July 17 2016

Sending Email Checklist

Email is one of those pains that every server admin must go through. Between possibily being blacklisted, setting up DNS records, and trying to not go into a SPAM folder, it’s just a nightmare! Fortunately, it’s pretty simple to fix.

  • Make sure you have a hostname that’s not localhost.localdomain
    • By default all 1&1 CloudServers configure this way, though cPanel asks to set up a hostname during the creation process.
    • Name it something that’s going to actually resolve: cloudserver1.mydomain.com should have an A record that points back to your server. You don’t need anything listening like HTTP, just make sure the hostname resolves.
  • Make sure you’re not blacklisted.
    • It doesn’t matter if the IP was blacklisted before hand or not, check the ip and get information about why it’s blacklisted. Chances are, it’s because an email went out while you were still “localhost.localdomain”
    • Blacklist removals are almost too simple, instead of trying to find a “clean” ip, just get it removed and take ownership of your new address.
  • Create a PTR record for the IP and set it to your hostname.
    • cloudserver1.mydomain.com => 123.123.123.123 so 123.123.123.123 => cloudserver1.mydomain.com
  • Set up an SPF record on the domains that are sending mail or on the domain of the mailserver that’s going to be used
    • Remember to have ipv4 and/or ipv6 listed: “v=spf1 ipv4:123.123.123.123 -all”
    • Use both SPF records and TXT records with the SAME values
  • Ensure that you can communicate on port 25 from the server that’s sending email
    • Try telnetting to a remote server on port 25 from your server. If you can’t communicate outbound on 25, it’s likely blocked
      • 1&1 by default filters port 25 on CloudServers to limit spam. If you’re sure you have security setup (all email clients will come through via 587, you won’t operate an open relay, etc) then call and ask to have the port unfiltered.

 

If after doing all of this, 1 of 3 things should happen:

  • You email gets sent and hits the inbox without issue
    • Congrats, you’ve successfully set up your email server!
  • Your email gets sent and hits the spam folder
    • Check the email headers and look for why it was filtered and fix it
      • Received-SPF: softfail (google.com: domain of transitioning [email protected] does not designate 123.123.123.123 as permitted sender) <== This means that you don't have ipv4:123.123.123.123 in your SPF record (and you used ~all)!
      • Received-SPF: neutral (google.com: 123.123.123.123 is neither permitted nor denied by best guess record for domain of [email protected]) <== This means you don't have an SPF record at all!
  • Your email doesn’t get sent out at all
    • Check your MailLog or any bounceback you receive to try and fix it:
      • “Refused to talk to me” – chances are you’re blacklisted. Check for a postmaster link and recheck your domain/ip for blacklists
      • “550-5.7.1 [123.123.123.123] The IP address sending this message does not have a PTR record setup. As a policy, Gmail does not accept messages from IPs with missing PTR records.” <== This means that you don’t have a PTR record setup!

 



Copyright 2020. All rights reserved.

Posted July 17, 2016 by Timothy G in category "1&1 Internet", "Tutorials

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.