problem sending to outlook.com

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

problem sending to outlook.com

Lars Nielsen
Hi,
This Thursday i had problems sending mails to outlook.com addresses. I
found out that MS thought my mail-server was suspicious and had blocked
me as sender. I could however mail to them and gotten my server allowed
again.

But how can i ensure that i run a "professional" mail server that
doesn't get blocked? I have attached my "postconf -n" output here so you
can see if i miss something obvious!?

Thanks for you help
Best regards
Lars Nielsen

=================
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
allow_percent_hack = no
append_dot_mydomain = no
biff = no
bounce_queue_lifetime = 3d
config_directory = /etc/postfix
default_destination_concurrency_limit = 3
delay_warning_time = 4h
disable_vrfy_command = yes
home_mailbox = Maildir/
inet_interfaces = all
inet_protocols = all
initial_destination_concurrency = 1
mailbox_command =
mailbox_size_limit = 0
maximal_backoff_time = 8000s
maximal_queue_lifetime = 5d
minimal_backoff_time = 600s
mydestination =
myhostname = mail.lfw.dk
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 myhomeip/32
myserverip/32
mynetworks_style = host
myorigin = lfw.dk
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_helo_timeout = 60s
smtp_tls_cert_file = /etc/postfix/client.pem
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_client_restrictions = reject_rbl_client sbl.spamhaus.org,
reject_rbl_client blackholes.easynet.nl
smtpd_delay_reject = yes
smtpd_error_sleep_time = 20
smtpd_hard_error_limit = 12
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated,
warn_if_reject reject_non_fqdn_hostname, reject_invalid_hostname,
regexp:/etc/postfix/helo.regexp, permit
smtpd_junk_command_limit = 2
smtpd_recipient_limit = 16
smtpd_recipient_restrictions = check_client_access
hash:/etc/postfix/helo_client_exceptions check_sender_access
hash:/etc/postfix/sender_checks, permit_sasl_authenticated,
permit_mynetworks, reject_invalid_hostname, reject_non_fqdn_recipient,
reject_unknown_sender_domain, reject_unknown_recipient_domain,
reject_unauth_destination, reject_unauth_pipelining, check_client_access
hash:/etc/postfix/rbl_client_exceptions, reject_rbl_client
cbl.abuseat.org, reject_rbl_client sbl-xbl.spamhaus.org,
reject_rbl_client bl.spamcop.net, reject_rhsbl_sender
dsn.rfc-ignorant.org, permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions = permit_mynetworks, warn_if_reject
reject_non_fqdn_sender, reject_unknown_sender_domain,
reject_unauth_pipelining, permit
smtpd_soft_error_limit = 3
smtpd_tls_CAfile = /etc/ssl/intermediate.ca.pem
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/postfix/client.pem
smtpd_tls_key_file = /etc/ssl/mail.lfw.dk.pem
smtpd_tls_loglevel = 3
smtpd_tls_mandatory_protocols = !SSLv2
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
swap_bangpath = no
tls_random_source = /dev/urandom
unknown_address_reject_code = 554
unknown_client_reject_code = 554
unknown_hostname_reject_code = 554
unknown_local_recipient_reject_code = 450
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /var/spool/mail
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 51200000
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 5000
virtual_transport = virtual
virtual_uid_maps = static:5000

Reply | Threaded
Open this post in threaded view
|

Re: problem sending to outlook.com

Mike Coddington
On Sun, Apr 03, 2016 at 12:41:58PM +0200, Lars Nielsen wrote:
> Hi,
> This Thursday i had problems sending mails to outlook.com addresses.
> I found out that MS thought my mail-server was suspicious and had
> blocked me as sender. I could however mail to them and gotten my
> server allowed again.
>
> But how can i ensure that i run a "professional" mail server that
> doesn't get blocked? I have attached my "postconf -n" output here so
> you can see if i miss something obvious!?

From what I've noticed online, the biggest factor in whether your mail gets delivered to these big e-mail providers is your IP address. If you're self-hosting from your cable provider's DHCP pool, expect some of your mail to not be delivered. Unfortunately, big e-mail providers like Yahoo, Comcast, AOL, Microsoft, etc. can afford to throw their weight around and make you and I conform to their standards. If your server's on a network that is intended for servers, then the next thing that seems to matter is a reverse DNS record. Make sure your network provider has assigned you one and that it matches your hostname.

I've also had good luck using this free tool called Mail Tester:
https://www.mail-tester.com/

It'll check the content of your mail and give it a score depending on how likely it is for the mail to be delivered to an inbox.

