e. used @domain2.com which you own domain2.com, then you need DKIM/SPF/DMARC setup with @domain2.com with your 3rd party provider. If you used free email service like @gmail.com when setup wordpress, then from email header for outbound emails would be @gmail.com and you won't have control over DKIM/SPF/DMARC so emails sent via wordpress may end up in spam boxes as reverse PTR, DKIM, SPF and DMARC don't verify.

    Centmin Mod doesn't support @domain.com email receiving or IMAP/POP, it's only configured for outbound server sent email with Postfix for main hostname @hostname.yourdomain.com by default and requires you to sign up for 3rd party @domain email providers for inbound emails for IMAP/POP discussed at Email - Free @yourdomain.com Email Accounts & Alternatives
     
  14. Varun

    Varun Premium Member Premium Member

    36
    2
    8
    Apr 6, 2018
    India, Tamil Nadu, Chennai
    Ratings:
    +3
    Local Time:
    4:34 AM
    1.13.11
    @eva2000

    I bought an account @ mxroute.com
    And configured SPF,DKIM & DMARC and still email is going to spam !!

    since i am new to centmin mod. i am fully confused.!
     
  15. eva2000

    eva2000 Administrator Staff Member

    33,720
    7,466
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,478
    Local Time:
    9:04 AM
    Nginx 1.13.x
    MariaDB 5.5
    I'd check the mxroute.com mail server's reported IP reputation and make sure it isn't in a blacklist. But since mxroute like other 3rd party email providers are a paid service, you can leverage their tech support to figure out what's going on as once you're using 3rd party email providers and your web apps/scripts are sending email with the from address being @yourdomain.com which is using mxroute.com mail servers, then any spam and email deliverability issues is all from mxroute.com and not centmin mod.

    You did check any and all domains mentioned in emails with URIBL.com and SURBL.org which are two very useful sites that you can use to determine whether your links are blacklisted. You need to check not just sending email domain but any domain listed in the actual email body content.

    Also try sending emails to a different email address than the one you're testing with as some providers like google/gmail will need time to train them to not mark as spam. You can speed things up by adding the sending email address to your contacts list as that tells google that email address isn't spam.

    Unfortunately, there's many many reasons why email deliverability and marking as spam can occur which is why Centmin Mod doesn't add @yourdomain.com email support and suggests 3rd party email providers as they can provide the technical support required to get things working.
     
  16. eva2000

    eva2000 Administrator Staff Member

    33,720
    7,466
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,478
    Local Time:
    9:04 AM
    Nginx 1.13.x
    MariaDB 5.5
    One more thing to try

    you can also test your @domain.com emails via SSH by adding the From email -r where user@domain.com is your mxroute.com setup email and your@gmail.com is your destination email address or use http://www.mail-tester.com/ test email for destination email address and see what it returns
    Code (Text):
    echo "mail-test" | mail -s "mail-tester" -r user@domain.com your@gmail.com
    
     
..