-Mike
Reply | Threaded
Open this post in threaded view
|

Re: problem sending to outlook.com

Curtis Villamizar
In reply to this post by Lars Nielsen
In message <[hidden email]>
Lars Nielsen writes:

>
> Hi,
> This Thursday i had problems sending mails to outlook.com addresses. I
> found out that MS thought my mail-server was suspicious and had blocked
> me as sender. I could however mail to them and gotten my server allowed
> again.
>  
> But how can i ensure that i run a "professional" mail server that
> doesn't get blocked? I have attached my "postconf -n" output here so you
> can see if i miss something obvious!?
>  
> Thanks for you help
> Best regards
> Lars Nielsen

I have no idea but I did also get blocked.  Since I only know two
people that I send mail to with M$oft email services, and had only
recently sent only one email I could narrow it down to the content.

The content was something along the lines of "please preview this web
content on web-test.a-domain-i-use and oh btw you'll need to use https
and the cert doesn't cover web-test so click through the warnings".  I
think that was it.  The email referenced a https URL with bad cert
(valid for @, www, but not web-test).

I called.  Tech said they don't save messages or reasons for rejection
and could not give a reason but once resolved you're sort of
semi-whitelisted (low mail volume and a real human responded so they
won't be so touchy next time).  Their spam methods are proprietary.

Nothing in your config jumps out as bad (to me).  You could DKIM sign
your mail and add DKIM and SPF DNS records (maybe DMARC, though I
don't do that but might in the near future).  DKIM and SPF pass can
only help, even if just a little, and DKIM+SPF+DMARC can make sure
that forgery doesn't penalize your domain.

Maybe someone that actually knows what they are talking about will
weigh in on this thread.  :-)

Curtis


> =================
> alias_database = hash:/etc/aliases
> alias_maps = hash:/etc/aliases
> allow_percent_hack = no
> append_dot_mydomain = no
> biff = no
> bounce_queue_lifetime = 3d
> config_directory = /etc/postfix
> default_destination_concurrency_limit = 3
> delay_warning_time = 4h
> disable_vrfy_command = yes
> home_mailbox = Maildir/
> inet_interfaces = all
> inet_protocols = all
> initial_destination_concurrency = 1
> mailbox_command =
> mailbox_size_limit = 0
> maximal_backoff_time = 8000s
> maximal_queue_lifetime = 5d
> minimal_backoff_time = 600s
> mydestination =
> myhostname = mail.lfw.dk
> mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 myhomeip/32
> myserverip/32
> mynetworks_style = host
> myorigin = lfw.dk
> readme_directory = no
> recipient_delimiter = +
> relayhost =
> smtp_helo_timeout = 60s
> smtp_tls_cert_file = /etc/postfix/client.pem
> smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
> smtpd_client_restrictions = reject_rbl_client sbl.spamhaus.org,
> reject_rbl_client blackholes.easynet.nl
> smtpd_delay_reject = yes
> smtpd_error_sleep_time = 20
> smtpd_hard_error_limit = 12
> smtpd_helo_required = yes
> smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated,
> warn_if_reject reject_non_fqdn_hostname, reject_invalid_hostname,
> regexp:/etc/postfix/helo.regexp, permit
> smtpd_junk_command_limit = 2
> smtpd_recipient_limit = 16
> smtpd_recipient_restrictions = check_client_access
> hash:/etc/postfix/helo_client_exceptions check_sender_access
> hash:/etc/postfix/sender_checks, permit_sasl_authenticated,
> permit_mynetworks, reject_invalid_hostname, reject_non_fqdn_recipient,
> reject_unknown_sender_domain, reject_unknown_recipient_domain,
> reject_unauth_destination, reject_unauth_pipelining, check_client_access
> hash:/etc/postfix/rbl_client_exceptions, reject_rbl_client
> cbl.abuseat.org, reject_rbl_client sbl-xbl.spamhaus.org,
> reject_rbl_client bl.spamcop.net, reject_rhsbl_sender
> dsn.rfc-ignorant.org, permit
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_local_domain = $myhostname
> smtpd_sasl_security_options = noanonymous
> smtpd_sender_restrictions = permit_mynetworks, warn_if_reject
> reject_non_fqdn_sender, reject_unknown_sender_domain,
> reject_unauth_pipelining, permit
> smtpd_soft_error_limit = 3
> smtpd_tls_CAfile = /etc/ssl/intermediate.ca.pem
> smtpd_tls_auth_only = yes
> smtpd_tls_cert_file = /etc/postfix/client.pem
> smtpd_tls_key_file = /etc/ssl/mail.lfw.dk.pem
> smtpd_tls_loglevel = 3
> smtpd_tls_mandatory_protocols = !SSLv2
> smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
> smtpd_use_tls = yes
> swap_bangpath = no
> tls_random_source = /dev/urandom
> unknown_address_reject_code = 554
> unknown_client_reject_code = 554
> unknown_hostname_reject_code = 554
> unknown_local_recipient_reject_code = 450
> virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
> virtual_gid_maps = static:5000
> virtual_mailbox_base = /var/spool/mail
> virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
> virtual_mailbox_limit = 51200000
> virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
> virtual_minimum_uid = 5000
> virtual_transport = virtual
> virtual_uid_maps = static:5000